From ChatGPT Work to Grok 4.5 and Muse Spark 1.1, labs are rallying around the enterprise market. Regardless of the model, enterprises still need to close the same actions runtime gap before truly putting them to work.
OpenAI’s latest release is a case study in how frontier labs are changing how they talk about their models.
GPT-5.6 very intentionally launched paired with ChatGPT Work, pitched as “a partner for your most ambitious work,” with demos that pull messy context out of Slack, Notion, Microsoft 365, and Google Drive and turn it into finished decks, spreadsheets, and documents.
Complete with testimonials from enterprises like Virgin Atlantic and Zapier about mapping customer journeys and tracking sales pipeline, the release page makes the shift in audience obvious. This isn’t a model being marketed to a developer glued to benchmark stats. This is a model being marketed to the revenue leader who uses AI daily to set pipeline targets, track them against live CRM data, and reforecast the moment a deal slips.

For two years the labs optimized for reasoning benchmarks and consumer chat. Now the flagship pitch is enterprise knowledge work, done end-to-end, across the systems where your company actually runs. Model companies are now explicitly targeting enterprise buyers.
Grok and Muse Spark prove enterprise-targeting is an industry trend
OpenAI wasn’t the only lab releasing a new model with enterprise ambitions this past week.
On the heels of its Cursor acquisition, SpaceXAI shipped Grok 4.5 for “coding, agentic tasks, and knowledge work” and made it the default in Grok Build, with demos of it building multi-sheet Excel models from web research and leaving sticky notes for its next run.

The same day as GPT-5.6, Meta Superintelligence Labs shipped Muse Spark 1.1 and its first public API, an agent that “zero-shot generalizes to new native tools, MCP servers, and custom skills,” orchestrates subagents, and drives a computer across apps whose state changes mid-task.

That’s three labs in one week releasing new models with the same value proposition: an agent that reaches across your apps and files and does the work. But as I just covered, an enterprise’s AI workflow can’t live inside one vendor. Grok’s tool calling belongs to Grok. Programmatic Tool Calling belongs to OpenAI. Muse Spark belongs to Meta. Wire your agents straight into one lab’s surface and you’ve married that lab during a week that proves new models and capabilities change week-to-week.
Which is exactly why the actions runtime gap matters more than ever.
The actions runtime gap for enterprise
An agent that acts across Slack, Salesforce, and Drive on behalf of your employees is not enterprise-ready because it’s smart. It’s enterprise-ready when it can scale from a demo to production and your security team can approve it.
Enterprise-ready comes down to answering three questions the model can’t:
- Who is this agent allowed to act as, and does anything check every action? Call that enforcement.
- Will the action actually work when it runs? Call that execution.
- Can you prove what the agent did? Call that governance.
Not one of these new models shipped enforcement, execution, or governance, because that layer can’t live inside the model.
Enforcement: whose permissions does the agent act with, and who’s checking?
When ChatGPT Work reaches into a company Drive for “this user,” whose access is it using, and what checks that access along the way? This is the question that kills agent projects before production, and I watched it play out for years running developer and auth products at Okta.
Teams building agentic AI for enterprise tend to make one of two mistakes.
Mistake #1: give the agent its own identity. This gets you up and running quickly, but in the long term it means an intern can reach data they should never touch just by asking the agent nicely.
Mistake #2: inherit the user’s full access. This feels secure because the agent never exceeds what the user could already do, but then one prompt injection cascades through every system that user can reach.
The right answer sits at the intersection of what the agent is allowed to do and what the user is allowed to do, evaluated on every action. The model can’t hold that intersection. In fact, it shouldn’t hold your users’ credentials at all.
And authorization is only the start. Your enterprise already enforces security policies across your identity provider, your DLP, your SIEM, and your compliance tooling. None of them were written to cover agent actions, and there’s no single place where they all apply. So security reviews every agent by hand, and nothing ships.
Enterprise-ready means a single point every agent action passes through, where authorization runs per action against your identity provider and the security policies you already run apply to every action an agent takes. Security approves that enforcement layer once, and every agent after the first ships against the same foundation.
Execution: will the action actually work across your system?
Watch the launch demo again where ChatGPT Work turns a Slack thread and a Drive folder into a finished deck.
Every one of those wins depends on tool calls landing correctly across the systems where your business actually runs: Salesforce, Workday, GitHub, Office, and your internal APIs. That is exactly where production diverges from the demo. APIs want structured input. A Slack message needs a recipient_user_id, not someone typing “send this to Finance” in a model chat. A doc edit needs a segment ID and an index and context when the user said “make the intro friendlier.”
When a tool is a thin wrapper around that API, the model has to guess its way across the gap. It hallucinates a parameter, or it retries until something sticks and burns your token budget doing it. The demo worked because one person ran it once. Production breaks because 100 people run it against real data all day.
Enterprise-ready means tools built for how agents actually phrase intent, so “make the intro friendlier” resolves to the exact segment and text the first time, coupled to a runtime that executes with parallelization, automatic failover, and intelligent retries as you scale to more tools, more users, and more complex workflows.
Governance: can you prove what your agent did?
Once a few teams ship agents like this, leadership gets a question it can’t answer: what’s running, on whose behalf, doing what? Tool sprawl multiplies as teams rebuild version after version of the same Salesforce integration while leadership and security lose the thread. Enterprise-ready means one place where you can see every agent and tool and produce a record an auditor will accept.
Closing the actions runtime gap
I placed a bet that this actions runtime gap would emerge years ago, and it’s what I launched Arcade.dev to solve.
Arcade is the point every agent action passes through: authorization evaluated per action at the intersection of user and agent, your security policies enforced on every action, agent-optimized tools, credentials kept away from the model, and a single control plane where security can answer whether this agent, for this user, can take this action on this system right now.

The models just got serious about the enterprise. The teams deploying them will spend the next year building everything the launches left out.
How prepared is your team?

