When Software Buys Software: Inside the Agent-to-Agent Economy
For thirty years, software charged humans. You logged in, you approved a renewal, you swiped a card. In 2026, software started charging other software. AI agents now pay search engines per query, hire coding agents to fix their own bugs, and provision their own compute, all without a human approving the transaction in real time. The shift sounds small, but it changes who buys, how they buy, and what a software product even has to look like.
We have written about the macro version of this shift in AI autopilots vs copilots: services budgets are migrating toward AI vendors who sell the finished work. The agent-to-agent layer sits one floor down. It is the plumbing that lets those autopilot vendors operate at machine speed, and it is also the plumbing that lets your own agents go shop on your behalf. If autopilots are the new services, agent-to-agent commerce is the new B2B sales motion.
What Agent-to-Agent Commerce Actually Means
Strip the term to its primitives. An AI agent has three things that a traditional API client does not. It has a budget it can spend at runtime, not just a fixed contract a human pre-paid. It has an identity that is its own, distinct from any human user, with credentials that can be scoped, revoked, and audited. And it has a decision loop that lets it pick a counterparty mid-task, including counterparties it has never used before. Combine those three and you get a buyer that can transact at machine speed.
The simplest live example is search. A research agent built on a frontier model needs fresh web context for every question. It calls an AI-native search service like Exa, pays per query out of a session budget, and continues. The interesting part is not that the agent calls an API. It is that the agent could have called any of three search providers, picked one based on price and recency, and tomorrow would pick a different one. The relationship is per-call, not per-contract. Multiply this by code execution sandboxes, image generation, document parsing, and verticalized tools, and a single agent run can touch a dozen vendors before it returns an answer.
The accounting matters. Each agent call is a tiny transaction, often well under a cent, but the volume is high and the receipts have to land somewhere. That is why a layer of agent payment rails is now showing up. Some are crypto-native (Nevermined and similar projects exposing per-call payments to AI agents), some are stripped-down billing APIs aimed specifically at agent traffic, and the cloud providers are wiring this into their own consumption meters. None of this is exotic finance. It is just the mechanical answer to a buyer who shows up unannounced and pays in fractions of cents.
The First Agent-Native Loops Are Already Running
Three loops are visible in production today, in roughly the order they crossed the line.
Self-maintaining codebases. Tools like Kilo Code Cloud Agents and the "cloud" modes of Cursor and Claude Code dispatch coding agents that read a repository, identify failing tests, draft fixes, run them in sandboxed compute they paid for, and open a pull request. The widely cited Anthropic experiment that reported "84 bugs fixed for ten cents" is the early extreme of this pattern. The agent is not a developer assistant; it is a developer who buys its own laptop time. The team running it is increasingly small, sometimes one engineer per service, because the agent purchases what it needs and submits a PR for human review at the end.
Agent-native research and retrieval. Search providers built around the LLM call (Exa, Tavily, and similar) have priced and scoped themselves around agent buyers from day one. The pricing page reads like an agent meant to negotiate it, rate limits assume bursty fan-out, and the API surface is built for chained calls inside an agent loop. Compare that to a legacy search API designed for an app developer. Same category, very different product, because the customer is a different species.
Agent-shaped vertical services. The class of AI-native firms that are productizing professional work (legal NDA drafting, medical coding, claims adjusting, tier-one IT) is starting to expose its own agent-callable surface. Their human customers buy outcomes, but their internal stacks are wired so that another agent inside a corporate workflow can request the same outcome programmatically. That is how a procurement agent ends up "hiring" a legal autopilot to draft an NDA without anyone in legal touching the email.
Why This Is Happening Now
Three forcing functions have lined up in the last twelve months. First, narrow agent reliability crossed a threshold. For a tightly scoped task with verifiable output (run this test, fetch this fact, draft this paragraph), current frontier models complete the loop with high enough success rates that the cost of a wrong call is bounded. Operators have stopped asking "will the agent finish?" and started asking "what should the agent be allowed to spend on?"
