Agentic AI - systems that pursue goals, call tools, maintain memory, and coordinate with other agents - is already operational across five military-relevant domains: intelligence, planning, drone and edge systems, cyber defence, and information operations. The capability to field autonomous systems is commoditising at speed, while governance frameworks designed for static, versioned software are struggling to keep pace. This working paper argues that the decisive question is no longer who builds the most capable model, but who can deploy accountable, interoperable agentic workflows first. It maps four postures among the major powers (United States, Europe and NATO, China, Russia), describes the new attack surface created by agentic systems (goal hijacking, tool misuse, cascading failures, rogue agents), and draws on wargaming evidence to argue that traditional human-in-the-loop governance cannot scale at agentic speed. The paper proposes a governance architecture built on two complementary frameworks - the OWASP Top 10 for Agentic Applications and ETSI EN 304 223 - with runtime attestation, adaptive trust baselines, and continuous verification as operational requirements. A companion evidence base, deposited under the same Zenodo record, provides the full annotated bibliography and corpus analysis. Note: this record contains two files. The primary working paper (A.WHEN AGENTS GO TO WAR.pdf) is released under CC BY 4.0. The supplementary evidence base (B.AI IN DEFENCE EVIDENCE BASE.pdf) is released under CC BY-NC 4.0; see the document's front matter for its licence statement.
John Sotiropoulos (Fri,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: