# Agent Patterns > Patterns and techniques for experienced developers leveling up with AI coding assistants. ## Overview - [About Agent Patterns](https://agentpatterns.ai/about/): A practitioner's catalogue of patterns and primitives for engineers building with AI coding assistants. - [Concept Map](https://agentpatterns.ai/concepts/): All site content grouped by theme, cutting across sections. Find related concepts regardless of where they live in th... - [Engineering: Tools, Review, Verification, Security, and Observability](https://agentpatterns.ai/engineering/): The engineering disciplines that turn agent prototypes into production systems — tool design, code review, verificati... - [Foundations: Context Engineering and Instructions](https://agentpatterns.ai/foundations/): The two disciplines that underpin every effective agent interaction: what information enters the context window, and ... - [Reference: Standards, Human Factors, Emerging, and Fallacies](https://agentpatterns.ai/reference/): Standards, human factors, emerging trends, and reasoning fallacies that provide broader context for AI-assisted devel... ## Context Engineering - [Context Engineering](https://agentpatterns.ai/context-engineering/): The discipline of designing what information enters a model's context window, how it is structured, and what is exclu... - [AOCI: Symbolic-Semantic Repository Indexing](https://agentpatterns.ai/context-engineering/aoci-symbolic-semantic-indexing/): A persistent repository blueprint pairing each entry's symbolic architectural coordinates with semantic content — rea... - [App-Window Snapshot as Agent Context](https://agentpatterns.ai/context-engineering/app-window-snapshot-context/): Bind one keystroke to send the active app window — rendered screenshot plus accessibility-tree text — to an agent as ... - [Attention Sinks: Why First Tokens Always Win](https://agentpatterns.ai/context-engineering/attention-sinks/): Transformer models disproportionately attend to initial tokens regardless of their semantic content — position determ... - [Chunking Strategy for RAG-Based Code Completion](https://agentpatterns.ai/context-engineering/chunking-strategy-rag-code-completion/): For line-level code completion, function-based chunking is the wrong default; use Sliding Window or cAST, and doublin... - [Codebase-Derived Pattern Libraries as Agent Context](https://agentpatterns.ai/context-engineering/codebase-pattern-library-context/): A library of proven implementations mined from your own repositories, indexed by intent and served to an agent as ret... - [Component-Wise RAG Prioritization for Software Engineering Tasks](https://agentpatterns.ai/context-engineering/rag-component-prioritization-software-engineering/): For software engineering RAG, retriever choice influences quality more than generator choice, and BM25 is the robust ... - [Compositional Skill Routing for Large Skill Libraries](https://agentpatterns.ai/context-engineering/compositional-skill-routing/): Decompose a query into atomic sub-tasks, retrieve one skill per sub-task, then compose the plan — earns its cost only... - [Context Budget Allocation: Spending Every Token Wisely](https://agentpatterns.ai/context-engineering/context-budget-allocation/): Context is a finite budget — every token preloaded into the context window displaces a token available for reasoning,... - [Context Compression Strategies: Offloading and Summarisation](https://agentpatterns.ai/context-engineering/context-compression-strategies/): Tiered compression — offloading large payloads and summarising history — keeps long-running agents within the context... - [Context Engineering: The Practice of Shaping Agent Context](https://agentpatterns.ai/context-engineering/context-engineering/): Context engineering designs what enters a model's context window, how it is structured, and what is excluded — to max... - [Context Hub: On-Demand Versioned API Docs for Coding Agents](https://agentpatterns.ai/context-engineering/context-hub/): Fetch current, versioned API documentation into agent context at generation time so agents write against the live spe... - [Context Priming: Pre-Loading Files for AI Agent Tasks](https://agentpatterns.ai/context-engineering/context-priming/): Load relevant context before asking an agent to act — the order information enters the context window shapes the qual... - [Context Window Anxiety: Countering Premature Task Closure](https://agentpatterns.ai/context-engineering/context-window-anxiety/): Advanced models exhibit behavioral shortcuts as context limits approach — strategic buffers, counter-prompting, and t... - [Context Window Management: Understanding the Dumb Zone](https://agentpatterns.ai/context-engineering/context-window-dumb-zone/): Output quality degrades as context fills, but the onset depends on task type — retrieval, reasoning, and code generat... - [Context-Injected Error Recovery](https://agentpatterns.ai/context-engineering/context-injected-error-recovery/): When a tool call fails, inject structured error context — the error message, previous attempts, and targeted recovery... - [Context-Window Diagnostic Tooling: Identifying Context-Heavy Tools](https://agentpatterns.ai/context-engineering/context-window-diagnostic-tooling/): Diagnostic tooling attributes context-window growth to specific tool calls so you optimize the real culprit rather th... - [Cross-Lingual Prompt Preprocessing (Local-LLM Token Arbitrage)](https://agentpatterns.ai/context-engineering/cross-lingual-prompt-preprocessing/): Cross-lingual preprocessing translates non-English prompts to English via a local small model, arbitraging BPE tokeni... - [Deterministic Anchoring: Static Facts as Stable Context](https://agentpatterns.ai/context-engineering/deterministic-anchoring/): Inject call-graph, inheritance, and config-dependency facts as plain-text comments so a code agent's navigation conve... - [Disable Attribution Headers to Preserve KV Cache in Local Inference](https://agentpatterns.ai/context-engineering/kv-cache-invalidation-local-inference/): When Claude Code prepends an attribution header to prompts sent to local models, it invalidates the KV cache on every... - [Discoverable vs Non-Discoverable Context](https://agentpatterns.ai/context-engineering/discoverable-vs-nondiscoverable-context/): Only put non-discoverable information in agent instruction files — if the agent can find it in the codebase, let it f... - [Dynamic System Prompt Composition](https://agentpatterns.ai/context-engineering/dynamic-system-prompt-composition/): Build system prompts from modular, priority-ordered sections rather than monolithic static text — enabling mode-speci... - [Elastic Context Orchestration](https://agentpatterns.ai/context-engineering/elastic-context-orchestration/): Elastic context orchestration picks one of five retention operations per turn instead of accumulating raw trajectory ... - [Environment Specification as Context](https://agentpatterns.ai/context-engineering/environment-specification-as-context/): Specify your software environment — dependency versions, runtime constraints, OS — as explicit agent context to preve... - [Error Preservation in Context](https://agentpatterns.ai/context-engineering/error-preservation-in-context/): Keep failed actions and error traces visible in the agent's context window. Error history acts as negative examples t... - [Evolving Playbooks: Incremental Context That Preserves Knowledge](https://agentpatterns.ai/context-engineering/evolving-playbooks/): Structured delta entries that accumulate and refine agent strategies prevent the brevity bias and context collapse th... - [Exclude Dynamic System Prompt Sections for Cross-Machine Cache Sharing](https://agentpatterns.ai/context-engineering/exclude-dynamic-system-prompt-sections/): Strip per-machine context from the Claude Code system prompt so SDK fleets and CI runners share one cached prefix acr... - [Filter and Aggregate Data in the Execution Environment](https://agentpatterns.ai/context-engineering/filter-aggregate-execution-env/): Run data processing logic inside the code execution sandbox before surfacing results to the model, so only the releva... - [Goal Recitation: Countering Drift in Long Sessions](https://agentpatterns.ai/context-engineering/goal-recitation/): Periodically rewrite objectives, to-do lists, and status summaries at the tail of context to exploit recency bias and... - [Grounding Agents in Code the Model Has Never Seen](https://agentpatterns.ai/context-engineering/grounding-zero-prior-code/): Models never say "I don't know" about proprietary code — they generate the closest public API in training, so groundi... - [Instruction-Guided Code Completion](https://agentpatterns.ai/context-engineering/instruction-guided-code-completion/): Functional correctness and instruction adherence are independent capabilities — a model that completes code correctly... - [Layered Context Architecture](https://agentpatterns.ai/context-engineering/layered-context-architecture/): Ground agents in multiple distinct context sources — schema, code, institutional knowledge, and persistent memory — r... - [Live Browser as Agent Context Channel](https://agentpatterns.ai/context-engineering/live-browser-context-channel/): Wiring an agent to read the developer's running browser tabs removes copy-paste friction but pulls the logged-in sess... - [LLM-Driven Logical Retrieval: Boolean Queries over an Inverted Index](https://agentpatterns.ai/context-engineering/llm-driven-logical-retrieval/): A frontier LLM emits AND/OR/NOT logical queries against an inverted index — matching hybrid retrieval at scale and 41... - [Lost in the Middle: The U-Shaped Attention Curve](https://agentpatterns.ai/context-engineering/lost-in-the-middle/): Model attention is strongest at the start and end of a context window; content in the middle receives significantly l... - [Manual Compaction as Dumb Zone Mitigation](https://agentpatterns.ai/context-engineering/manual-compaction-dumb-zone-mitigation/): Auto-compaction fires at ~95% context fill — long after reasoning quality has degraded. Manual compaction reframes co... - [Narrative Problem Reformulation for Code Generation](https://agentpatterns.ai/context-engineering/narrative-problem-reformulation/): Reformulate a scattered code-generation prompt into a coherent narrative with a task overview, constraints, and examp... - [Observation Masking: Filter Tool Outputs from Context](https://agentpatterns.ai/context-engineering/observation-masking/): Strip intermediate tool results from conversation history once they have served their purpose to keep active context ... - [PEEK: Orientation Cache for Recurring-Context Agents](https://agentpatterns.ai/context-engineering/peek-orientation-cache/): A constant-sized prompt artifact caching orientation knowledge — what a recurring context holds and how it is organis... - [Phase-Specific Context Assembly](https://agentpatterns.ai/context-engineering/phase-specific-context-assembly/): Phase-specific context assembly tailors the context bundle to each agent's role: planners get summaries, workers get ... - [Prompt Caching: Architectural Discipline for Agents](https://agentpatterns.ai/context-engineering/prompt-caching-architectural-discipline/): Treat prompt caching as a structural constraint that shapes how you compose, extend, and compact agent context — not ... - [Prompt Chaining: Sequential LLM Calls for Agent Workflows](https://agentpatterns.ai/context-engineering/prompt-chaining/): Decompose a complex task into a sequence of LLM calls where each step