Agentic Coding
Summary
Briefing: Agentic Coding Purpose: I'm a software engineer building with AI coding agents daily — what's actually working, what isn't, and what should I do differently.
Key Insights
- The harness is the product, not the model. Anthropic's own team confirmed in internal evaluations that the same model produces "drastically different" results with different harnesses — and that the "generic harness" designed for easy model-swapping is now a losing strategy. Factory's production system (Missions) and the Tokenmaxxing GStack approach converge on the same finding: the orchestration layer around models — context scoping, memory architecture, tool permission profiles, error recovery — is what separates demos from production-viable agents. Stop treating your system prompt as the primary lever. The interaction architecture is the product.
- Inside Anthropic's 2026 Developer Conference
- The Multi-Agent Architecture That Actually Ships — Luke Alvoeiro, Factory
- Tokenmaxxing: How Top Builders Use AI To Do The Work Of 400 Engineers
-
The Secrets of Claude's Agent Platform From the Team Who Built It
-
The cheapest token is the one you don't spend — and the biggest wins come from moving work out of the LLM loop entirely. GitHub's production data on agentic workflow optimization shows 19–62% Effective Token reductions, and the biggest gains came not from prompt optimization but from replacing LLM calls with deterministic CLI pre-fetching. GitHub's "Effective Tokens" metric (weighting outputs 4x, cache reads at 0.1x) is the right framework for measuring real cost — not raw token counts. One misconfigured bash allowlist caused a single workflow to fall into a 64-turn fallback loop reconstructing compiler output from scratch, demonstrating how structural failures dwarf prompt failures in production cost.
-
Agents fail at system boundaries and context degradation, not from poor reasoning. Arize's production experience with their Alex agent hit a vicious loop: spans grew, hit context limits, the agent failed, and the failure data was appended to the context, making the next attempt worse. Naive truncation broke reasoning; summarization was unreliable. The solution — smart truncation (keep head and tail, store middle in memory) — independently matched what Claude Code itself does internally. The Lily incident (SQL injection via unauthenticated endpoints) and the bash security experiments showing GPT-5.5 bypassing blacklists both confirm: control mechanisms must be structural and deterministic, not prompt-based. Move from blacklisting to whitelisting or no-bash architectures for production agents.
- Hierarchical Memory: Context Management in Agents — Sally-Ann Delucia, Arize
- Engineers, DELETE the BASH Tool: Agentic Security For Pi Agent and Claude Code
-
Code is free, but maintenance, support, and tests aren't — and agent-generated code without behavioral tests is actively dangerous. dbreunig's 10 lessons crystallizes the most durable insight in this batch: invest heavily in end-to-end behavioral tests that measure product functions, not implementation details. This shifts supervision from line-by-line code review to behavioral contract verification — which scales with agent velocity. GitHub's dominator-tree validation approach shows this concretely: agent self-assessment scored 0% F1 on "not a bug" classification, while structural validation hit 100%. The supervision paradox (you need coding skills to supervise agents, but heavy agent use erodes those skills) doesn't resolve, but test investment is the most tractable mitigation available right now.
- 10 Lessons for Agentic Coding
- Validating agentic behavior when "correct" isn't deterministic
-
The subsidized era of frontier model access is ending, and the winners will be those who built cost-aware routing into their harness before it became forced. Multiple experienced builders report tool economics shifting: per-use pricing is breaking small businesses, GitHub Copilot multipliers hit 27x on Opus, and Anthropic is experimenting with removing Opus from $20 plans. The right response isn't panic — GPT-5.5 medium performs on par with GPT-5.4 high at under half the cost, and cache-hit optimization is the primary near-term cost lever. The emerging pattern across GStack, OpenClaw, and Factory is explicit model routing: Gemma-class for triage and classification, mid-tier for implementation, frontier only for judgment and architectural reasoning.
