
Key facts.
- On SWE-bench Pro, a harder real-world software-engineering benchmark, leading models resolve only about 23% of issues, evidence that AI-assisted engineering still leaves most of the hard work, and its cost, with the human (reported). source
- A Cloud Security Alliance survey of security professionals reported that a majority see AI-generated code and agent autonomy as raising new security review burdens, so the review and remediation cost rides on a large share of agent output (reported). source
- Industry cost analysis shows agent conversation cost can grow steeply with context because each call re-reads the accumulated history, so the maintenance of context discipline is itself an ongoing engineering cost (reported). source
Which hidden costs actually move the total?
Four of them, in rough order of surprise. Engineering time to debug, because a non-deterministic agent does not fail the way a deterministic service does, and SWE-bench Pro's ~23% resolve rate shows the agent leaves most of the hard work, and its cost, with the human. Human oversight, because at any failure rate above zero someone reviews the consequential outputs, and that headcount is a recurring cost, not a one-time build. Security, because the Cloud Security Alliance survey shows a large share of generated output carries review burden that has to be cleared before it ships. And maintenance, because every model upgrade, prompt change, or new tool can shift behavior, so the agent needs continuous re-validation that a traditional script never does.
The reason these get missed is that the pilot does not trigger them. A pilot runs on curated cases with the builders watching, so debugging is folded into development, oversight is the team itself, security review has not happened yet, and there has been no model upgrade to maintain through. Production turns each of those into a standing line item, and the sum is what decides whether the agent beats the human or RPA process it was meant to replace.

How do you put a number on the hidden costs?
Estimate each one directly rather than assuming it folds into inference. For engineering, budget the debugging and re-validation time the agent will demand, informed by the fact that AI-assisted work is not automatically faster. For oversight, multiply your expected failure rate by the cost of a human reviewing or correcting each flagged output. For security, assume a meaningful share of generated artifacts needs review, as the Cloud Security Alliance survey implies. For maintenance, budget a recurring re-validation pass per model or tool change. Add those to inference and you have a total cost of ownership that survives the first quarter.
| Cost | Shows up in pilot? | Shows up in production |
|---|---|---|
| Inference | Yes | Yes, and usually smallest |
| Engineering / debugging | Hidden in dev | Recurring, can exceed the saving |
| Human oversight | The team itself | Standing headcount cost |
| Security review | Deferred | On a large share of output |
| Maintenance | No model upgrades yet | Per-change re-validation |
The Pattern Intelligence Layer is where the hidden costs become measurable instead of discovered. Failure rate, oversight load, and re-validation effort are properties tracked at the pattern level, so the total cost of ownership is known before scale rather than after the invoice. Reliability at the pattern level is also the reliability of the business case, which is what keeps the project funded.
Frequently asked questions
Is inference really the small part?
Often, yes. Engineering, oversight, security, and maintenance are recurring and human-heavy, and they scale with usage and change, not with token price.
Does a better model cut the hidden costs?
Not much. SWE-bench Pro shows leading models still resolve only ~23% of real issues, and security review burden does not fall with model size. The human and maintenance costs persist.
What is the most-underestimated line?
Maintenance. A traditional script is stable; an agent needs re-validation every time a model, prompt, or tool changes.