Second, usage-based AI pricing is now the default rather than the exception. Every layer in the stack, from foundation models to vector databases to verticalized tools, prices on tokens, calls, or tasks. That makes agent buyers possible. Per-seat pricing assumes a person; per-call pricing assumes a buyer that might be either. Once the pricing curve fits machine traffic, the buyer follows.
Third, the infrastructure underneath has shipped. The very large compute commitments of the last year (Anthropic's multi-billion-dollar Google Cloud commitment and parallel Amazon agreement, OpenAI's networking and orchestration work, NVIDIA's optical-connectivity push with Corning) are not just AI hype. They are the substrate that lets agent traffic fan out cheaply, and they are why the cost per agent call keeps falling in the same year that agent volume is exploding. The macro and the micro are tied: cheaper compute makes more agent calls economic, which makes more vendors agent-callable, which pulls more traffic onto the substrate. We covered the velocity side of this in The AI Velocity Divide, and the production hardening question in running agents as host processes.
What This Breaks for Buyers and Sellers
Five concrete things break in the move from human-buyer SaaS to agent-buyer SaaS.
Per-seat pricing. An agent is not a seat. It can fan out into thousands of parallel tasks, or it can sit idle for days. Charging per agent identity is roughly as useful as charging per browser tab. Vendors who do not have a credible per-call or per-outcome SKU are about to look unaffordable for agent traffic, even if their per-seat list price is fine.
Free tiers. Free tiers were rate-limited by human attention. An agent has none. Whatever fraud and abuse vectors a free tier had before, multiply by a thousand. Most products will need to require authenticated agent identity to access free quotas, with stricter scoping than the human-user flow.
Procurement and vendor-risk. The classical model assumes a human signed an MSA before any spend. Agents discover and use services mid-task. Operators are responding with policy budgets (an agent has a wallet capped at, say, $50 per task), allow-lists of pre-approved vendors, and just-in-time vendor-risk gates that the agent must clear before it can settle a transaction with a new counterparty. None of this exists out of the box in most procurement suites yet.
Audit trails. Logs were built around user ids. Now they need to record the agent id, the policy that authorized the call, the prompt and tool inputs that produced the action, the model and version, the cost, and the outcome. If a regulator or a customer asks why a particular call happened, the answer involves an LLM and a policy file, not a person. Most logging stacks are several quarters away from this being clean.
The contract-of-record question. When an agent commits to a paid action that has consequences (a refund issued, an order placed, a contract drafted), who is on the hook? Today the working answer is "a single corporate principal owns the agent and inherits its commitments," but the case law is thin and the indemnity language in most vendor contracts predates this pattern. Expect this to be a real legal area in the next eighteen months.
A Short Playbook for Operators
Three moves cover most of what a small or mid-sized operator should do this year, regardless of whether you sell software or just consume it.
Move one: instrument your product for agent buyers, even if no agents are buying yet. Publish machine-readable pricing (a clean JSON or YAML version of your price book that an agent can fetch). Expose capability metadata so an agent can answer "does this product do X under constraint Y" without scraping. Offer scoped, revocable credentials with per-call rate limits, distinct from your human-user OAuth flow. Emit a per-call observability record (request id, cost, output, model). None of this is glamorous, and all of it pays back when the first agent shows up at your endpoint.
Move two: redesign your internal stack so your own agents can procure. Decide on policy budgets for each class of agent task. Build an allow-list of pre-approved vendors that meet your data and security bar, and an exception path for new ones. Wire your finance and audit logs to capture agent transactions cleanly, alongside human ones. We cover the implementation patterns for this in our agentic workflow guide for SMEs, and the production-isolation question in the host-process post.
Move three: decide explicitly whether you sell to humans, to agents, or to both. "Both" is a real answer, but it is not a free one. The packaging, the support model, the fraud surface, the docs, and the success metrics all change for agent buyers. A product that tries to be both without acknowledging the split usually ends up being good at neither. Pick a primary buyer and make the other one work, rather than averaging.
The Short Version
The buyer of software is changing species. Agents have wallets, identities, and the ability to pick a vendor at runtime. The first commercial loops are running today in code, search, and verticalized professional services. The substrate for cheap agent traffic is being poured at the macro level, and the unit of sale is moving from the seat to the call. Operators who instrument and price for agent buyers in 2026 will look obvious in 2028. Operators who wait will spend most of 2027 retrofitting per-seat products onto a per-call world. The originating digest for this brief is AlignedNews's AI page, and the broader thesis sits one layer above in services as the new software.