- State of Agentic Coding #6 with Armin and Ben
- Improving token efficiency in GitHub Agentic Workflows
- Prime is (mostly) right about AI
- Tokenmaxxing: How Top Builders Use AI To Do The Work Of 400 Engineers
Emerging Patterns
- Context engineering has displaced prompt engineering as the core practitioner skill, but the field hasn't converged on a method. The Arize production data, GitHub's workflow optimization findings, and dbreunig's lessons all independently arrive at the same conclusion: agents fail from context problems, not prompt problems. The GitHub team's most effective intervention was moving deterministic data fetching out of the LLM loop entirely. Arize's winning approach (smart truncation + memory store) matched Claude Code's internal strategy. Matt Pocock's "narrow waist" architectural principle — well-defined interfaces that contain AI slop to modules with bounded inputs/outputs — and DDD's ubiquitous language as alignment between developer intent and agent execution are the most actionable structural responses. The pattern: audit what's in every call that shouldn't be, use file storage and grep as the primary memory mechanism over structured vector retrieval, and treat your AGENTS.md file as a first-class product artifact.
- Hierarchical Memory: Context Management in Agents — Sally-Ann Delucia, Arize
- Improving token efficiency in GitHub Agentic Workflows
- 10 Lessons for Agentic Coding
-
⚡️ Matt Pocock - Why Engineering Fundamentals matter MORE now
-
The "LLM as judge" pattern is maturing into a required component for production agents — but it needs multi-decision scope, not binary yes/no. The Lindy team's design system (a validator model that reviews proposed actions before execution) emerged from failures of both prompt-based enforcement and manual confirmation fatigue. Pydantic's Samuel Colvin goes further: "LLM as judge is lunatics running the asylum," advocating deterministic evals against golden datasets. These aren't contradictory — they're scoped differently. Self-assessment is unreliable for "not a bug" classification (0% F1 in GitHub's study) but self-diagnostics are effective for detecting capability gaps and tool failures. The practical synthesis: use structural validation at action boundaries, classifiers for implicit signals like frustration and refusals (Raindrop's approach reduced frustration rates from 37% to 9%), and reserve LLM judgment for narrow, well-defined scope boundaries.
- LLM Agents: The Security Breach Pattern Nobody's Talking About
- Validating agentic behavior when "correct" isn't deterministic
- Everything You Need To Know About Agent Observability — Danny Gollapalli & Zubin Koticha, Raindrop
-
Playground in Prod: Optimising Agents in Production Environments — Samuel Colvin, Pydantic
-
Codex has overtaken Claude Code in downloads and in daily driver preference among some experienced builders, but this is a harness-model fit question, not a model quality question. Multiple experienced builders have fully switched to Codex (citing desktop app speed, superior sub-agents, and automation suggestion quality). Meanwhile, Claude Code utility is reportedly flat versus last fall for some users, and Codex surpassed Claude Code in downloads post-April releases. The counterargument from Anthropic's own evaluations: harness-model pairing matters more than model switching, and the "generic harness is dead." Chinese developers despite a nominal Claude ban are reportedly "obsessed" with Claude and use it universally. The honest read: both Claude and Codex are capable, the right choice depends on your harness architecture, and locking your workflow to either provider's subscription model is now a strategic risk given pricing changes.
- AINews: Silicon Valley gets Serious about Services
- Why We Switched From Claude Code to Codex
- Inside Anthropic's 2026 Developer Conference
- Notes from inside China's AI labs
Dissenting Views
- The prevailing view is that serial execution beats parallel for code tasks in multi-agent systems — Factory's production data supports this strongly — but practitioners building non-code agent stacks report parallel sub-agents work well for independent tasks. Factory found that running multiple agents concurrently on code caused conflicts, duplicated work, inconsistent architectural decisions, and coordination overhead that ate all speed gains. This is real production data from a shipping product. However, GStack's architecture runs multiple sub-agents in parallel for distinct roles (CEO, designer, developer) with claimed high effectiveness. The resolution: task dependency structure, not agent count, is the variable that matters. Parallel works when tasks are genuinely independent (roles with no shared state); serial is required for dependent code changes in a shared repository. Before defaulting to parallel orchestration, map your task dependency graph.
- The Multi-Agent Architecture That Actually Ships — Luke Alvoeiro, Factory
-
Tokenmaxxing: How Top Builders Use AI To Do The Work Of 400 Engineers
-
Simon Willison's normalization of not reviewing every line of AI-generated code in production is a methodological disagreement with the majority position, not just a difference in comfort level. Willison explicitly treats Claude Code like trusted software from another team's track record, skipping line-by-line review. The majority position (dbreunig, JetBrains, Roc/Zig speaker) holds that review remains essential — and the cognitive debt argument is that over-reliance erodes the judgment needed for effective review, creating a self-defeating loop. Willison's position is not careless: he's shifted trust from code authorship to behavioral contract verification (tests, track record). The question this raises for practitioners is whether you have robust enough behavioral tests to make that shift safely — if not, you're taking on unpriced technical liability, not just choosing a workflow.
