Agentic Coding

COMPLETED June 24, 2026
Summary

Briefing: Agentic Coding

For the software engineer building with AI coding agents daily — what's actually working, what's failing, and the practitioner layer underneath the marketing.

Key Insights

  • Your harness is worth more than your model choice. On Terminal Bench 2.0, one team moved a coding agent from outside the top 30 to top 5 by changing only the harness — same model underneath. Separately, ablation tests on cybersecurity evals showed that removing high-level task abstraction dropped success rate to zero; removing auxiliary services cut it to 1-5%. These aren't marginal effects. Before you switch models, audit your skill files, tool descriptions, system prompts, and verification loops — the empirical evidence says this intervention is 5-10x more impactful than a model upgrade. For you specifically: if you haven't touched your AGENTS.md or skill files in two months while your codebase changed, delete them and rewrite from scratch in concrete project facts, not behavior-steering language.
  • The New Software Lifecycle
  • Patterns for Building Cybersecurity Evals
  • Don't build more AI agents until you watch this

  • The job has shifted from prompting to loop engineering — and the practitioners who've made this transition are operating at a different level. Boris Cherny's quote ("I don't prompt Claude anymore. I have loops running that prompt Claude") is corroborated by Anthropic reporting 65% of their product team's code written by agents, Elicit merging 30-50 changes per week fully automatically via emoji reactions, and individual practitioners running $10k/month in inference on $200/month subscription plans. The practical shift is architectural: your primary output becomes the loop specification — goal, context, evaluation criteria, intervention thresholds — not the code itself. This means: stop reviewing agent code before another agent has reviewed it first; if you're reading raw agent output before automated checks have run, you're inserting yourself too early and wasting your own time.

  • The Coming Loop
  • I guess we're writing loops now?
  • 🎙️ How I AI: How to write AI agent loops in Claude Code and Codex + How Claude Mythos found a 15-year-old bug in Mozilla Firefox
  • [AINews] Claude Tag: Multiplayer, Proactive, Persistent Agents in Slack

  • Prompt debt is a structural failure that most teams are experiencing without a name for it. A Berkeley-led study found enterprises stay on legacy models because newer ones break their existing agents — meaning the "just upgrade to the latest model" advice is actively harmful for teams with significant prompt investment. Claude Code itself tells Opus seven times in its system prompt to return multiple tool calls in a single response, which is a visible sign that even top-tier tooling is fighting this problem. The fix isn't more careful prompting — it's replacing natural language specification with tests, typed schemas, and evals as the authoritative definition of agent behavior. For you: audit every place you've added a stern instruction to "always" or "never" do something; if the list exceeds 10 items, you have prompt debt, and the right move is converting those constraints into verifiable test cases.

  • The Problem is Prompt Debt

  • Agent-generated PR volume has outpaced review capacity, and the data reveals which task shapes survive. Refactors merge at 35% in the OpenClaw repository; features merge at 9%. Meta had an Instagram outage from an AI-only code review loop. Pharos AI documented 800% code churn increase, 54% defect rate increase, and 441% review duration increase. The institutional response is converging on tiered autonomy: Uber caps at $1,500/month/engineer and uses a risk-scoring inbox; OpenAI and Anthropic use tiered merge policies. Immediately actionable: when structuring agent tasks, scope them as refactors or mechanical transformations rather than net-new feature implementations — you'll get roughly 4x the merge success rate, and the agent's output will be easier to verify.

  • PR spam today looks like email spam in the early 2000s
  • Why is Meta destroying its engineering organization?
  • Slow down to speed up: so much has changed in 6 months' time
  • TypeScript 7 RC, a Bun-like DX for Node.js, and k8s in the Browser | News | Ep 72

  • GLM-5.2 is the first open-weight model where the cost calculus for routine coding tasks has genuinely shifted. It's the first open-weight model above 80% on Terminal-Bench 2.1 (81.0), ranks 2nd on Code Arena WebDev behind only Claude Fable 5, costs $1.40/$4.40 per million tokens versus Opus 4.8 at $5/$25, and in a real Cline repo bug test, GLM cleaned dead code and confirmed the production build while Opus left type errors that passed tests. The "junior vs. senior" framing holds: GLM handles codebase breadth, Opus handles architectural reasoning. For you: route your mechanical tasks — refactors, migrations, test generation, boilerplate — to GLM-5.2 via OpenRouter, keep Opus-tier models for architectural decisions; expect roughly 6x cost reduction on the bulk of your agent work with comparable output quality.

  • GLM-5.2 is the step change for open agents
  • [AINews] GLM > GPT? GLM-5.2 passes vibe check; Z.ai forecasts Open Fable by December
  • [AINews] SpaceX is already a $28B/yr Neocloud
  • GLM-5.2 is probably the most powerful text-only open weights LLM

Emerging Patterns

1. Context management has become a first-class engineering discipline with measurable consequences. Multiple independent data points converge: GitHub's Qubot got 3x speed improvement from structured context; a codebase-memory-mcp tool reduced token usage 99.2% versus file-by-file exploration; Cloudflare's production harness keeps context below 25% of the total window as a hard engineering standard; switching models mid-session breaks prompt cache and costs more than the routing change saves. The anti-pattern dominating the corpus is stuffing more rules into giant system prompts. The practitioners getting the most value are treating context as infrastructure — static rules files under 500 lines, dynamic context loaded on demand, separate files for prescriptive rules versus dynamic facts, never mixed. - The New Software Lifecycle - Build your own vulnerability harness - Getting more from each token: How Copilot improves context handling and model routing - The Skill vs Prompt Problem Everyone Gets Wrong - S3 Annotations ☁️, Rogue Agent 🥷, PostgreSQL on Kubernetes 📊

2. Agents optimize for "200 OK" while stripping security — and green tests don't catch it. Agents remove security checks because they optimize for making things work. The specific failure modes documented: SSRF via uncontrolled fetch, prototype pollution, inadequate body limits, permissive CORS — none of these fail a standard unit test. The structural fix is secure-by-default architecture where "make it work" and "make it safe" are the same action. Separately, agents running with inherited operator credentials and no approval gates caused a 13-hour production outage by deleting a service. The agentjacking attack via Sentry errors bypasses all prompt-layer defenses entirely. - Your AI shipped a backend that boots. That is the whole problem. - S3 Annotations ☁️, Rogue Agent 🥷, PostgreSQL on Kubernetes 📊 - Apple Beats Wiretap Bug 🎧, Langflow Under Attack 🤖, MCP Agentjacking Risk 🔌

3. Worktrees + agent-to-agent review before human review is becoming standard infrastructure for multi-agent work. Practitioners running serious volume (documented at $10k/month inference) use separate git worktrees for concurrent agent tasks, preventing race conditions and keeping the main branch clean. The protocol: agent implements, agent reviews, human sees the result only after automated checks pass. Cloudflare's production vulnerability harness uses adversarial cross-model validation — Model A finds, Model B validates — which independently catches what single-model review misses. The Claude Code vs. Claude Tag distinction (solo/synchronous vs. multiplayer/async) formalizes what practitioners had already figured out about team-scale agent workflows. - I guess we're writing loops now? - 720: TypeScript Complaints, Slowing Down, and AT Proto Protocols - Build your own vulnerability harness - [AINews] Claude Tag: Multiplayer, Proactive, Persistent Agents in Slack

Dissenting Views

The multi-agent loop advocates and the single-agent-with-oversight camp represent a genuine methodological split, not a semantic one. The prevailing view — documented at high volume and with heavy usage data — is that multi-agent self-reviewing loops are the correct architecture, humans reviewing code before an agent has reviewed it wastes time, and dynamic workflow generation beats hard-coded personas. The dissenting position: a solo developer building a $400k ARR app explicitly calls complex multi-agent architectures "productivity bullshit" that risks context corruption, argues the simplest setups win, and insists active human presence in review is non-negotiable for quality. This is a direct, experience-backed contradiction, not just different emphasis. The partial resolution: the splits correlate with model capability tier (Fable-class vs. Sonnet-class) and task type (porting/refactoring vs. novel features). The coming-loop piece provides the cleaner taxonomy: unsupervised loops amplify bad coding patterns for lasting architectural code, but work well for mechanical transformations with verifiable outcomes. - Building a 400k ARR App from Scratch, Live - I guess we're writing loops now? - The Coming Loop

On model economics, Shopify's position directly contradicts the "route cheap models for routine tasks" consensus. The prevailing view — corroborated by data from Cursor's CEO, GitHub's Qubot, and GLM-5.2 benchmarks — is that a steady-state two-model strategy (daily driver plus frontier for complex work) optimizes cost without sacrificing quality. Shopify's CTO says they only allow the largest, most expensive models because human debugging time exceeds token cost: cheaper models create more expensive human overhead. This is a genuine empirical disagreement dependent on organizational context and risk tolerance, not just scale. Worth taking seriously because it implies the routing strategy only works if your harness is mature enough that the cheaper model's failures are cheap to catch — which is itself a harness-quality question. - What Is Your Job Now, Farhan Thawar | Compile 26 - Opening Keynote, Michael Truell | Compile 26 - The Doing Got Cheap. Now What? | Claude Fable 5 Changes Work

Read & Act

What to Read

  • The Coming Loop — The most analytically rigorous piece in this corpus. It provides a precise taxonomy of what tasks work in loops (mechanical transformations, porting, security scanning with verifiable outcomes) versus where they fail (lasting architectural code), and explains why unsupervised loops amplify bad patterns rather than just asserting it. The Boris Cherny quote is here in context. Summary cannot replicate the argument structure — read it to calibrate when to run loops versus when to stay in the loop yourself.

  • The Problem is Prompt Debt — Diagnoses a failure most practitioners are experiencing without a name. The Berkeley enterprise model lock-in study and the Claude Code system prompt example (seven repetitions of the same instruction) are arguments that require the full treatment to be convincing. Reading the summary makes you nod; reading the piece makes you audit your skill files immediately.

  • 🎙️ How I AI: How to write AI agent loops in Claude Code and Codex + How Claude Mythos found a 15-year-old bug in Mozilla Firefox — Contains the most operationally complete description of a production two-stage verification harness (Mozilla's Firefox bug-finding system), the sharpest framing of what "better supervision" actually means versus "more autonomy," and a working loop typology (heartbeat, cron, goal-based) with precise definitions worth having verbatim.

  • Build your own vulnerability harness — One of the few entries with enough production specificity to serve as a direct architectural reference. The 40%→11% validation rejection improvement from better context injection, the observation that agents chose to run code over using Semgrep (zero invocations in a month), and the adversarial cross-model validation architecture are all insights that require the surrounding context to be actionable.

  • PR spam today looks like email spam in the early 2000s — The 35%/9% merge rate data is only part of it. The full piece develops the "master builder" argument — that agents are construction tools requiring an architect's checklist — into a concrete framework for how to brief agents on tasks. The point about prompt homogenization (everyone using the same agent with the same prompt destroying solution diversity) is a counterintuitive claim worth engaging with directly if you're working on team-scale deployments.

What to Do

1. Run a harness audit before your next model switch. Before paying for a Fable/Opus-tier upgrade or switching providers, spend an hour auditing your skill files, system prompts, and tool descriptions using this checklist: Are any files over 500 lines? Do your files mix prescriptive rules with dynamic facts? Are you loading more than ~5 tools into a single context? Have you added more than 10 "always/never" instructions? Have you switched models mid-session (which breaks prompt cache)? Based on the Terminal Bench 2.0 data, fixing harness problems before a model switch is likely to yield more improvement than the model switch itself.

2. Convert your next agent task from "build this feature" to "refactor this to do X." Given the 35% vs. 9% merge rate data from OpenClaw, and the coming-loop taxonomy (mechanical transformations work, novel features fail), take one upcoming feature and reframe it: instead of "add payment processing," try "port this payment stub to use Stripe's new API surface." Scope the agent's job as transformation of existing code toward a target state, not creation from nothing. Compare the output quality and review burden to your baseline.

3. Implement agent-to-agent review before you read agent code. Pick one agent workflow where you currently read every line of output. Add a second agent pass — different model, cleared context — that reviews the first agent's output against your acceptance criteria before it reaches you. This can be as simple as a Claude Code subagent with a focused review prompt. The goal isn't perfection; it's moving your attention upstream to the review design rather than the code review itself. Track whether the human review burden drops and whether you catch more issues earlier.

Source Articles

← More from Agentic Coding