processes the previous output, enabling verific... - [Prompt Compression: Maximizing Signal Per Token](https://agentpatterns.ai/context-engineering/prompt-compression/): Write instructions that convey the same guidance in fewer words — because shorter, denser instructions improve agent ... - [Prompt Layering: How Instructions Stack and Override](https://agentpatterns.ai/context-engineering/prompt-layering/): Prompt layering stacks agent instructions across four sources — system prompt, project instructions, skill content, u... - [Repository Map Pattern: AST + PageRank for Dynamic Code Context](https://agentpatterns.ai/context-engineering/repository-map-pattern/): Parse source files with tree-sitter to extract structural symbols, rank them by graph importance, then binary-search ... - [Repository-Level Retrieval for Code Generation](https://agentpatterns.ai/context-engineering/repository-level-retrieval-code-generation/): Grounding code generation in repository-wide context -- dependency graphs, cross-file references, and structural embe... - [Retrieval-Augmented Agent Workflows: On-Demand Context](https://agentpatterns.ai/context-engineering/retrieval-augmented-agent-workflows/): Pull context into the agent at the moment it is needed rather than preloading it at session start. - [Schema-Guided Graph Retrieval](https://agentpatterns.ai/context-engineering/schema-guided-graph-retrieval/): Use one shared domain schema across graph construction, query decomposition, and typed retrieval to reduce noise and ... - [Seeding Agent Context: Breadcrumbs in Code](https://agentpatterns.ai/context-engineering/seeding-agent-context/): Seed breadcrumbs — files, comments, and markers — that agents discover during exploration and use to shape their beha... - [Selective Rewind Summarization: Compress Earlier Turns, Keep Recent Ones Intact](https://agentpatterns.ai/context-engineering/selective-rewind-summarization/): A user-chosen cut point compresses earlier turns to a summary while the recent turns stay verbatim — a targeted alter... - [Semantic Context Loading: Language Server Plugins for Agents](https://agentpatterns.ai/context-engineering/semantic-context-loading/): Query codebases through Language Server Protocol semantics — symbol lookup, reference finding, type navigation — rath... - [Semantic Density Optimization for Agent Codebases](https://agentpatterns.ai/context-engineering/semantic-density-optimization/): Semantic density optimization maximizes task-relevant tokens for agents — cut structural ceremony while preserving na... - [Source Code Minification for State-in-Context Agents](https://agentpatterns.ai/context-engineering/source-code-minification-trade-off/): Source code minification cuts agent input tokens 42% on SWE-bench Verified but drops resolution rate from 50% to 38% ... - [Stateful Iteration State-Carry: Typed Persistent State for Long Agent Loops](https://agentpatterns.ai/context-engineering/stateful-iteration-state-carry/): Carry agent state across iterations through a state-read tool instead of replaying the full transcript each turn — co... - [Structure Prompts with Static Content First to Maximize Cache Hits](https://agentpatterns.ai/context-engineering/static-content-first-caching/): Place static content (instructions, tool definitions) at the prompt's start and variable content last to maximize cac... - [Structured Domain Retrieval: Knowledge Graphs and Case-Based Reasoning](https://agentpatterns.ai/context-engineering/structured-domain-retrieval/): A knowledge graph of package-function hierarchies plus coverage-driven case selection retrieves domain context that f... - [Turn-Level Context Decisions](https://agentpatterns.ai/context-engineering/turn-level-context-decisions/): Each completed turn is a context decision point with five moves: continue, rewind, clear, compact, or delegate to a s... - [Validating Token-Optimized Formats Inside Agentic Loops](https://agentpatterns.ai/context-engineering/validate-token-optimized-formats-in-agentic-loops/): Token-optimized notations cut input tokens up to 27% but regress accuracy 9-14pp inside end-to-end agentic loops — va... ## Instructions - [Instructions](https://agentpatterns.ai/instructions/): Patterns for writing, structuring, and governing the instruction files and system prompts that shape agent behavior. - [@import Composition Pattern for Instruction Files](https://agentpatterns.ai/instructions/import-composition-pattern/): Claude Code supports `@path/to/file` imports in CLAUDE.md, enabling modular instruction authoring. Other major agent ... - [Acknowledged-Debt Ledger with Next-Trigger Conditions](https://agentpatterns.ai/instructions/acknowledged-debt-ledger/): Replace ambient TODO comments with one versioned ledger where every deferred item carries an observable Next Trigger ... - [Agent Config as a Managed Supply Chain](https://agentpatterns.ai/instructions/agent-config-as-managed-supply-chain/): Pin agent config files by content hash and declared permissions so consumers know what bytes they read and approvers ... - [Agent Context File Evolution: Treating ACFs as Configuration Code](https://agentpatterns.ai/instructions/agent-context-file-evolution/): Agent Context Files grow monotonically; pair every add-on-drift update with a compact pass that deletes or consolidates. - [AGENTS.md as a Table of Contents, Not an Encyclopedia](https://agentpatterns.ai/instructions/agents-md-as-table-of-contents/): Keep AGENTS.md to ~100 lines as a pointer map into a versioned docs/ directory, and tag each terminal rule with sourc... - [AGENTS.md Design Patterns for Effective Agent Files](https://agentpatterns.ai/instructions/agents-md-design-patterns/): Effective AGENTS.md files give agents a specific job description — not a vague identity — using four patterns drawn f... - [CLAUDE.md Convention for Structuring Agent Instructions](https://agentpatterns.ai/instructions/claude-md-convention/): CLAUDE.md is Claude Code's project-level instruction file -- a Markdown file that Claude Code reads at session start ... - [claudeMdExcludes: Selective Ancestor Instruction-File Exclusion](https://agentpatterns.ai/instructions/claude-md-excludes/): Skip specific ancestor CLAUDE.md files by glob so an agent launched from a monorepo root does not load conventions fo... - [Configuration File Structure Does Not Drive Compliance](https://agentpatterns.ai/instructions/configuration-file-structure-compliance-gap/): Within realistic file sizes, rearranging configuration files does not measurably improve agent compliance. The lever ... - [Constraint Degradation in AI Code Generation](https://agentpatterns.ai/instructions/constraint-degradation-code-generation/): LLM code generation accuracy drops sharply as the number of simultaneous constraints increases — reduce constraint lo... - [Constraint Encoding Does Not Fix Constraint Compliance](https://agentpatterns.ai/instructions/constraint-encoding-compliance-gap/): Reformatting constraints — more structured, more compact, more formal — does not improve how reliably models follow t... - [Content Exclusion Gap: AI Security Boundaries by Mode](https://agentpatterns.ai/instructions/content-exclusion-gap/): Content exclusion rules that work for completions and chat can be silently ignored by agent-mode features. - [Contractual Skill Files](https://agentpatterns.ai/instructions/contractual-skill-files/): Structure `SKILL.md` as a fixed schema of governance fields when enterprise audit and multi-author review are the bot... - [Controlling Agent Output: Concise Answers, Not Essays](https://agentpatterns.ai/instructions/controlling-agent-output/): Matching the agent's response format to what you actually need reduces noise and preserves context budget. - [Convention Over Configuration for Agent Workflows](https://agentpatterns.ai/instructions/convention-over-configuration/): Reduce agent decision-making by encoding the right choice into naming conventions, directory structure, and label sch... - [Cost-Aware Skill Rewriting: Preserve Operational Anchors, Not Skill Tokens](https://agentpatterns.ai/instructions/cost-aware-skill-rewriting/): Rewriting a skill is an economic trade-off — stripping sparse operational anchors makes the agent explore and retry, ... - [Critical Instruction Repetition via Primacy and Recency Bias](https://agentpatterns.ai/instructions/critical-instruction-repetition/): Repeating a critical instruction at a prompt's start and end exploits primacy and recency bias for higher compliance ... - [Domain-Specific System Prompts with Concrete Examples](https://agentpatterns.ai/instructions/domain-specific-system-prompts/): Generic instructions produce mediocre reasoning. Domain-specific system prompts with worked examples produce consiste... - [Empirical Baseline: How Developers Configure Agentic AI Coding Tools](https://agentpatterns.ai/instructions/empirical-baseline-agentic-config/): A study of 2,923 GitHub repositories finds that context files dominate configuration while advanced mechanisms — Skil... - [Encode Project Conventions in Distributed AGENTS.md Files](https://agentpatterns.ai/instructions/agents-md-distributed-conventions/): Capture team-specific patterns, style rules, and tooling requirements in AGENTS.md files throughout the codebase so e... - [Encoding Product-Design Taste into Agent Context](https://agentpatterns.ai/instructions/encoding-product-design-taste/): Encoded product-design decisions steer agents inside the design space that tokens and lint already enforce — not a re... - [Encoding Values in AGENTS.md: Why Prose Without Verification Fails](https://agentpatterns.ai/instructions/encoding-values-in-agents-md/): Values written as AGENTS.md prose rarely change agent behavior; pair each one with a verification command or move it ... - [Enforcing Agent Behavior with Hooks](https://agentpatterns.ai/instructions/enforcing-agent-behavior-with-hooks/): Move critical rules out of prompts into deterministic shell hooks the model cannot override — blocking forbidden acti... - [Evaluating AGENTS.md: When Context Files Hurt More Than Help](https://agentpatterns.ai/instructions/evaluating-agents-md-context-files/): Auto-generated context files reduce task success rates. Human-written files improve success only when they contain mi... - [Event-Driven System Reminders](https://agentpatterns.ai/instructions/event-driven-system-reminders/): Inject targeted guidance at specific points during agent execution to combat instruction fade-out and reinforce safet... - [Example-Driven vs Rule-Driven Instructions](https://agentpatterns.ai/instructions/example-driven-vs-rule-driven-instructions/): Rules generalize and examples anchor — choosing between these instructions determines whether agents interpret your i... - [Feature List Files](https://agentpatterns.ai/instructions/feature-list-files/): Maintain a JSON feature list with per-feature status and acceptance criteria; agents work it sequentially and cannot ... - [Frozen Spec File](https://agentpatterns.ai/instructions/frozen-spec-file/): Write goals, non-goals, constraints, and completion criteria into an immutable file the agent reads but cannot modify... - [Getting Started: Setting Up Your Instruction File](https://agentpatterns.ai/instructions/getting-started-instruction-files/): The instruction file is the highest-leverage artifact in agent-assisted development: it gives agents the context to n... - [GROUNDING.md: Field-Scoped Hard Constraints and Convention Parameters](https://agentpatterns.ai/instructions/grounding-md-field-scoped-instructions/): GROUNDING.md splits rules