Frequently Asked Questions
What is agent-to-agent commerce?
Agent-to-agent commerce is when one AI agent pays another agent or service directly for a unit of work, without a human approving the transaction in real time. A research agent might call a search service and pay per query, a coding agent might purchase a sandbox environment for a few seconds, or a customer-service agent might escalate to a specialist agent and settle the cost on the way through. The agents have wallets, identities, and policy budgets, and the work happens at machine speed.
How is this different from one app calling another over an API?
Traditional API calls run inside a contract a human signed in advance, against a budget a human approved. The transaction is fixed, the spend is predictable, and the caller is software acting on behalf of a known user. Agent-to-agent commerce changes three things. The caller is the agent itself, not a logged-in user. The decision to spend is made at runtime, not at procurement time. And the counterparty can be discovered and paid programmatically, so an agent can use a service it has never used before. The loop tightens from contract to call.
Why does it change SaaS pricing?
Per-seat pricing assumes there is a person at the seat. When the buyer is an agent that can fan out across thousands of micro-tasks, per-seat collapses. The natural unit becomes the call, the token, the resolved task, or the verified outcome. That is why most agent-native vendors are launching with usage or outcome pricing from day one, and why incumbents who try to retrofit per-seat tiers onto agent traffic see either runaway costs or starved usage. The packaging has to match the buyer.
What is a real example I can point to today?
A research agent built on top of a major LLM calls Exa, an AI-native search API, for live web context. The call is metered per query and the agent can budget across thousands of queries per session. On the development side, products like Kilo Code run cloud agents that fix bugs, refactor code, and provision their own compute, with usage settled by the call rather than per developer. These are early loops, not theoretical. The pattern is small wallets, narrow scopes, and many transactions.
What does this break for procurement and audit?
Three things. First, vendor-risk processes assume a human signed a master agreement before any spend, but an agent can discover and use a new service mid-task. Procurement teams are starting to publish allow-lists and policy budgets that agents must respect. Second, audit trails were built around user actions, and now need to record agent identity, the policy under which a call was made, the prompt that triggered it, and the cost. Third, the contract-of-record question is open: when an agent commits to a paid action, who is the counterparty if something goes wrong? Most legal teams are settling this with a single corporate principal that owns the agent, but the case law is thin.
Should a small team care about this in 2026, or is it a 2028 problem?
Care now, plan now, but do not panic-rebuild. The first commercial loops are running today inside dev tools, search, and narrow customer-service flows, and the infrastructure for agent identity and payments is shipping. Most operators have twelve to eighteen months before agent buyers show up at the front door of a typical B2B SaaS product. The right move is to instrument and price for both human and agent buyers now, not to wait until a competitor lands the first agent contract.
How do I make my product safe for agent buyers?
Five concrete moves. Publish machine-readable pricing and capability metadata so an agent can compare you without scraping. Offer programmatic auth with scoped, revocable credentials and per-call rate limits. Add per-call observability the buyer can pull (request id, cost, output, model used). Define a clear escalation path for disputes, including refund logic an agent can trigger. And decide whether you want to be sold to humans, to agents, or to both, because the answers change your packaging, your support model, and your fraud surface.
Make Your Stack Agent-Ready
We help operators decide where agent-to-agent loops are worth wiring up first, what to expose so agent buyers can transact, and which procurement and audit gaps to close before the first agent shows up at your endpoint. Most reviews surface two or three changes that pay back inside a quarter.
Related Articles
AI Autopilots vs Copilots: Why Services Are Becoming the New Software
Cheaper, Easier, and Better: How AI Is Bending the Cost-Quality-Convenience Tradeoff
The AI Velocity Divide: Why a Small Group of Companies Is Shipping 10x Faster With AI
AI consultants with 100+ custom GPT builds and automation projects for 50+ Canadian businesses across 20+ industries. Based in Markham, Ontario. PIPEDA-compliant solutions.