Agentic Coding

COMPLETED November 28, 2025
Summary

Header Briefing: Generative AI Insights for the Startup Software Engineer This briefing synthesizes developments in building LLM-based systems, focusing on context engineering, agent architecture, application memory, and the business macro-environment for early-stage startups.

Key Insights

  • From Prompting to Context Engineering: The discipline of getting good results from LLMs is maturing from simple "prompt engineering" to a more robust "context engineering." This involves architecting the entire system around the model, including dynamic data retrieval (RAG), tool use, and memory. A key technique is "progressive disclosure," where agents are given minimal context initially (e.g., just the names of available tools) and only load the full tool specifications when they are deemed relevant, drastically saving on context window usage (Source).
  • Application Memory is the Defensible Moat: As base models become commoditized, the key differentiator and source of value will be the "personal intelligence layer" built on top. This layer relies on deep user context, memory, and personalization. The successful pivot of The Browser Company from Arc to Dia was driven by the conviction that this memory layer—not the browser itself—is the future, though building it is difficult and dependent on the latest model capabilities (Source).
  • The Development Bottleneck Has Shifted from Writing to Verifying: AI coding assistants dramatically accelerate code production, but this shifts the primary challenge from creation to verification. Ensuring the quality and security of a large volume of AI-generated code is the new bottleneck. This is compounded by the fact that using AI to review AI-generated code is problematic, akin to "students grading their own homework" (Source).
  • A New Wave of "Impossible" Startups is Here: Generative AI is making previously "dead" or overlooked product categories viable again (e.g., email clients) by enabling new features. The most significant opportunities often lie in applying LLMs to large, underutilized datasets, whether public or private (e.g., personal health records, camera rolls). However, this opportunity exists in a hyper-competitive environment where speed is critical and large labs like OpenAI are willing to ship competing products directly (Source).

Latest News & Techniques

  • Modular Agent Architectures Are Becoming Standard: The concept of monolithic, do-everything agents is giving way to more structured, modular designs. Anthropic's "Claude Agent Skills" provides a clear blueprint: separating portable expertise (Skills), project-specific context (Claude.md), data connections (MCP Servers), and specialized roles (Sub-agents). This separation of concerns allows for more scalable, maintainable, and context-efficient agentic systems (Source).
  • Reinforcement Fine-Tuning (RFT) is the "Big Unlock": According to an OpenAI PM, the most significant recent advance in fine-tuning is RFT (Reinforcement Fine-Tuning). It allows for much greater performance improvements from user data compared to older Supervised Fine-Tuning (SFT) methods, which were limited mostly to tone and style. OpenAI is actively experimenting with commercial incentives, such as discounted inference, for customers who share data from RFT runs (Source).
  • The Security Threat Landscape is Evolving: Prompt Injection is emerging as the new SQL Injection for applications with LLM backends. Developers must treat any user-controllable input that influences a prompt with the same skepticism and sanitization as they would a database query. Coding agents also introduce new risks, as a compromised agent with file system or API access could be instructed to insert a backdoor via a malicious Jira ticket or pull request (Source).

Emerging Ideas / Undercurrents

  • Deterministic vs. Non-Deterministic Agents: A debate is forming around the best way to build agents. For creative or exploratory tasks, freeform LLM reasoning is powerful. However, for enterprise, regulated, or procedural workflows, developers are building more constrained, deterministic agents using node-based editors, conversation trees, or pseudo-code to ensure rules are followed and outputs are predictable (Source).
  • The Model Stickiness Factor: Contrary to early predictions that developers would easily swap between different LLMs, models are proving to be "sticky." Startups build intricate "harnesses" of specific prompts, tools, and parsers around a particular model's behavior, creating significant switching costs and a form of platform lock-in (Source).
  • Model-Specific Quirks Matter: Practitioners are discovering that different models have unique personalities and failure modes. For example, one developer noted that for code generation, Codex can be "lazy" about using tools, while another observed that when Claude says, "you're absolutely right," it's often a "bad omen" indicating a need to clear the context window (Source). This underscores the need for deep, hands-on evaluation rather than just relying on benchmark scores.

Actionable Steps ("Header Actions")

  • Review Your Agent Architecture: Adopt a modular approach inspired by Claude's Skills. Separate your agent's core logic into: 1) portable, reusable tools/skills, 2) project-specific context files stored in your repo, and 3) a data access layer.
  • Implement a Multi-Model Debugging Workflow: When your primary LLM fails to solve a complex coding or debugging task, systematically switch to a different model (e.g., from a GPT variant to a Claude variant). A different model often provides a new perspective that can break through the impasse.
  • Audit for Prompt Injection: Add prompt injection to your security checklist. Review all user inputs that are passed into an LLM context and treat them as untrusted, just as you would for SQL injection or XSS vulnerabilities.
  • Prototype a "Memory Layer": Identify a private, underutilized dataset your product has access to (e.g., user's browser history, support tickets, project documents). Build a small proof-of-concept that uses a RAG pipeline to provide this data as context to an LLM, testing the value of a personalized intelligence layer.

Source Highlights

  • How OpenAI Builds for 800 Million Weekly Users: An interview with an OpenAI Product Lead covering the evolution of fine-tuning (RFT), the shift to "context engineering," the stickiness of models, and best practices for building deterministic agents.
  • Claude Agent Skills Explained: A concise, technical explanation of Anthropic's modular architecture for building scalable and context-efficient agents, introducing the concept of "progressive disclosure."
  • Code security for software engineers: A deep dive into the new security landscape created by generative AI, highlighting the shift from writing to verifying code, the rise of prompt injection, and the new risks posed by coding agents.
  • The Arc to Dia Story: A strategic case study on pivoting a successful product to build for the AI-native future, emphasizing that application memory and personalization are the ultimate competitive moat.

← More from Agentic Coding