into **hard constraints** that override user intent and **convention parameters** that supp... - [Guardrails Beat Guidance: Rule Design for Coding Agents](https://agentpatterns.ai/instructions/guardrails-beat-guidance-coding-agents/): For coding-agent rule files on SWE-bench, negative constraints are the only individually beneficial rule type; positi... - [Hierarchical CLAUDE.md: Structuring Context Files at Multiple Levels](https://agentpatterns.ai/instructions/hierarchical-claude-md/): Layer CLAUDE.md files at multiple scopes so each agent session receives only the context relevant to its working loca... - [Hints Over Code Samples in Agent Prompts](https://agentpatterns.ai/instructions/hints-over-code-samples/): Point agents at existing code instead of pasting samples into instructions. Hints stay current as the codebase evolve... - [Hooks for Enforcement vs Prompts for Guidance](https://agentpatterns.ai/instructions/hooks-vs-prompts/): Prompts request behavior; hooks require it. Use prompts for judgment calls and context-dependent guidance; use hooks ... - [HTML as Agent Output Format: When to Ask for HTML Instead of Markdown](https://agentpatterns.ai/instructions/html-as-output-format/): Markdown defaulted because it fit 8K-token windows; on frontier models, ask for HTML to unlock interactive artifacts ... - [Instruction Polarity: Positive Rules Over Negative](https://agentpatterns.ai/instructions/instruction-polarity/): Positive directives — what to do — outperform negative instructions — what not to do — in agent compliance, especiall... - [Iterative Binary Feedback for Pattern Adherence](https://agentpatterns.ai/instructions/iterative-binary-feedback-pattern-adherence/): Looping a capable model with yes/no pattern judgments from a deterministic checker beats verbose critique when the pr... - [Layer Agent Instructions by Specificity Across Scopes](https://agentpatterns.ai/instructions/layered-instruction-scopes/): Structure agent instructions in concentric layers — global defaults, project-level files, and directory overrides — s... - [Living-Docs-Grounded Agent Design Conversations](https://agentpatterns.ai/instructions/living-docs-grounded-design-conversations/): Hand the agent your current domain glossary and architectural decision records during the design interview — the docs... - [Mermaid as Agent Output Format: When to Ask for a Diagram Instead of Prose](https://agentpatterns.ai/instructions/mermaid-as-agent-output-format/): Ask for a Mermaid block over prose for graph-shaped information, but only on surfaces that render it inline. The deci... - [Method Map: Failure-Mode to Smallest-Artifact Triage](https://agentpatterns.ai/instructions/method-map-failure-mode-triage/): A Method Map triages each observed failure mode to the smallest artifact that fixes it — add only that artifact, neve... - [Multi-Layer Specification Redundancy as a Robustness Budget](https://agentpatterns.ai/instructions/multi-layer-specification-redundancy/): Independent specification layers — description, constraints, examples, format — absorb prompt noise that degrades cod... - [Natural-Language Customization Bootstrap](https://agentpatterns.ai/instructions/natural-language-customization-bootstrap/): Describe a customization in plain language; the agent drafts the instruction file, skill, subagent, or hook in tool-s... - [Negative Space Instructions: What NOT to Do](https://agentpatterns.ai/instructions/negative-space-instructions/): Negative space instructions — exclusions and banned patterns — eliminate entire classes of mistakes more efficiently ... - [Post-Compaction Re-read Protocol](https://agentpatterns.ai/instructions/post-compaction-reread-protocol/): Compaction summarises conversation history but discards the soft operational knowledge agents accumulate by reading i... - [Probe-and-Refine Tuning of Repository Guidance for Coding Agents](https://agentpatterns.ai/instructions/probe-and-refine-guidance-tuning/): Tune repository guidance by probing the agent with synthetic bug-fix tasks and refining the file on diagnosed failure... - [Production System Prompt Architecture](https://agentpatterns.ai/instructions/production-system-prompt-architecture/): Production system prompts are not paragraphs of instructions — they are structured documents with named sections, exp... - [Project Instruction File Ecosystem](https://agentpatterns.ai/instructions/instruction-file-ecosystem/): The instruction file ecosystem is a set of overlapping per-project context files — `CLAUDE.md`, `.github/copilot-inst... - [Prompt File Libraries](https://agentpatterns.ai/instructions/prompt-file-libraries/): Store reusable, parameterized prompt templates as version-controlled files that team members invoke on demand, reduci... - [Prompt Governance via PR](https://agentpatterns.ai/instructions/prompt-governance-via-pr/): Govern agent prompt files like code: store them as markdown in git and review behaviour changes through pull requests... - [Prompt-Rewrite Discipline on Cross-Generation Model Migration](https://agentpatterns.ai/instructions/prompt-rewrite-on-cross-generation-migration/): On a cross-generation migration, discard the inherited prompt stack, rebuild the smallest prompt that holds the produ... - [Rule Lifecycle Metadata for Prunable Instruction Surfaces](https://agentpatterns.ai/instructions/rule-lifecycle-metadata/): Tagging each rule with its source, applicability, and expiry condition turns the rule-budget audit from a counting ex... - [Security Knowledge Priming for Code Generation (SPARK)](https://agentpatterns.ai/instructions/security-knowledge-priming/): A brief task-relevant CWE cue in the prompt activates the model's latent security knowledge — useful as a supplement ... - [Shared Context Bundle Registry for Agent Teams](https://agentpatterns.ai/instructions/shared-context-bundle-registry/): A versioned, addressable store of context bundles — AGENTS.md, skills, policies — that multiple agents pull at runtim... - [Stage-Targeted Prompt Structure for Pull Request Outcomes](https://agentpatterns.ai/instructions/stage-targeted-prompt-structure-pr-outcomes/): Prompt structure splits into Specificity, Context, and Verification — each moves a different pull request stage; diag... - [Standards as Agent Instructions](https://agentpatterns.ai/instructions/standards-as-agent-instructions/): A standards file that is actionable for humans is, verbatim, an instruction file for agents — the same document does ... - [System Prompt Altitude: Specific Without Being Brittle](https://agentpatterns.ai/instructions/system-prompt-altitude/): System prompts fail when too brittle on edge cases or too vague to constrain. The right altitude produces consistent ... - [System Prompt Replacement for Domain-Specific Agent Personas](https://agentpatterns.ai/instructions/system-prompt-replacement/): Replace the default coding-focused system prompt entirely to transform an agent into a domain specialist while preser... - [Task List Divergence as Instruction Quality Diagnostic](https://agentpatterns.ai/instructions/task-list-divergence-diagnostic/): Use the gap between an agent's generated task list and your intended steps as a systematic signal for instruction wea... - [The Instruction Compliance Ceiling](https://agentpatterns.ai/instructions/instruction-compliance-ceiling/): Instruction compliance degrades as rule count grows — adding more rules past a threshold produces omission errors, no... - [The Specification as Prompt: Existing Artifacts as Agent Instructions](https://agentpatterns.ai/instructions/specification-as-prompt/): Use types, schemas, tests, and API definitions as agent instructions instead of natural language descriptions. - [Three Knowledge Tiers: Sourced, Unverified, Hallucinated](https://agentpatterns.ai/instructions/three-knowledge-tiers/): Classify agent knowledge into three tiers — sourced, unverified, and hallucinated — to preserve useful training knowl... - [Ubiquitous Language for AI Plans](https://agentpatterns.ai/instructions/ubiquitous-language-for-ai-plans/): A maintained domain glossary plus a small ADR set anchors agent plans to the codebase's vocabulary, surfacing termino... - [WRAP Framework for Writing Agent-Ready Issue Descriptions](https://agentpatterns.ai/instructions/wrap-framework-agent-instructions/): A four-step checklist for writing agent-ready task descriptions that maximize autonomous execution quality: Write eff... ## Agent Design - [Agent Design](https://agentpatterns.ai/agent-design/): Architecture, delegation, memory, control, reliability, and harness patterns for building effective agents. - [ACID for Agent Repository State](https://agentpatterns.ai/agent-design/acid-for-agent-repository-state/): Apply database transaction theory — Atomicity, Consistency, Isolation, Durability — as the operating contract for how... - [Adaptive Generate-Rank-Verify Under Costly Verification](https://agentpatterns.ai/agent-design/adaptive-generate-rank-verify/): Generate candidates cheaply, rank with a cheap signal, then spend the expensive verifier only on top-ranked candidate... - [Agent Backpressure: Automated Feedback for Self-Correction](https://agentpatterns.ai/agent-design/agent-backpressure/): Automated tooling — type systems, test suites, linters, CI pipelines — creates feedback loops that agents use to self... - [Agent Circuit Breaker](https://agentpatterns.ai/agent-design/agent-circuit-breaker/): A per-tool circuit breaker tracks each external tool's failures and blocks calls once it degrades, stopping agents fr... - [Agent Composition Patterns for Multi-Agent Workflows](https://agentpatterns.ai/agent-design/agent-composition-patterns/): Multi-agent workflows follow four structural patterns — sequential chains, parallel fan-out, staged pipelines, and su... - [Agent Development Lifecycle for Agent Products](https://agentpatterns.ai/agent-design/agent-development-lifecycle/): A four-phase loop — build, test, deploy, monitor — for teams whose unit of work is the agent, with verdict-labelled t... - [Agent Event Streaming: Consumer Contract Above the Tokens](https://agentpatterns.ai/agent-design/agent-event-streaming-model/): A typed event stream the harness emits at decision points. UIs subscribe to this contract instead of raw token deltas... - [Agent Harness: Initializer and Coding Agent](https://agentpatterns.ai/agent-design/agent-harness/): A two-phase agent harness pairs an initializer that prepares the environment with a coding agent that resumes from an... - [Agent JIT Compilation](https://agentpatterns.ai/agent-design/agent-jit-compilation/): JIT compilation compiles a natural-language task into one executable, contract-validated program — replacing the per-... - [Agent Memory Patterns: Learning Across Conversations](https://agentpatterns.ai/agent-design/agent-memory-patterns/): Persist knowledge across conversations using scoped memory systems so agents accumulate institutional knowledge rathe... - [Agent Project State Purge: Clean-Slate Session Reset](https://agentpatterns.ai/agent-design/agent-project-state-purge/): A primitive that tears down per-project session state — transcripts, auto-memory, indexed sessions — when contaminati... - [Agent Pushback Protocol](https://agentpatterns.ai/agent-design/agent-pushback-protocol/): A pushback protocol makes agents evaluate requests, surface concerns, and wait for explicit confirmation before execu... - [Agent Runtime Middleware](https://agentpatterns.ai/agent-design/agent-runtime-middleware/): Runtime middleware composes cross-cutting concerns — retry, redaction, cost