- Vibe coding and agentic engineering are getting closer than I'd like
- We all fell for it…
- 10 Lessons for Agentic Coding
Read & Act
What to read
-
Improving token efficiency in GitHub Agentic Workflows — Read this in full. The "Effective Tokens" metric, the two-agent optimization loop (Auditor + Optimizer), and the specific case study of a 64-turn fallback loop caused by a one-line misconfiguration are exactly the kind of production detail that cannot be compressed without losing their diagnostic value. This is the only entry in this batch with systematic production-tested measurement of what actually costs money in agentic workflows.
-
The Multi-Agent Architecture That Actually Ships — Luke Alvoeiro, Factory — The Missions architecture is one of the few production-validated multi-agent systems in this batch. The specific decisions — serial execution, pre-implementation validation contracts, structured handoffs with exit codes, model routing by role, adversarial validators who haven't seen the code — require full context to apply correctly. The "droid whispering" skill concept (mentally modeling how different LLMs interact under pressure across a multi-day run) is a genuinely new skill set that deserves its full articulation.
-
LLM Agents: The Security Breach Pattern Nobody's Talking About — The four-bucket action classification system, the multi-decision judge scope, and the correlated judgment failure mode discussion are interdependent concepts that form a complete framework. If you're running agents with write access to production systems, the architecture described here is the minimum viable control layer — partial implementation misses the design logic.
-
Inside Anthropic's 2026 Developer Conference — The Spiral production integration story is currently the best first-person account of building on Claude Managed Agents. The specific architectural decisions — lock-in mitigation via custom tool servers, multi-agent orchestration caveats, memory overhead trade-offs, and what "generic harness is dead" means in practice — are both current and difficult to find elsewhere.
What to do
-
Audit your context for what shouldn't be there, then move the most expensive data-fetching operations out of the LLM loop. Pick your highest-cost workflow and instrument it with token-level logging per API call for one week. Look specifically for tool calls that are fetching data deterministically (repository state, file contents, PR diffs) that could be pre-fetched via CLI before the agent starts. GitHub's team found this single category of change drove their largest efficiency gains — 62% in one workflow. The "cheapest LLM call is the one you don't make" applies directly to your MCP configuration: cross-reference your tool manifests against actual tool calls in logs and prune unused tools.
-
Implement a five-level bash security framework before your next production agent deployment. The empirical evidence is clear: blacklists are inadequate (GPT-5.5 bypassed tested blacklists in demonstration), and the risk compounds with agent runtime. Start with a global bash blacklist as a floor, then move to whitelisting for any agent with production access, and evaluate whether the bash tool needs to exist at all for your use case. For agents that interact with read-only operations, the no-bash architecture (using only explicitly defined tools) eliminates an entire class of production incidents.
-
Engineers, DELETE the BASH Tool: Agentic Security For Pi Agent and Claude Code
-
If you don't have end-to-end behavioral tests, write them before your next agent task — not after. The Factory insight and the GitHub structural validation research point to the same root cause of agent drift: tests written after implementation confirm decisions rather than verify intent. Define what "done" means as assertions before any coding starts, even for small tasks. If an agent can rebuild your feature from scratch and pass those tests, you've shifted supervision from line review to behavioral contract — which is the only review approach that scales with agent velocity.
- 10 Lessons for Agentic Coding
- Validating agentic behavior when "correct" isn't deterministic
Source Articles
- My Tips for Designing Better User Experiences
- It is true, and it's sad
- AWS Weekly Roundup: Amazon Bedrock AgentCore payments, Agent Toolkit for AWS, and more (May 11, 2026)
- The AWS MCP Server is now generally available
- We all fell for it…
- Anthropic just…wait what
- I didn't see this one coming...
