The Data Spine and the Agent SDK are two sides of the same architecture.
The Data Spine provides the what — the trusted, governed, structured data that represents the enterprise's truth.
The Agent SDK provides the how — the intelligence layer that creates, enriches, transforms, monitors, and distributes that data.
They are dependent on each other.
Without the Data Spine, agents have no trusted foundation. They operate on inconsistent data and produce inconsistent results. Without the Agent SDK, the Data Spine is powerful but passive. It governs data excellently, but every action requires human effort.
Together, they create a system where data is both governed and intelligent. Where the foundation is trusted and the operations are scalable. Where humans focus on strategy, judgment, and exception handling — and agents handle the volume, velocity, and consistency.
This is Agentic PXM.
The AI landscape is moving fast. Models that are state-of-the-art today will be surpassed tomorrow. Providers that dominate today may not dominate in two years. Regulatory requirements around AI transparency and data processing are evolving across jurisdictions.
Enterprises cannot afford to lock themselves into a single AI vendor. And they should not have to.
The Pimcore Agent SDK is agent-agnostic. It works with your preferred LLMs and agent technologies — not ours.
Anthropic Claude. Google Gemini. OpenAI. Open-weight models like Llama, Mistral, or Qwen. Your own privately trained, fine-tuned models running on your own infrastructure. The Agent SDK does not care which model powers the intelligence. It provides the framework — the tools, the context, the guardrails, the governance — and the model plugs in.
This is possible because the framework is built on MCP (Model Context Protocol) — an open standard, not a proprietary Pimcore specification. Any model or agent technology that speaks MCP can interact with Pimcore's tools, access Pimcore's context, and operate within Pimcore's guardrails. The tool layer is decoupled from the intelligence layer by design.
This is not just a technical convenience. It is a governance decision.
Different models have different characteristics. Different data residency implications. Different regulatory profiles. A European enterprise subject to GDPR and NIS 2 may need to run a self-hosted model within its own data center. A North American enterprise may prefer a cloud-based model for speed and scale. A regulated financial institution may require a privately trained model that has never been exposed to external data.
The Agent SDK supports all of these scenarios — because the governance layer is in the platform, not in the model. Regardless of which model an enterprise chooses, the same permissions apply. The same guardrails enforce. The same audit trails record. The same quality gates validate.
This means enterprises can make model decisions based on performance, cost, regulatory requirements, and strategic preference — without touching the governance architecture. They can switch models. They can run different models for different tasks. They can evaluate new models against existing ones in a controlled environment.
The intelligence is pluggable. The governance is structural.
Pimcore is open. The Agent SDK, like the rest of Pimcore, is built on an open platform. The code is inspectable. Enterprises can audit the agent framework. They can understand exactly how agents interact with the platform, what data they access, and how guardrails are enforced. In an era where AI transparency is becoming a regulatory and ethical requirement, this matters.
Open protocol. Open platform. Any model. Full control.
The beta release at Pimcore Inspire on April 14, 2026 is the beginning — not the end.
The initial release provides the framework: the agent runtime, the MCP server layer, the context providers, the guardrail engine, and the first set of production-ready agents for core data management tasks.
From here, the roadmap expands along three axes.
Deeper specialization. More agents, trained for more specific enterprise tasks — industry-specific classification, regulatory compliance checking, competitive benchmarking, channel optimization. Each agent becomes better at a narrower task, and the composable architecture lets them work together seamlessly.
Broader ecosystem. The open MCP protocol means that third parties — system integrators, technology partners, specialized AI providers — can build agents that operate within the Pimcore Agent SDK. The governance layer ensures that third-party agents play by the same rules as first-party agents.
Increasing autonomy. As enterprises build trust through the guardrail system — starting with tight human oversight and progressively widening agent autonomy — the operating model evolves. Not toward full automation. Toward a calibrated balance where agents handle what they are proven to handle well, and humans focus where human judgment is irreplaceable.
The enterprise AI conversation has been dominated by two extremes.
On one side: hype. AI will automate everything. Agents will replace entire teams. The platform is irrelevant — intelligence is all that matters.
On the other side: caution. AI is unreliable. It hallucinates. It cannot be trusted with enterprise data. Keep it in the sandbox.
Both are wrong.
The reality is in the architecture. AI is powerful when it operates on trusted data, through governed channels, within defined boundaries, and with human oversight calibrated to the level of trust it has earned.
That is exactly what the Pimcore Agent SDK provides.
Not AI as a feature. Not AI as a sidebar. Not AI as a separate layer.
AI as a first-party participant in a governed enterprise platform. Operating on the Data Spine. Governed by the same rules as everyone else. Doing real work.
This is what Agentic PXM looks like. And it starts now.