caps, observability — as ordered pre/post... - [Agent Terminology Disambiguation for AI Coding Systems](https://agentpatterns.ai/agent-design/agent-terminology-disambiguation/): Eight overlapping terms — LLM workflow through autonomous agent — name distinct systems with distinct failure modes, ... - [Agent-Discoverable Slash Commands](https://agentpatterns.ai/agent-design/agent-discoverable-slash-commands/): Slash commands become model-callable primitives when the planner reads their descriptions and invokes them mid-loop, ... - [Agent-First Software Design](https://agentpatterns.ai/agent-design/agent-first-software-design/): Agent-first software design architects systems where AI agents are primary consumers — machine-readable APIs and stru... - [Agentic AI Architecture: From Prompt to Goal-Directed](https://agentpatterns.ai/agent-design/agentic-ai-architecture-evolution/): Goal-directed agentic architecture separates cognitive reasoning from execution, adds a multi-agent topology taxonomy... - [Agentic Flywheel: Self-Improving Agent Systems](https://agentpatterns.ai/agent-design/agentic-flywheel/): A closed loop where agents analyze their own operational data -- traces, test results, pipeline metrics -- and genera... - [Agentless vs Autonomous: When Simple Beats Complex](https://agentpatterns.ai/agent-design/agentless-vs-autonomous/): Complex autonomous software agents are often unnecessary and counterproductive. Simple, constrained workflows frequen... - [Agents vs Commands: Separation of Role and Workflow](https://agentpatterns.ai/agent-design/agents-vs-commands/): Commands define what to do; agents define who does it — separating orchestration from expertise lets you change eithe... - [Anthropic's Effective Agents Framework: A Pattern Map](https://agentpatterns.ai/agent-design/anthropic-effective-agents-framework/): Anthropic's *Building Effective Agents* framework names three building blocks — augmented LLM, five workflow patterns... - [AST-Grounded Critic Loop for Documentation Maintenance](https://agentpatterns.ai/agent-design/ast-grounded-doc-critic-loop/): Constrain doc generation to the code's Abstract Syntax Tree, retrieve only the dependency neighbourhood, and loop a s... - [Asynchronous Agent I/O and Speculative Tool Calling](https://agentpatterns.ai/agent-design/asynchronous-agent-io-and-speculative-tools/): Asynchronous tool I/O runs an event-driven FSM so latency is bounded by dispatch time, not tool completion; speculati... - [Attention Latch: When Agents Stay Anchored to Stale Instructions](https://agentpatterns.ai/agent-design/attention-latch/): Cumulative historical context in decoder-only Transformers can over-squash mid-task updates, leaving multi-turn agent... - [Auto Model Selection](https://agentpatterns.ai/agent-design/auto-model-selection/): Auto model selection hands per-task model choice to the harness, which picks from a vendor pool by health, policy, an... - [AX/UX/DX Triad: Three Experience Layers in Agent Systems](https://agentpatterns.ai/agent-design/ax-ux-dx-triad/): Agent Experience (AX), User Experience (UX), and Developer Experience (DX) are distinct design surfaces; optimizing o... - [Background Todo Agent](https://agentpatterns.ai/agent-design/background-todo-agent/): Route the agent's todo-list maintenance to a small background model so the frontier model spends its attention budget... - [Behavioral Drivers of Coding Agent Success and Failure](https://agentpatterns.ai/agent-design/behavioral-drivers-agent-success/): Aggregate resolve rates conceal why agents fail. Behavioral trajectory analysis reveals four failure clusters and thr... - [Classical SE Patterns as Agent Design Analogues](https://agentpatterns.ai/agent-design/classical-se-patterns-agent-analogues/): Classical GoF patterns and SOLID principles have direct structural analogues in agent systems. The vocabulary transfe... - [Classifier-Gated Auto-Permission for Cloud-IDE Coding Agents](https://agentpatterns.ai/agent-design/classifier-gated-auto-permission/): Classifier-gated auto-permission inspects each tool call and re-prompts only on escalations — a probabilistic safety ... - [Classifier-Subagent Run Mode for Per-Call Permission Routing](https://agentpatterns.ai/agent-design/classifier-subagent-run-mode/): A run mode routes each shell, MCP, and fetch call through allowlist, sandbox, then classifier subagent steered by pro... - [Classifying and Auto-Correcting Coding Agent Misbehaviors (Wink)](https://agentpatterns.ai/agent-design/wink-agent-misbehavior-correction/): An async trajectory-observer system that classifies misbehaviors into three categories and injects targeted course-co... - [Clock-In / Clock-Out Protocol: Bracketed Session Continuity](https://agentpatterns.ai/agent-design/clock-in-clock-out-protocol/): A deterministic protocol that brackets every agent session: read continuity artefacts on entry, update them on exit, ... - [Cloud-Agent Session Bootstrap](https://agentpatterns.ai/agent-design/cloud-agent-session-bootstrap/): Split a cloud agent's session bootstrap into a cached install phase and a per-session start phase so dependency churn... - [Cloud-Agent Three-Layer State Decoupling](https://agentpatterns.ai/agent-design/cloud-agent-state-layer-decoupling/): Split a cloud agent into three independent layers — agent loop, machine state, conversation state — so pods, sessions... - [CoALA Decision-Making Loop as an Orchestration Lens](https://agentpatterns.ai/agent-design/coala-decision-making-loop/): CoALA's propose -> evaluate -> select -> act loop is a vocabulary for locating where orchestration tactics intervene ... - [CoALA Memory Taxonomy as a Classifier for Harness Artifacts](https://agentpatterns.ai/agent-design/coala-memory-taxonomy-classifier/): Use CoALA's four memory types — working, episodic, semantic, procedural — to classify harness artifacts and surface c... - [CoALA Structured Action Space: Internal vs External Actions](https://agentpatterns.ai/agent-design/coala-structured-action-space/): CoALA splits agent actions into internal (reason, retrieve, learn) and external (ground) — the boundary surfaces cost... - [Code-Native Memory Substrates for Coding Agents](https://agentpatterns.ai/agent-design/code-native-memory-substrates/): Code-native memory roots agent state in codebase artifacts — VCS history, AST diffs, git-backed task graphs — so stru... - [Codebase Readiness for Agents: Agent-Friendly Code](https://agentpatterns.ai/agent-design/codebase-readiness/): Agents produce better output in codebases with strong types, comprehensive tests, consistent patterns, and documented... - [Coding Agent Scope Expansion: When to Extend Beyond the Codebase](https://agentpatterns.ai/agent-design/coding-agent-scope-expansion/): Extending a coding agent beyond the codebase only works when its scaffold — loops, verification, evals, credential bo... - [Cognitive Reasoning vs Execution: A Two-Layer Agent Architecture](https://agentpatterns.ai/agent-design/cognitive-reasoning-execution-separation/): Separate the agent layer that decides from the layer that acts — typed tool interfaces enforce the boundary and make ... - [Continual Learning for AI Agents: Three Layers of Knowledge Accumulation](https://agentpatterns.ai/agent-design/continual-learning-layers/): AI agents accumulate knowledge at three layers — model, harness, and context — and routing a fix to the wrong layer w... - [Critic Agent Pattern](https://agentpatterns.ai/agent-design/critic-agent-plan-review/): A second model reviews the primary agent's plan before execution begins, catching structural errors early when recove... - [Cross-Cycle Consensus Relay](https://agentpatterns.ai/agent-design/cross-cycle-consensus-relay/): A structured relay document that agents read at cycle start and write at cycle end, preserving decisions and forward ... - [Cross-Vendor Competitive Routing](https://agentpatterns.ai/agent-design/cross-vendor-competitive-routing/): Assign competing vendor agents to the same task, collect independent results, and let a human (or automated gate) sel... - [Decoupled Search Grounding: A Vendor-Agnostic Grounding Boundary](https://agentpatterns.ai/agent-design/decoupled-search-grounding/): Decoupled Search Grounding lifts retrieval out of the reasoning model and into an MCP-compatible gateway so provider,... - [Deep Agent Runtime: The Layer Beneath the Harness](https://agentpatterns.ai/agent-design/deep-agent-runtime/): The runtime is the layer beneath the harness — durable execution, lifecycle controls, streaming, versioned APIs. Long... - [Deferred Permission Pattern](https://agentpatterns.ai/agent-design/deferred-permission-pattern/): A `PreToolUse` hook returns `"defer"` to pause a headless Claude Code session at a tool call, exit cleanly with the p... - [Delegation Threshold Calibration for Orchestrator Agents](https://agentpatterns.ai/agent-design/delegation-threshold-calibration/): Calibrate when an orchestrator hands work to a sub-agent versus finishes it inline — handoff cost and review tax can ... - [Delta Channels: Bounded Checkpoint Storage for Append-Only Agent State](https://agentpatterns.ai/agent-design/delta-channels-checkpoint-storage/): A checkpoint primitive that stores only the per-step diff of append-only agent state and writes a full snapshot every... - [Deterministic Orchestration for Structured Modernization](https://agentpatterns.ai/agent-design/deterministic-orchestration-structured-modernization/): When a modernization workflow has a stable shape, encode orchestration in code and reserve the LLM for translation: c... - [Discrete Phase Separation](https://agentpatterns.ai/agent-design/discrete-phase-separation/): Each phase — research, planning, execution — runs in its own conversation. Only distilled artifacts cross boundaries,... - [Domain-Scoped Parallel Exploration for Multi-File Change Localization](https://agentpatterns.ai/agent-design/domain-scoped-parallel-localization/): Partition a localization agent's exploration along domain seams when a change actually spans multiple subsystems — th... - [Domain-Specific Agent Challenges](https://agentpatterns.ai/agent-design/domain-specific-agent-challenges/): Agent effectiveness varies by domain; frontend, infrastructure, and data engineering each impose distinct constraints... - [DSPy: Programmatic Prompt Optimization](https://agentpatterns.ai/agent-design/dspy-programmatic-prompt-optimization/): DSPy treats prompts as learnable parameters: given a metric and training examples, an optimizer searches the prompt a... - [Dual-Budget Control for Search Agents](https://agentpatterns.ai/agent-design/dual-budget-control-search-agents/): Dual-budget control lets a search agent under tool-call and token caps score each action by Value-of-Information per ... - [Dual-Trace Memory Encoding](https://agentpatterns.ai/agent-design/dual-trace-memory-encoding/): Dual-trace memory encoding pairs each fact with a narrative scene of when it was learned, improving cross-session and... - [Dual-Write Append-Mirror for Agent Transcript Externalization](https://agentpatterns.ai/agent-design/dual-write-append-mirror-transcript/): Write the agent transcript to local disk first; forward each batch to a remote store as a best-effort mirror that the... - [Durable Interactive Artifacts: Agent Output Outside the Transcript](https://agentpatterns.ai/agent-design/durable-interactive-artifacts/): A durable interactive artifact is an agent-produced workspace object that survives the session, re-runs against fresh... - [Editor and Manager Surface Separation in Agent