- Prime is (mostly) right about AI
- [AINews] Silicon Valley gets Serious about Services
- GitLab Act 2
- Using Claude Code: The Unreasonable Effectiveness of HTML
- Vibe coding and agentic engineering are getting closer than I'd like
- Stop Letting AI Agents Pick Your Tech Stack
- How To Fix GitHub Errors: 404, 403, Push Rejected & more
- [AINews] Anthropic growing 10x/year while everyone else is laying off >10% of their workforce
- Pushing Local Models With Focus And Polish
- Claude Code + OpenRouter = 99% CHEAPER (Live Product Build)
- ⚡️ Matt Pocock - Why Engineering Fundamentals matter MORE now
- RNR 352 - Storybook with Daniel Williams
- 🎙️ How I AI: Quests, token leaderboards, and the elite AI adoption playbook & Notion’s spec-driven development
- I let AI build a tool to help me figure out what was waking me up at night
- Notes from inside China's AI labs
- AI still sucks at frontend with Adam Argyle
- A Piece of Pi: Embedding The OpenClaw Coding Agent In Your Product — Matthias Luebken, Tavon
- Viktor: AI Coworker That Lives in Slack — Fryderyk Wiatrowski
- Two Roads to Durable Agents: Replay vs. Snapshot — Eric Allam, CEO, Trigger.dev
- Hierarchical Memory: Context Management in Agents — Sally-Ann Delucia, Arize
- You can't just one shot it — Mehedi Hassan, Granola
- Agentic Search for Context Engineering — Leonie Monigatti, Elastic
- Playground in Prod: Optimising Agents in Production Environments — Samuel Colvin, Pydantic
- Vibe Engineering Effect Apps — Michael Arnaldi, Effectful
- Everything You Need To Know About Agent Observability — Danny Gollapalli & Zubin Koticha, Raindrop
- Skills at Scale — Nick Nisi and Zack Proser, WorkOS
- The Multi-Agent Architecture That Actually Ships — Luke Alvoeiro, Factory
- The Small Model Infrastructure Nobody Built (So We Did) — Filip Makraduli, Superlinked
- Demand-Driven Context: A Methodology for Coherent Knowledge Bases Through Agent Failure
- The ReSharper 2026.2 Early Access Program Begins: Bringing More AI Agents into Visual Studio
- Our 2026 Direction: AI and Classic Workflows in JetBrains IDEs
- Stop Sending IDE-Catchable AI Code Errors to Review
- Tokenmaxxing: How Top Builders Use AI To Do The Work Of 400 Engineers
- Burn through the backlog from hell with /triage
- The Secrets of Claude's Agent Platform From the Team Who Built It
- OpenAI vs. Anthropic: The Battle Lines Are Drawn
- Why We Switched From Claude Code to Codex
- Improving token efficiency in GitHub Agentic Workflows
- Validating agentic behavior when “correct” isn’t deterministic
- SED News: Anthropic’s Mythos, Supply Chain Hacks, and the AI Spending Surge
- SmartBear and Multi-Agent QA
- Prompt to Dashboard in One AI Tool Call
- Engineers, DELETE the BASH Tool: Agentic Security For Pi Agent and Claude Code
- openclaw 2026.5.10-beta.2
- 1003: Skills Skills Skills
- 1002: The Real Pricing of LLMs
- 10 Lessons for Agentic Coding
- 🎙️ How I AI: Quests, token leaderboards, and the elite AI adoption playbook & Notion’s spec-driven development
- Claude self-improving agents 🤖, Anthropic SpaceX deal 🚀, ProgramBench launch 💻
- No Dumb Questions: What is an MCP server and why do I care?
- TypeScript 7 Beta, Deno Fresh 2.3, and Const Generics | News | Ep 65
- State of Agentic Coding #6 with Armin and Ben
- Beyond efficiency: PayPal expands what's possible to build with AI
- LLM Agents: The Security Breach Pattern Nobody's Talking About
- Anthropic And OpenAI Just Admitted The Model Isn't Enough.
- You're Wasting 40% Of Your AI Time On Something Fixable
- 271 Vulnerabilities: What Mozilla's AI Found Changes Everything
- Your AI Agent Is Locked To One Model. OpenClaw Just Killed That.
- The Work Primitive: What Every AI Product Leader Gets Wrong
- Consumer AI Has a Problem Nobody's Naming.
- The AI Starter Kit: What to Try...and What to Ignore
- From Vector Databases to Knowledge Engines: The Next Layer of AI
- Inside Anthropic’s 2026 Developer Conference
- Roc & Zig: A Compiler Rewrite Story • Anjana Vakil & Richard Feldman • GOTO 2026
- Serverless Agents: Real-World Tooling with Strands SDK, MCP & AWS • Akshatha Laxmi • GOTO 2025
- briefing 2026-04-14T05:00:49.370475+00:00