The Iron Laws of Agentic Coding
AI agents write code fast. That is the easy part.
The hard part is making sure they write the right code, in the right place, for the right reasons — and that you can prove it afterward. Speed without control is not velocity. It is drift with a confident smile.
These sixteen laws are not best practices. They are not tips. They are constraints — hard-won from production pipelines, multi-agent builds, and the kind of failures that only happen when you trust a system that cannot doubt itself.
If you are building with agents, these are the walls of the corridor. Stay inside them, and you move fast. Step outside, and you will learn why they exist.
01. Strip Rationales Before Review
Work submitted for adversarial review must not include explanations, rationales, or justifications.
This is counterintuitive. We are trained to show our work, to explain our reasoning. But when a reviewer sees a rationale alongside an artifact, they are primed to agree. The explanation becomes a crutch — the reviewer evaluates the argument instead of the output.
The reviewer must find their own reasons to trust — or distrust — the work. If the artifact cannot stand on its own, the rationale is doing load-bearing work that should scare you.
Rationales belong in the author’s notes, not the reviewed artifact.
02. Halt on Ambiguity
Agents must stop and surface uncertainty rather than invent solutions.
Build explicit halt conditions into every agent prompt. An agent that says “I wasn’t sure, so I…” has already failed. That sentence is a confession dressed as initiative.
Confident-sounding wrong answers are the most expensive kind. They pass review, they ship to production, and they detonate on a timeline you did not choose. A halted agent is an inconvenience. A confidently wrong agent is a liability.
03. Scope Is a Contract
Every agent invocation must have explicit, written scope boundaries. Agents must not self-expand their mandate.
Any discovered scope change requires human authorization before proceeding. An agent that “notices something while it’s in there” is operating outside its authority. It does not matter how helpful the fix looks. Unauthorized helpfulness is how you get surprise refactors in a hotfix branch.
Scope is not a suggestion. It is a contract. Enforce it.
04. No Secrets in Context
Credentials, API keys, tokens, and PII must never pass through agent prompts or context windows.
Use environment variables and scoped secret managers with minimum viable access. An agent that knows your secrets is a liability in every log, trace, and replay of that session — and every session that inherits that context.
This is not paranoia. This is the minimum bar.
05. Interrogate Before You Iterate
Before you build, use an agent to expand and pressure-test your prompt through structured questioning.
Start broad. Answer questions. Dial in scope and phasing. Let the agent find the gaps in your thinking before you hand it a keyboard.
A prompt written in five minutes will be debugged for five weeks. A prompt interrogated for thirty minutes ships on the first try.
06. Spec Before You Build
Produce a written specification before deploying any agent to build. The spec is not a formality — it is the source of truth agents reason against.
Without a spec, every agent invents its own ground truth. Two agents building from vibes will produce two systems that almost work together, which is worse than two systems that obviously don’t.
The spec does not need to be long. It needs to be authoritative.
07. Subagents Isolate Context
Use agent teams to partition work and preserve focus. One agent, one concern.
A bloated context is a confused agent. When an agent holds the entire codebase in its context window, it starts making connections that do not exist, referencing patterns from files it read three thousand tokens ago, and “improving” things nobody asked it to touch.
Isolation is not overhead. It is how you keep reasoning sharp across a long pipeline.
08. Scripts Handle Determinism
Deterministic steps belong in typed, fast scripts — not in model reasoning.
If the output of a step is fully defined by its inputs, a script is faster, cheaper, auditable, and correct. Every time. Without exception. Without temperature.
Never ask a model to reason through what code can compute. A model that parses JSON is a model that sometimes parses JSON.
09. State Travels Explicitly
Never assume an agent inherits knowledge from a prior agent.
Pass complete state at every handoff: what was received, what was produced, what comes next. Include the artifacts, not references to artifacts. Include the decisions, not assumptions about decisions.
Implicit state is a silent bug with a long fuse. You will not find it in testing. You will find it in production, on a Friday, when the agent that “knew” something turns out to have hallucinated the memory.
10. Work in Reversible Steps
Every agent run must leave the codebase in a committable or rollback-able state.
Structure agent work around atomic commits. Each commit is a checkpoint. Each checkpoint is an escape hatch. If the next phase fails, you revert to the last good state — not to the beginning of a three-hour run.
An agent that ran for three hours with no commit is not a workflow. It is a hostage situation.
11. Match the Agent to the Task
Every agent has a grain — work with it.
Claude excels at conversational, iterative reasoning during active coding sessions. Codex performs best given a detailed specification and a hands-off window. Gemini leads on visual design and frontend fidelity.
Selecting the wrong agent does not produce errors you can see. It produces errors at the speed of automation — subtle, plausible, and everywhere. Know your tools. Use them where they are strong.
12. Every Phase Needs an Adversary
Every team or phase must include an adversarial review agent that validates independently.
The adversary demands proof. It rejects assumptions. It does not care about your timeline. Agreement is not validation — independent verification is.
A pipeline without an adversary is a pipeline that agrees with itself. That is not quality. That is an echo chamber with commit access.
13. Follow the Testing Pyramid
Automated tests and static analysis are table stakes. Guardrails must be firm and set to high thresholds.
Prefer unit tests, then feature tests, then integration tests. Pre-commit hooks must run fast tests, linters, and type checks on every commit without exception.
If your agents can commit without passing tests, your agents can break production. It is only a matter of when.
14. Humans Validate Tests
A human engineer must review test assertions and test bodies before work is authorized to proceed.
Agent-written tests that assert nothing breed false confidence. A test that checks expect(true).toBe(true) is not a test. It is a green checkmark that covers for a failure no one has found yet.
A useless test is worth less than nothing — it provides cover for failure.
15. Log Every Decision
Every agent action must be logged with enough context to reconstruct the reasoning: what ran, why, in what order, and with what result.
This is not optional. This is not a nice-to-have for mature teams. This is how you own your codebase.
If you cannot explain what your agents did yesterday, you do not own your codebase. Your agents do. And they do not remember.
16. The Human Is the Architect
System architecture, data models, API contracts, and security boundaries must be defined and approved by a human engineer before any agent is deployed.
Agents build. Humans design. This line is not negotiable.
An agent can scaffold a system faster than any human. But an agent cannot tell you whether the system should exist. It cannot weigh the political cost of a breaking API change. It cannot feel the weight of a data model that will outlive the team that built it.
Design is judgment. Agents do not have judgment. They have capability — which is a different thing entirely.
These are not suggestions. They are constraints — the kind that make speed possible by making catastrophe unlikely. Tape them to the wall. Encode them in your prompts. Enforce them in your pipelines. And when an agent asks you to relax one, ask yourself what you are trading away.