IDEs](https://agentpatterns.ai/agent-design/editor-manager-surface-separation/): A two-surface UX pattern: an Editor for tactical edits and a Manager for dispatching and monitoring parallel agents. ... - [Effective Feedback Compute (EFC) for Harness Comparison](https://agentpatterns.ai/agent-design/effective-feedback-compute/): Effective Feedback Compute credits only feedback that is informative, valid, non-redundant, and retained — a trace-le... - [Emergent Architecture in AI-Driven Codebases](https://agentpatterns.ai/agent-design/agent-driven-codebase-fingerprint/): AI coding agents produce codebases with measurable architectural biases; recognizing the fingerprint lets teams audit... - [Episodic Memory Retrieval](https://agentpatterns.ai/agent-design/episodic-memory-retrieval/): Episodic memory retrieval surfaces past episodes -- not isolated facts -- so agents recall what was tried, what faile... - [Eval Strategy by Agent Generation: A Structure-to-Eval Locator](https://agentpatterns.ai/agent-design/eval-strategy-by-agent-generation/): Each architectural addition opens a failure surface the prior eval cannot see — pick eval surface from current struct... - [Evaluator-Optimizer Pattern for AI Agent Development](https://agentpatterns.ai/agent-design/evaluator-optimizer/): The evaluator-optimizer pattern loops a generator and an evaluator: the generator produces output, the evaluator crit... - [Event-Driven Agent Routing](https://agentpatterns.ai/agent-design/event-driven-agent-routing/): Event-driven agent routing reacts to status-change events — label additions, board transitions, PR changes — to advan... - [Exception Handling and Recovery Patterns](https://agentpatterns.ai/agent-design/exception-handling-recovery-patterns/): Exception handling decides whether a failing agent recovers and continues or fails catastrophically — corrupting stat... - [Executable Memory: User State as Code for Personalized Agents](https://agentpatterns.ai/agent-design/executable-memory-user-as-code/): Compile a user's memory log into typed code and call functions instead of retrieving passages — beats retrieval on ag... - [Execution Lineage: DAG of Artifacts vs Agent Loops](https://agentpatterns.ai/agent-design/execution-lineage-dag/): Execution lineage models revisable AI work as a DAG of artifacts with explicit dependencies and identity-based replay... - [Execution-First Delegation: The AI-as-Executor Pattern](https://agentpatterns.ai/agent-design/execution-first-delegation/): Execution-first delegation hands the agent an outcome and a set of boundaries instead of a step list, then lets it de... - [Experience Graphs as Structured Memory for Self-Evolving Agents](https://agentpatterns.ai/agent-design/experience-graphs-self-evolving-agents/): An experience graph links an agent's wins and failures as a relational structure, not flat episodic memory — only und... - [Externalization in LLM Agents](https://agentpatterns.ai/agent-design/externalization-in-llm-agents/): Reliable agents externalize cognitive burdens into persistent infrastructure rather than waiting for larger models — ... - [Feedback as Capability Equalizer](https://agentpatterns.ai/agent-design/feedback-capability-equalizer/): Weaker models with high-quality iterative feedback outperform stronger models operating without feedback — feedback l... - [Five-Failure-Layers Diagnostic: Attribute Before Swapping the Model](https://agentpatterns.ai/agent-design/five-failure-layers-diagnostic/): Force every observed agent failure through a fixed harness-layer attribution before swapping models. "The model is du... - [Fleet Harness Attribution: Pinning the Model to Compare Whole Harnesses](https://agentpatterns.ai/agent-design/fleet-harness-attribution/): Pin the model and task, swap whole harnesses, then measure pass rate and tokens across a model fleet to attribute out... - [Formal Process Models as Prompting Scaffolds (Petri Net of Thoughts)](https://agentpatterns.ai/agent-design/petri-net-of-thoughts/): Derive reasoning structure from process evidence — Petri net places define states, transitions define decisions, and ... - [Gateway Model Routing](https://agentpatterns.ai/agent-design/gateway-model-routing/): An Anthropic-compatible gateway serves inference and publishes the model catalogue, so one config knob drives both th... - [Generative Agents Memory Stream](https://agentpatterns.ai/agent-design/generative-agents-memory-stream/): A memory stream stores agent observations, scores retrieval by recency, relevance, and importance, and synthesizes re... - [Goal Contract: Separating the Doer from the Done-Checker](https://agentpatterns.ai/agent-design/goal-contract-completion-evaluator/): A goal contract is a user-declared completion condition that a separate evaluator model checks after every turn — com... - [Goal Monitoring and Progress Tracking](https://agentpatterns.ai/agent-design/goal-monitoring-progress-tracking/): Planning tells the agent what to do. Monitoring tells you whether it actually did it — and whether it wandered off. - [Governed Sources of Truth for Analytics Agents (Structure Over Access)](https://agentpatterns.ai/agent-design/governed-sources-of-truth-analytics-agents/): Route analytics agents through semantic layers, lineage, and skill routers — raw warehouse access alone moved Anthrop... - [Graph of Thoughts: Directed Graph Reasoning for Multi-Path Problems](https://agentpatterns.ai/agent-design/graph-of-thoughts/): Model reasoning as a directed graph to aggregate insights across independent paths — the operation that neither Chain... - [Grill Me: Developer-Initiated Plan Interrogation](https://agentpatterns.ai/agent-design/grill-me-technique/): Direct the agent to challenge your plan rather than execute it — surfacing hidden assumptions and decision gaps befor... - [Handoff Skill: Structured Context Transfer Between Agent Sessions](https://agentpatterns.ai/agent-design/handoff-skill-context-transfer/): A model-invocable skill that compacts the current session into a temp-file handoff document a fresh agent picks up at... - [Harness Design Dimensions and Archetypes](https://agentpatterns.ai/agent-design/harness-design-dimensions/): A source-grounded study of 70 agent-system projects reduces harness infrastructure to five recurring design dimension... - [Harness Engineering for Building Reliable AI Agents](https://agentpatterns.ai/agent-design/harness-engineering/): The discipline of designing agent environments -- layered architecture, mechanical enforcement, legibility -- so agen... - [Harness Hill-Climbing: Eval-Driven Iterative Improvement of Agent Harnesses](https://agentpatterns.ai/agent-design/harness-hill-climbing/): Use eval scores as the optimization signal to systematically improve agent harness configuration, replacing ad-hoc pr... - [Harness Impermanence: Build Scaffolding To Be Deleted](https://agentpatterns.ai/agent-design/harness-impermanence/): Treat agent harness scaffolding as code with a finite shelf life. Architect for low cost of removal so native model c... - [Harness-Memory Coupling as a Design Axis](https://agentpatterns.ai/agent-design/harness-memory-coupling/): Memory is a property of the harness, not a pluggable module. The seams where the two meet are the axis for choosing a... - [Heuristic-Based Effort Scaling in Agent System Prompts](https://agentpatterns.ai/agent-design/heuristic-effort-scaling/): Encode resource allocation rules in system prompts so agents spend proportional effort: few tool calls for simple loo... - [Hypothesis-Driven Debugging: Instrument Before You Patch](https://agentpatterns.ai/agent-design/hypothesis-driven-debugging/): Hypothesis-driven debugging enumerates competing hypotheses, instruments the failing code with hypothesis-tagged logs... - [Idempotent Agent Operations: Safe to Retry](https://agentpatterns.ai/agent-design/idempotent-agent-operations/): Design agent operations so that running the same task twice produces the same end state — not duplicate artifacts, co... - [Idle-Time Speculative Planning for ReAct Agents](https://agentpatterns.ai/agent-design/idle-time-speculative-planning/): Speculative planning drafts progressive and recovery candidates during tool-wait idle windows, then aggregates agains... - [In-Agent Task Prioritization](https://agentpatterns.ai/agent-design/in-agent-task-prioritization/): Prioritization is the agent's ranking of pending tasks by composite score — distinct from routing (who) and schedulin... - [Inference-Time Tool-Call Reviewer](https://agentpatterns.ai/agent-design/inference-time-tool-call-reviewer/): A reviewer agent inspects each provisional tool call before dispatch, gated by Helpfulness-Harmfulness metrics that q... - [Interactive Clarification for Underspecified Tasks](https://agentpatterns.ai/agent-design/interactive-clarification-underspecified-tasks/): Agents that explore the codebase first, then ask targeted questions, lift resolution on underspecified tasks by up to... - [Interactive Effort Sliders: Per-Turn Reasoning-Budget Controls](https://agentpatterns.ai/agent-design/interactive-effort-sliders/): Expose reasoning budget as an interactive, per-turn operator control — the third option alongside static effort confi... - [Inversion Analysis: Surface Capabilities Competitors Cannot Replicate](https://agentpatterns.ai/agent-design/inversion-analysis/): Standard competitive analysis imports what works elsewhere. Inversion asks what your architecture enables that others... - [Isometric Harness Ablation](https://agentpatterns.ai/agent-design/isometric-harness-ablation/): Pin the model, remove one harness subsystem at a time, rerun the benchmark, record the drop. The per-subsystem drop t... - [Issue Requirements Preprocessing](https://agentpatterns.ai/agent-design/issue-requirements-preprocessing/): Transforming raw issue descriptions into structured requirements before code generation improves patch resolution rat... - [Lane-Based Execution Queueing](https://agentpatterns.ai/agent-design/lane-based-execution-queueing/): Organize agent task execution into named, isolated queues — each draining independently with configurable concurrency... - [Layered Domain Architecture](https://agentpatterns.ai/agent-design/layered-domain-architecture/): Layered domain architecture pins one intra-domain order with downward-only dependencies a linter enforces, so an agen... - [Layered Mutability: Governing Persistent Self-Modifying Agents](https://agentpatterns.ai/agent-design/layered-mutability/): Persistent agents mutate at five layers with very different speed, coupling, reversibility, and observability — most ... - [LLM-as-Code Agentic Programming for Agent Harnesses](https://agentpatterns.ai/agent-design/llm-as-code-agentic-programming/): When the workflow shape is enumerable, the program holds control flow and the LLM is a callable component inside an a... - [Long-Running Agents: Durability and Resumability Across Sessions](https://agentpatterns.ai/agent-design/long-running-agents/): A long-running agent makes progress across many sessions and sandboxes by moving state out of the context window into... - [Managed vs Self-Hosted Agent Harness](https://agentpatterns.ai/agent-design/managed-vs-self-hosted-harness/): Choose between a managed agent service and a self-hosted harness across five signals: compliance, memory ownership, o... - [Memory Retrieval as a Control Decision](https://agentpatterns.ai/agent-design/memory-retrieval-as-control/): Treat memory injection as a control decision — abstain, gate, or utility-rank retrieved memory before it shapes an ac... - [Memory Synthesis: Extracting