Skip to content
Custom vs platform

AI Agent Platform Lock-In: The Risks Nobody Prices In

Orange ITS — AI engineering team 8 min read

Most vendor lock-in is discovered at the worst possible moment: when you want to leave.

A company builds a customer-facing AI agent on a managed platform. The product works. Then one of three things happens: the platform raises per-task pricing by 40%; a competitor releases a faster model the platform won’t support; or the platform gets acquired and your pricing tier is deprecated with no migration support. At that point, every workflow built in the platform’s proprietary format, every embedded prompt, every piece of conversation memory stored in their datastore — effectively theirs to control.

AI agent platform lock-in is not a theoretical risk. It’s a structural feature of how most agent platforms are designed. Understanding where it comes from — and what to demand in a vendor evaluation — is the difference between an agent that grows with your business and one that holds it hostage.

Where Lock-In Actually Materialises

Platform lock-in for AI agents is not one thing. It stacks up across at least five separate layers, and most evaluation checklists miss most of them.

Proprietary Workflow Formats

Many managed agent platforms store your agent’s logic — the sequence of tool calls, decision branches, memory lookups, and fallback handlers — in a proprietary JSON or visual-graph format that only runs on their infrastructure. There is no open standard equivalent to a Docker container or a plain Python script. If you want to move the agent to a different runtime, you are rewriting it from scratch, not exporting a file.

The question to ask any platform vendor before signing: Can you export a fully executable representation of the agent logic that runs independently of your infrastructure? If the answer involves their proprietary SDK or API calls back to their servers, you have your answer.

Embedded Prompts and Memory

Agent behaviour lives in its system prompt and in whatever memory context it accumulates. On some platforms, both are stored inside the platform’s datastores in a format only accessible through their API. If you have 10,000 structured conversation summaries that the agent uses to personalise responses, and they live in a proprietary vector store, migrating them means an export, a format conversion, and a re-indexing job — often with data loss.

Some platforms go further and build persona tuning and instruction-following behaviour into a proprietary fine-tuned model. At that point your agent’s identity is literally encoded into a weights checkpoint you cannot export.

Model Portability — or the Absence of It

Managed agent platforms increasingly bundle their own underlying LLM rather than routing to foundation models. That creates a useful product for them and a risk for you: the platform controls model quality, versioning, and deprecation. When they deprecate a model version and you must upgrade — potentially changing agent behaviour — you carry the testing and remediation cost while they collect the subscription fee.

Good architecture separates the agent runtime from the model. The platform should let you specify which model provider and version to use, and the contract should address what happens when a model you depend on is deprecated. Opacity on this point is itself a risk signal.

Pricing Model Changes and Usage Cliffs

Flat-fee platform subscriptions look attractive until usage scales. Most agent platforms tier aggressively: you pay per task execution, per API call, per seat, or per token — sometimes all four. What costs CHF 400/month at pilot scale can reach CHF 4,000/month at production volume, with no contractual protection against further increases. If exit is expensive because your logic, memory, and model are all proprietary, you lose pricing leverage. Platforms know this.

Before committing, calculate projected cost at 3× and 10× current volume, and ask whether the contract includes any pricing stability provisions.

Acquisition and Product Discontinuation Risk

The agent platform space is consolidating fast. Smaller vendors are acquisition targets for larger cloud providers and enterprise software companies — and acquisitions routinely result in pricing repositioning, product sunset, or forced migration to the acquirer’s stack. A vendor offering generous pricing today may be a much larger vendor’s upsell funnel within 18 months. Factor organisational stability into the evaluation alongside technical capability.

A Due-Diligence Checklist Before You Commit

Run these questions across any agent platform evaluation. They are not designed to disqualify vendors — they are designed to price the risk correctly.

Export and portability

  • Can you export agent logic in a format that runs without the vendor’s infrastructure?
  • Can you export all stored memory, embeddings, and training data in a standard format (JSON, CSV, JSONL)?
  • Is there an API for bulk data export, or only manual download?

Model flexibility

  • Can you specify which foundation model (and version) the agent uses?
  • What is the vendor’s published policy for model deprecation and migration timelines?
  • Can you bring your own fine-tuned model or system prompt, or does the platform override it?

Data residency and sovereignty

  • Where is your data stored geographically? For Swiss and EU businesses, this matters for nFADP and GDPR compliance — see AI Agents and GDPR. The EU AI Act adds a further compliance layer: high-risk AI system obligations apply from August 2026, making platform architecture decisions today a compliance decision for customer-facing deployments tomorrow.
  • Who owns conversation data? Can the vendor use it to train their own models?