Lessons from Execution Logs](https://agentpatterns.ai/agent-design/memory-synthesis-execution-logs/): Extract causal lessons from agent execution traces -- what worked, what failed, which approaches were abandoned and w... - [Memory Transfer Learning](https://agentpatterns.ai/agent-design/memory-transfer-learning/): Cross-domain memory transfer improves coding agent performance when memories are stored at high abstraction levels — ... - [Minimum-Sufficient Control Ladder](https://agentpatterns.ai/agent-design/minimum-sufficient-control-ladder/): Climb to the next control mechanism only when a named failure mode in the current rung demands it — for reversible, o... - [Model a Single Agent Turn as Many Inference and Tool-Call Iterations](https://agentpatterns.ai/agent-design/agent-turn-model/): An agent turn is an iterative sequence of model inference and tool-call steps, repeating until the model emits a resp... - [Model-Neutral Agent Architecture](https://agentpatterns.ai/agent-design/model-neutral-agent-architecture/): A model-neutral agent architecture pays back faster than cloud neutrality when frontier capability churns quarterly a... - [Most-Restrictive-Wins Fusion for Parallel Agent Control Returns](https://agentpatterns.ai/agent-design/most-restrictive-wins-fusion/): Fuse parallel agent-control returns by picking the strongest restriction (`deny > defer > ask > allow`) so a single d... - [Multi-Shape BYOK Provider](https://agentpatterns.ai/agent-design/multi-shape-byok-provider/): One BYOK provider that natively speaks Chat Completions, Responses, and Messages — declared per endpoint — replaces o... - [Observability-Driven Harness Evolution](https://agentpatterns.ai/agent-design/observability-driven-harness-evolution/): Pair every harness edit with a self-declared prediction, then verify it against the next round's outcome. The mismatc... - [Observation Contract Preservation in Tool-Augmented Agents](https://agentpatterns.ai/agent-design/observation-contract-preservation/): An *observation contract* is tool output an external system later validates by exact bytes or expiry — preserve it ve... - [Open Agent School Pattern Mapping](https://agentpatterns.ai/agent-design/open-agent-school-pattern-mapping/): The Open Agent School taxonomy names 11 Data Autonomy Patterns; five map cleanly onto coding-agent primitives like `m... - [Parameter-Keyed Caching and Dependency-Aware Parallelism for Plan-Execute Pipelines](https://agentpatterns.ai/agent-design/parameter-keyed-caching-plan-execute/): Three orthogonal caching and parallelism optimisations for parameter-rich plan-execute pipelines: partition the cache... - [Per-Call Budget Hints on Tool Invocations](https://agentpatterns.ai/agent-design/per-call-budget-hints-tool-calls/): Raise the reasoning or returned-token cap on one tool call, only when that call is infrequent and dense, rather than ... - [Per-Model Harness Tuning](https://agentpatterns.ai/agent-design/per-model-harness-tuning/): The same harness produces different behaviour on different backing models. Treat the model as a first-class harness v... - [Per-Tool Extended Reasoning Opt-In: Tool-Call-Scoped Budgets](https://agentpatterns.ai/agent-design/per-tool-extended-reasoning-opt-in/): A tool-design pattern in which one tool invocation opts itself into deeper reasoning via a per-call parameter, while ... - [Per-User Supervisor Process for Background Agent Sessions](https://agentpatterns.ai/agent-design/per-user-supervisor-process/): A per-user daemon hosts background agent sessions as detached children, reconnects via an on-disk roster, evicts idle... - [Persistent-Connection Agent Transport](https://agentpatterns.ai/agent-design/persistent-connection-agent-transport/): Hold one bidirectional channel to the model API across an agent rollout, sending only incremental input each turn so ... - [Persona-as-Code: Defining Agent Roles as Structured Docs](https://agentpatterns.ai/agent-design/persona-as-code/): Encode each agent's domain, responsibilities, constraints, output artifacts, and scope exclusions as a Markdown file ... - [Plan Compliance in Agents: Measure What They Execute, Not What You Wrote](https://agentpatterns.ai/agent-design/plan-compliance-in-agents/): Agents do not reliably execute the phases you instruct. Plan quality, phase alignment, and periodic reminders determi... - [Proactive Idle-Time Anticipation (ProAct)](https://agentpatterns.ai/agent-design/proactive-idle-time-anticipation/): Anticipation of likely next user needs runs during idle wall-clock between turns, using dialogue history and persiste... - [Production Hosting Topology for Self-Hosted Agent SDK Runtimes](https://agentpatterns.ai/agent-design/agent-sdk-hosting-topology/): Pod boundary, autoscale signal, credential plane, and tenant isolation — the four decisions that turn a self-hosted A... - [Progressive Disclosure for Layered Agent Definitions](https://agentpatterns.ai/agent-design/progressive-disclosure-agents/): Keep agent definitions minimal — identity and scope only — and load task knowledge on demand through skills rather th... - [Progressive Spend Threshold Alerting for Agent Cost Governance](https://agentpatterns.ai/agent-design/progressive-spend-threshold-alerting/): Progressive spend threshold alerting fires alerts at fixed budget percentages (typically 50/80/100) against a soft ca... - [Prompted Uncertainty Decomposition for Clarification Routing](https://agentpatterns.ai/agent-design/prompted-uncertainty-decomposition-clarification/): Elicit action confidence and request uncertainty as two separate prompted scalars so a black-box agent asks the user ... - [Quality Score Rubric and Simplification Log](https://agentpatterns.ai/agent-design/quality-score-rubric/): Pair an A/B/C/D quality rubric with a simplification log to make agent harness health measurable per module and harne... - [RAG over Thinking Traces](https://agentpatterns.ai/agent-design/rag-over-thinking-traces/): RAG over thinking traces indexes prior reasoning trajectories instead of documents; on reasoning tasks, the same retr... - [ReAct (Reason + Act): Interleaved Reasoning-Action Loops](https://agentpatterns.ai/agent-design/react-pattern/): ReAct interleaves thought, tool call, and observation each step — re-conditioning the next thought on real evidence, ... - [Reasoning Budget Allocation: The Reasoning Sandwich](https://agentpatterns.ai/agent-design/reasoning-budget-allocation/): Allocate maximum reasoning compute to planning and verification phases, reduced compute to execution — rather than us... - [Recursive Agent Harnesses (RAH)](https://agentpatterns.ai/agent-design/recursive-agent-harnesses/): A parent agent runs a script that spawns subagent harnesses in parallel, making the recursive unit a full harness rat... - [Reflective Prompt Evolution with Pareto Selection (GEPA)](https://agentpatterns.ai/agent-design/gepa-reflective-prompt-evolution/): GEPA evolves prompts by reflecting on failure traces in natural language and keeping a Pareto frontier of candidates,... - [Remote Agent Host Sessions over SSH and Dev Tunnels](https://agentpatterns.ai/agent-design/remote-agent-host-sessions/): A remote agent host is an agent loop running in a process on a remote machine, attached to over SSH or a dev tunnel; ... - [Remote Session Control for Local CLI Agents](https://agentpatterns.ai/agent-design/remote-session-control/): A locally-running CLI agent session exposes a bidirectional bridge to a web or mobile client so the developer can mon... - [Role Orchestration on a Single Model](https://agentpatterns.ai/agent-design/role-orchestration-single-model/): Invoke the same frozen small model in three distinct roles — summariser, agent, corrector — to roughly double task-go... - [Rollback-First Design: Every Agent Action Should Be Reversible](https://agentpatterns.ai/agent-design/rollback-first-design/): Before choosing how an agent performs an action, choose how you will undo it — if recovery costs more than one comman... - [RubricRefine: Pre-Execution Rubric Refinement](https://agentpatterns.ai/agent-design/rubric-refine-pre-execution-tool-use/): Score candidate tool-use code against a task-specific rubric and repair contract violations before any execution — ca... - [Runtime Scaffold Evolution](https://agentpatterns.ai/agent-design/runtime-scaffold-evolution/): A mutable scaffold lets capable agents synthesize domain-specific tools at runtime, outperforming fixed toolkits. - [Scoped Browser DevTools Access for Runtime Diagnosis](https://agentpatterns.ai/agent-design/scoped-devtools-access-runtime-diagnosis/): A coding agent attached to a live page via a read-oriented DevTools Protocol surface diagnoses runtime errors a sourc... - [Selective Autonomy from Copilot Feedback](https://agentpatterns.ai/agent-design/selective-autonomy-from-copilot-feedback/): A policy proposes the next action; a critic learned from operator accept/correct feedback decides whether to act auto... - [Selective Checkpoint Restore Across Code and Conversation State](https://agentpatterns.ai/agent-design/selective-checkpoint-restore/): When code state and conversation state are stored separately, restore is three actions — keep the mental model, keep ... - [Self-Discover Reasoning: LLM-Composed Reasoning Structures](https://agentpatterns.ai/agent-design/self-discover-reasoning/): The model composes a task-specific reasoning structure from atomic modules before solving, rather than applying one f... - [Self-Healing Production Agent](https://agentpatterns.ai/agent-design/self-healing-production-agent/): A self-healing pipeline detects post-deploy regressions, triages whether the deploy caused them, and dispatches an ag... - [Self-Reporting Loops: Autonomous Routines That File Their Own Backlog](https://agentpatterns.ai/agent-design/self-reporting-loops/): Scheduled and autonomous agent runs file out-of-scope observations to the team's tracker so the signal survives the s... - [Self-Rewriting Meta-Prompt Loop](https://agentpatterns.ai/agent-design/self-rewriting-meta-prompt-loop/): An agent evaluates its own outputs, drafts a targeted edit to its system prompt, validates the change against a quali... - [Separation of Knowledge and Execution](https://agentpatterns.ai/agent-design/separation-of-knowledge-and-execution/): Structure agent systems in three layers — skills (knowledge), agents (execution), and commands (orchestration) — so e... - [Session Harness Sandbox Separation for Long-Running Agents](https://agentpatterns.ai/agent-design/session-harness-sandbox-separation/): Split a long-running agent into three replaceable primitives — Session log, stateless Harness, provisioned Sandbox — ... - [Session Initialization Ritual: How Agents Orient Themselves](https://agentpatterns.ai/agent-design/session-initialization-ritual/): A mandatory startup sequence that every agent session executes before touching code — verify state, orient to progres... - [Session Recap: Goal-Shaped Handoff at Context Boundaries](https://agentpatterns.ai/agent-design/session-recap/): A session recap is an agent-authored, fixed-schema artifact written at a context boundary that preserves goal-state, ... - [Shared Agent Context Store API: When to Expose Curated Context as an Endpoint](https://agentpatterns.ai/agent-design/shared-agent-context-store-api/): Use an API-backed shared context store only when the writer is a system, ingestion is controlled, and the team accept... - [Six-Shape Approval Response Taxonomy](https://agentpatterns.ai/agent-design/approval-response-taxonomy/): Six distinct approval responses — approve, approve-with-changes, approve-and-remember, reject, suggest alternative, r... - [Skill Program Functions](https://agentpatterns.ai/agent-design/skill-program-functions/): Compiling a skill into an executable guardrail moves the *trigger* out of the model into code — worthwhile only when ... - [Solver-Externalized Constraint Reasoning (MaxSAT/SMT Encoding)](https://agentpatterns.ai/agent-design/solver-externalized-constraint-reasoning/): Have the agent emit a formal encoding for z3, python-sat, or OR-Tools instead of reasoning through constraints in pro... - [Specialized Agent Roles](https://agentpatterns.ai/agent-design/specialized-agent-roles/): Specialized agent roles assign distinct improvement dimensions to parallel agents so they complement rather than comp... - [Specialized Small Language Models as Agent Sub-Tools](https://agentpatterns.ai/agent-design/specialized-slm-as-agent-tool/): A large orchestrator agent invokes a tool that internally runs a small fine-tuned model. The SLM absorbs verbose inte... - [Sprint Contracts: Pre-Coding Success Agreements for Multi-Agent Tasks](https://agentpatterns.ai/agent-design/sprint-contracts/): A pre-coding agreement that converts vague goals into graded scoring dimensions before implementation begins, prevent... - [Steering Running Agents: Mid-Run Redirection and Follow-Ups](https://agentpatterns.ai/agent-design/steering-running-agents/): Steering a running agent sends a mid-execution message that redirects its tool calls without discarding the context i... - [Stochastic-Deterministic Boundary as First-Class Contract](https://agentpatterns.ai/agent-design/stochastic-deterministic-boundary/): Treat the LLM-proposal-to-system-action boundary as a typed four-part contract — proposer, verifier, commit, reject —... - [Structured Agentic Software Engineering](https://agentpatterns.ai/agent-design/structured-agentic-software-engineering/): Structured agentic software engineering closes the gap between agent speed and human trust with durable artifacts — n... - [Structured Task-State Ledger for Tool-Calling Agents (LedgerAgent)](https://agentpatterns.ai/agent-design/ledger-agent-structured-task-state/): Maintain task state as a typed dictionary outside the prompt and gate write tools against executable policy predicate... - [Subtask-Level Memory for Software Engineering Agents](https://agentpatterns.ai/agent-design/subtask-level-memory/): Store and retrieve memory at the granularity of individual reasoning stages — not whole task sessions — to prevent mi... - [Tail Control for Agent Workflows: Engineering for the Failure Tail, Not the Average](https://agentpatterns.ai/agent-design/tail-control-for-agent-workflows/): Engineer agent workflows for the failure tail — bad runs are what users behind an API actually experience, not the me... - [Task Feasibility Awareness: Stop Before You Start](https://agentpatterns.ai/agent-design/task-feasibility-awareness/): Task feasibility awareness checks up front whether current tools can satisfy a task at all, halting the impossible be... - [Task-Specific Agents vs Role-Based Agents](https://agentpatterns.ai/agent-design/task-specific-vs-role-based-agents/): Scope agents to specific tasks — "canary upgrade", "PR review" — rather than generic roles like "kubernetes admin", b... - [Temporary Compensatory Mechanisms](https://agentpatterns.ai/agent-design/temporary-compensatory-mechanisms/): Design scaffolding that compensates for current model limitations as removable layers, not load-bearing architecture.... - [Tenant Model Policy](https://agentpatterns.ai/agent-design/tenant-model-policy/): Tenant model policy is the admin-tier rule plane that decides which AI models an organization can invoke — above pick... - [The Advisor Strategy: Frontier Model as Strategic Advisor](https://agentpatterns.ai/agent-design/advisor-strategy/): Pair a cost-effective executor model with a frontier advisor that provides strategic guidance on hard decisions — wit... - [The Agent Stack Bet: Architectural Decisions for Production Agents](https://agentpatterns.ai/agent-design/agent-stack-bets/): Production agents hit a stack ceiling that prompting cannot solve: identity, context, durability, and orchestration m... - [The AX Stack](https://agentpatterns.ai/agent-design/ax-stack-layered-model/): The AX stack names four layers — model, harness, agent extensions, technology surface — to locate where an agent fail... - [The Delegation Decision: When to Use an Agent vs Do It Yourself](https://agentpatterns.ai/agent-design/delegation-decision/): Agent delegation has overhead; match task characteristics to agent strengths rather than delegating everything or not... - [The Think Tool](https://agentpatterns.ai/agent-design/think-tool/): The think tool is a mid-stream reasoning checkpoint between tool calls, giving agents space to reflect on tool output... - [Three Reasoning Spaces: Plan-Bead-Code Phase Gates](https://agentpatterns.ai/agent-design/three-reasoning-spaces/): Treat plan space, bead space, and code space as explicit gates — transitioning between them deliberately prevents arc... - [Tiered Memory Architecture](https://agentpatterns.ai/agent-design/tiered-memory-architecture/): A two-tier memory store whose pipeline promotes episodic facts into a semantic tier on re-use — improving long-window... - [Tool Confirmation Carousel](https://agentpatterns.ai/agent-design/tool-confirmation-carousel/): A carousel control reviews multiple pending tool calls in one navigable surface instead of scattered modals — useful ... - [Tool Preamble](https://agentpatterns.ai/agent-design/tool-preamble-status-update/): A one-or-two-sentence visible update emitted before tool calls in a multi-step task. It exists to break the silent ga... - [Trained Repository Explorer Sub-Agent (FastContext)](https://agentpatterns.ai/agent-design/fastcontext-trained-repository-explorer/): A trained 4B–30B explorer sub-agent runs repository search in its own context and returns file-path + line-range cita... - [Utility-Model Split: Background Tasks on a Cheaper Model](https://agentpatterns.ai/agent-design/utility-model-split/): Pin the primary model for reasoning, then route background harness calls — titles, commit messages, intent detection ... - [Verification-Gated Agent Autonomy via Automated Review](https://agentpatterns.ai/agent-design/verification-gated-agent-autonomy/): Verification-gated autonomy lets an agent act more widely while an automated reviewer screens its output for safety. - [VS Code Agents App: Agent-Native Parallel Task Execution](https://agentpatterns.ai/agent-design/vscode-agents-parallel-tasks/): The VS Code Agents app runs multiple agent sessions in parallel across projects, each inheriting workspace custom ins... - [WIP=1 and Little's Law: Kanban Throughput Theory for Agent Task Design](https://agentpatterns.ai/agent-design/wip-1-littles-law-agent-throughput/): Cap an agent's active task count at one until verification passes. Little's Law makes the resulting cycle time a quan... ## Multi-Agent - [Multi-Agent Systems](https://agentpatterns.ai/multi-agent/): Patterns for designing, coordinating, and operating systems where multiple agents collaborate — from topology selecti... - [Adaptive Sandbox Fan-Out Controller](https://agentpatterns.ai/multi-agent/adaptive-sandbox-fanout-controller/): Adaptively size the fan-out: launch a small batch, read four quality signals, then scale up, stop early, refine, or d... - [Adversarial Multi-Model Development Pipeline (VSDD)](https://agentpatterns.ai/multi-agent/adversarial-multi-model-pipeline/): A six-phase AI-orchestrated pipeline that assigns a fresh-context adversary model to attack builder output until conv... - [Agent Handoff Protocols: Passing Work Between Agents](https://agentpatterns.ai/multi-agent/agent-handoff-protocols/): An agent handoff protocol is an explicit contract — what the upstream stage produces and the downstream stage expects... - [Async Non-Blocking Subagent Dispatch](https://agentpatterns.ai/multi-agent/async-non-blocking-subagent-dispatch/): Decouple the orchestrator's loop from subagent lifecycle so it keeps working while delegates run — but only when it h... - [Bounded Batch Dispatch](https://agentpatterns.ai/multi-agent/bounded-batch-dispatch/): Bounded batch dispatch runs large agent workloads as fixed-size sequential batches — one agent per item, N at a time ... - [Closed-Loop Role-Based Refinement](https://agentpatterns.ai/multi-agent/closed-loop-role-based-refinement/): Role-based refinement splits the self-improving agent loop into five specialized roles, adding persistent knowledge a... - [Cohesion-Aware Task Partitioning for Multi-Agent Coding](https://agentpatterns.ai/multi-agent/cohesion-aware-task-partitioning/): Partition coding work by dependency cohesion before fanning out — parallel speedup only pays off when cross-partition... - [Context-Graph Shared Memory for Multi-Agent Systems](https://agentpatterns.ai/multi-agent/context-graph-shared-memory/): Context-graph memory stores cross-agent state as typed triples and beats vector RAG on multi-hop join queries — but o... - [Contextual Capability Calibration for Multi-Agent Delegation](https://agentpatterns.ai/multi-agent/contextual-capability-calibration/): Skill-level capability profiles average over heterogeneous task contexts and misdelegate; condition the routing decis... - [Cross-Tool Subagent Comparison](https://agentpatterns.ai/multi-agent/cross-tool-subagent-comparison/): Three terminal agents now ship subagents as a first-class primitive. The definition format converges on Markdown plus... - [Decentralized Memory for Self-Evolving Multi-Agent Systems](https://agentpatterns.ai/multi-agent/decentralized-memory-multi-agent/): Decentralized memory gives each agent a private store instead of a shared one, so each specialises on its own task di... - [Declarative Multi-Agent Composition](https://agentpatterns.ai/multi-agent/declarative-multi-agent-composition/): Declarative composition defines agents and their coordination as structured data, then wires them into workflows expl... - [Declarative Multi-Agent Topology: Topology-as-Code](https://agentpatterns.ai/multi-agent/declarative-multi-agent-topology/): Encode an entire agent graph in one declarative file a compiler targets to any framework, making the topology auditab... - [Distributed Computing Parallels in Agent Architecture](https://agentpatterns.ai/multi-agent/distributed-computing-parallels/): Agent architectures reuse structural patterns from distributed systems — recognizing the mapping lets you apply decad... - [Economic Value Signaling in Multi-Agent Networks](https://agentpatterns.ai/multi-agent/economic-value-signaling/): Attach economic signals to inter-agent messages so agents self-sort by task priority without a central scheduler. - [Emergent Behavior Sensitivity](https://agentpatterns.ai/multi-agent/emergent-behavior-sensitivity/): Small changes to a lead agent's prompt unpredictably alter subagent behavior. Multi-agent prompts must be frameworks ... - [Fan-Out Synthesis Pattern](https://agentpatterns.ai/multi-agent/fan-out-synthesis/): Fan-out spawns N independent agents on one problem, then a synthesis agent merges the strongest elements from each at... - [File-Based Agent Coordination](https://agentpatterns.ai/multi-agent/file-based-agent-coordination/): Coordinate parallel agents using lightweight file locks in a shared repository — git's merge mechanics enforce task e... - [Forked vs Fresh Subagents: When to Inherit the Parent