Commercial terms

  • Is there a pricing cap or stability clause in the contract?
  • What are the termination rights, and how long does the vendor provide data access post-cancellation?
  • What is the migration support commitment if the product is discontinued or acquired?

Exit cost estimate

  • If you had to migrate in six months, what would it cost? (Estimate in developer days, not just money.)
  • Is there a documented migration path to open-source alternatives?

When Platform Lock-In Is an Acceptable Trade-Off

Platform lock-in is not always the wrong call. For a proof-of-concept or internal pilot with a 90-day scope, the speed-to-deploy advantage of a managed platform usually outweighs the exit risk. For low-criticality use cases — a simple FAQ bot with no business logic — migration cost is low enough that lock-in risk is negligible.

Where it becomes genuinely dangerous:

  • The agent handles a customer-facing or revenue-critical process (support, quoting, onboarding)
  • You expect to iterate significantly on agent behaviour over 12+ months
  • Your industry has data residency requirements the platform may not satisfy long-term
  • The agent will accumulate memory that has operational value

This is exactly where the build vs buy decision framework changes most dramatically — the right answer at pilot scale looks very different from the right answer at production scale.

Architectural Safeguards Worth Demanding

If you decide a platform is the right starting point, a few architectural decisions meaningfully reduce your exposure.

Externalise your prompts. Store system prompts and persona instructions in your own version-controlled repository, not in the platform’s interface. The agent should load them at runtime. This is a five-minute decision that preserves full portability of your agent’s identity.

Own your memory layer. Where the platform allows it, route memory storage through an external vector database you control. Standard self-hostable options include Weaviate, self-hosted Chroma, or Qdrant — all open-source and deployable on infrastructure you own. This keeps your accumulated conversation context portable regardless of what happens to the platform.

Instrument before you depend. Before any process becomes production-critical, ensure you have logging and observability that lives outside the platform. If you can only see what your agent did through the vendor’s dashboard, you have a dependency problem.

Plan the exit before you enter. Estimating migration cost before you commit changes what you negotiate in the contract. A vendor who won’t discuss exit terms at the sales stage is signalling something. For teams ready to grow beyond platform constraints, the migration path from prototype to custom development is more structured than most assume.

The Total Cost Picture

Lock-in risk has a dollar value, even if it rarely appears in the vendor’s pricing sheet. The calculation: probability of a disruptive platform event (price increase, acquisition, deprecation) over your deployment horizon, multiplied by migration cost if it materialises, plus the ongoing premium you pay versus alternatives because exit is too painful to execute.

For many organisations evaluating a multi-year agent deployment, the custom vs platform TCO comparison shows the fully-loaded cost of a well-architected custom solution is closer to the platform alternative than the upfront numbers suggest — precisely because lock-in risk is priced in rather than deferred.

If you are weighing open-source frameworks like LangGraph or CrewAI — where you own the infrastructure when deployed self-hosted — the open-source vs proprietary platform comparison is the right starting point. Note that both frameworks also offer managed cloud deployment services (LangSmith Deployment for LangGraph, CrewAI Cloud for CrewAI) that reintroduce some lock-in vectors; the portability advantage applies to the self-hosted path. Those options change the lock-in calculus significantly, though they introduce different trade-offs around operational complexity.

How Orange ITS Approaches Platform Evaluations

When we assess an agent platform for a client, we run a version of the checklist above and then model the exit cost explicitly. That number becomes part of the build-vs-platform recommendation, not an afterthought.

For organisations with mission-critical processes or strong data residency requirements, we frequently recommend either open-source frameworks deployed on Swiss or EU infrastructure, or fully custom agent architectures where the client owns every layer. For lower-stakes pilots, we may recommend starting on a managed platform — with documented escape hatches from day one.

Our AI strategy service exists precisely for this kind of evaluation: helping you make the platform decision with a clear-eyed view of the full cost, not just the monthly subscription.

If you are evaluating an agent platform right now — or reconsidering one you already deployed — a 30-minute call is usually enough to identify the highest-risk dependencies and agree on architectural safeguards before they become expensive. Book that conversation with us.

Related insights

Zapier and Make Agent Automations vs Custom: A Buyer's View

Read article

The Real Cost of AI Agents: Custom vs Platform TCO

Read article

Build vs Buy: A Decision Framework for AI Agents

Read article
Insights

Put these ideas to work

A 30-minute call is enough to find out whether an AI agent fits your workflow — and what it would return.

Book a discovery call