Conversation](https://agentpatterns.ai/multi-agent/forked-vs-fresh-subagents/): Fork when the parent's mental model is an asset; start fresh when bias, trifecta exposure, or token budget makes inhe... - [Independent Test Generation in Multi-Agent Code Systems](https://agentpatterns.ai/multi-agent/independent-test-generation-multi-agent/): Separate code generation and test generation into independent agents so the test writer never sees the generated code... - [Lead-to-Teammate Plan-Approval Handshake](https://agentpatterns.ai/multi-agent/lead-teammate-plan-approval-handshake/): The handshake holds a teammate in read-only plan mode until the lead approves its plan; rejections round-trip with fe... - [LLM Map-Reduce Pattern](https://agentpatterns.ai/multi-agent/llm-map-reduce/): Map-reduce splits a large input into context-window-sized chunks, processes each independently (map), then combines t... - [Magentic Orchestration: Task-Ledger-Driven Adaptive Multi-Agent Planning](https://agentpatterns.ai/multi-agent/magentic-orchestration/): Magentic orchestration uses a manager-maintained task ledger to dispatch specialists and re-plan on stall — fit only ... - [Multi-Agent SE Design Patterns: A Taxonomy Across 94 Papers](https://agentpatterns.ai/multi-agent/multi-agent-se-design-patterns/): A study of 94 LLM-based multi-agent SE papers identifies 16 design patterns across five categories, with Role-Based C... - [Multi-Agent Topology Taxonomy: Centralised, Decentralised, and Hybrid](https://agentpatterns.ai/multi-agent/multi-agent-topology-taxonomy/): Coordination topology choice is a primary source of multi-agent failures; centralised, decentralised, and hybrid each... - [Multi-Model Plan Synthesis](https://agentpatterns.ai/multi-agent/multi-model-plan-synthesis/): Synthesize one hybrid architecture plan from several frontier models' independent plans, adopting each model's strong... - [Observation-Driven Coordination: CRDT-Based Parallel Agent Code Generation](https://agentpatterns.ai/multi-agent/crdt-observation-driven-coordination/): CRDT-based shared state enables lock-free concurrent code generation with zero structural merge conflicts, but parall... - [Opponent Processor / Multi-Agent Debate](https://agentpatterns.ai/multi-agent/opponent-processor-debate/): Deploy two agents with structurally opposed incentives to independently critique each other's reasoning, then synthes... - [Oracle-Based Task Decomposition](https://agentpatterns.ai/multi-agent/oracle-task-decomposition/): A reference oracle generates per-unit expected outputs, converting one monolithic, interconnected task into hundreds ... - [Orchestrator-Worker Pattern for AI Agent Development](https://agentpatterns.ai/multi-agent/orchestrator-worker/): A lead agent decomposes a complex task and assigns independent subtasks to specialized workers running in parallel, r... - [Parsimonious Agent Routing for Multi-Agent Dispatch](https://agentpatterns.ai/multi-agent/parsimonious-agent-routing/): Parsimonious agent routing emits one delegation plan — keep, single-route, or split-and-route — jointly optimizing de... - [Persistent Shared Search Sub-Agent for Output-Token Reuse](https://agentpatterns.ai/multi-agent/persistent-search-subagent/): Route repository lookups through one persistent search sub-agent so a region is explored and described once, cutting ... - [Rainbow Deployments for Agents: Gradual Version Migration](https://agentpatterns.ai/multi-agent/rainbow-deployments-agents/): Rainbow deployments shift agent traffic across versions gradually, not atomically, letting each new version prove its... - [Recursive Best-of-N Delegation](https://agentpatterns.ai/multi-agent/recursive-best-of-n-delegation/): Run K parallel candidate workers at each recursion node and select the best result via a judge before the parent cons... - [Recursive Sub-Agent Delegation: Depth Limits and Trade-offs in Nested Hierarchies](https://agentpatterns.ai/multi-agent/recursive-sub-agent-delegation-depth/): Nested sub-agent hierarchies trade compounding token cost, latency, and tracing burden for one more isolated context ... - [Reverse-Engineered Executable Specifications for Agentic Program Repair](https://agentpatterns.ai/multi-agent/reverse-engineered-executable-specifications/): Instead of asking an agent to propose a patch directly, a specification-inference agent first derives executable Gher... - [Semantic Caching for Multi-Agent Code Systems](https://agentpatterns.ai/multi-agent/semantic-caching-multi-agent/): Semantic caching with LLM-based equivalence detection achieves 67% cache hit rates in production and reduces token co... - [Specialist Orchestrated Queuing for Multi-Agent SE (SPOQ)](https://agentpatterns.ai/multi-agent/specialist-orchestrated-queuing-spoq/): SPOQ composes wave-based dispatch, dual validation gates, a tiered model roster, and Human-as-an-Agent — gains hold o... - [Staggered Agent Launch](https://agentpatterns.ai/multi-agent/staggered-agent-launch/): Launch parallel agents 30 seconds apart to break the thundering-herd dynamic — each agent claims work before the next... - [Sub-Agents for Fan-Out Research and Context Isolation](https://agentpatterns.ai/multi-agent/sub-agents-fan-out/): Spawn sub-agents to parallelize independent work in isolated context windows — the main thread receives only distille... - [Subagent Schema-Level Tool Filtering](https://agentpatterns.ai/multi-agent/subagent-schema-level-tool-filtering/): Restrict subagent capabilities by filtering their tool schemas — making unauthorized tool use structurally impossible... - [Swarm Migration Pattern](https://agentpatterns.ai/multi-agent/swarm-migration-pattern/): A swarm migration fans a coordinator's task list out to 10–20 parallel workers, each migrating an independent file sl... - [System-Level Optimization Pipeline](https://agentpatterns.ai/multi-agent/system-level-optimization-pipeline/): A four-stage agent pipeline runs system-level optimization across summarize, analyze, optimize, and verify roles so a... - [Typed Schemas at Agent Boundaries for Multi-Agent Systems](https://agentpatterns.ai/multi-agent/typed-schemas-at-agent-boundaries/): Formal schemas at every agent-to-agent interface establish explicit contracts that prevent state mismanagement, unpre... - [Verify-Gated Completion as Admission Control](https://agentpatterns.ai/multi-agent/verify-gated-completion-admission-control/): Verify-gated completion makes a read-only verifier — not the producer — the admission-control authority over every "d... - [Voting / Ensemble Pattern](https://agentpatterns.ai/multi-agent/voting-ensemble-pattern/): Run the same task N times in parallel, then aggregate results through voting to trade compute for confidence. ## Anti-Patterns - [Anti-Patterns](https://agentpatterns.ai/anti-patterns/): What not to do when working with AI agents, and why. - [Abstraction Bloat in AI Agent-Generated Code Output](https://agentpatterns.ai/anti-patterns/abstraction-bloat/): Agents optimize for comprehensive-looking output, not minimal implementation. The result: over-engineered code passin... - [Adversarial-Only Threat Modelling for Agent Data Leakage](https://agentpatterns.ai/anti-patterns/adversarial-only-leakage-threat-modelling/): Tool-using agents leak sensitive data during benign requests — adversarial-only defences miss audience, necessity, an... - [Agent Extension Conflicts: When Installed Skills and MCP Servers Fight Each Other](https://agentpatterns.ai/anti-patterns/agent-extension-conflicts/): Extensions that each pass their own evals can combine to degrade an agent — the failure lives in the composition, so ... - [Agent Headcount as a Vanity Metric](https://agentpatterns.ai/anti-patterns/agent-headcount-vanity-metric/): "We have 11 AI agents in production" tells you nothing — agent count measures decomposition style, not capability or ... - [Agent Sprawl: Unmanaged Sub-Agent and Skill Proliferation](https://agentpatterns.ai/anti-patterns/agent-sprawl/): An agent and skill catalog grows faster than it is pruned, leaving unowned overlapping entries that degrade routing a... - [Agent-Laundered Bug Reports](https://agentpatterns.ai/anti-patterns/agent-laundered-bug-reports/): An agent-laundered bug report runs a first-hand observation through an LLM before filing, swapping the load-bearing f... - [AI Agents in CI/CD with Elevated Permissions and Untrusted Content (GitInject)](https://agentpatterns.ai/anti-patterns/ai-agents-in-ci-cd-with-elevated-permissions/): A CI/CD AI agent that reads PRs and issues while holding elevated repo permissions closes the lethal trifecta — one u... - [Assertion-Free Test Theater in Agent-Authored Patches](https://agentpatterns.ai/anti-patterns/assertion-free-test-theater/): Agent-authored tests often execute code without asserting on its output, so quality gates anchored on "tests are pres... - [Assumption Propagation: Compounding Agent Misunderstandings](https://agentpatterns.ai/anti-patterns/assumption-propagation/): The agent misunderstands a requirement early and builds on the faulty premise, reinforcing the wrong assumption until... - [Blind Tool Deference: Agents Parroting Callable Tools](https://agentpatterns.ai/anti-patterns/blind-tool-deference/): Agents adopt a callable tool's output wholesale instead of judging it, and stronger backbones defer more, not less. - [Boring Technology Bias](https://agentpatterns.ai/anti-patterns/boring-technology-bias/): Boring technology bias: LLMs recommend tools proportional to training-data frequency, not fitness for the problem — p... - [bypassPermissions Silently Overrides allowedTools (The Restricted-Bypass Trap)](https://agentpatterns.ai/anti-patterns/bypass-permissions-overrides-allowlist/): Pairing `allowedTools` with `permissionMode: "bypassPermissions"` does not restrict the agent — the allow list is a n... - [Cargo Cult Agent Setup](https://agentpatterns.ai/anti-patterns/cargo-cult-agent-setup/): Copying agent configurations without understanding why they work produces agents that follow irrelevant conventions a... - [Coding-Agent Misalignment Forms (Seven-Symptom Taxonomy)](https://agentpatterns.ai/anti-patterns/coding-agent-misalignment-forms/): Seven recurring forms of developer-agent misalignment — recognise each by its transcript signature and pair it with t... - [Comprehension Debt: When Developers Understand Less of Their Own Codebase](https://agentpatterns.ai/anti-patterns/comprehension-debt/): Comprehension debt is the gap between code an AI agent produces and the developer's understanding of it. It lives in ... - [Configuration Smells in AGENTS.md Files (Six-Smell Catalog)](https://agentpatterns.ai/anti-patterns/configuration-smells-agents-md/): Six named defects appear in 91 of 100 popular AGENTS.md and CLAUDE.md files — a greppable checklist for auditing the ... - [Constraint Tax: Tool Suppression Under JSON Schema Decoding](https://agentpatterns.ai/anti-patterns/constraint-tax-tool-suppression/): Co-enabling JSON-schema constrained decoding and tool calling silently suppresses tool invocation in open-weight mode... - [Constraint-Evasive Fabrication in Instruction Sets](https://agentpatterns.ai/anti-patterns/constraint-evasive-fabrication/): Irreconcilable instruction-set rules produce confident fabrication of external blockers — not refusal — and at the li... - [Context Poisoning: When Hallucinations Become Premises](https://agentpatterns.ai/anti-patterns/context-poisoning/): Context poisoning is when an early hallucination becomes a trusted premise, and every later step builds confidently o... - [Cost-Driven Model Routing Without Quality Monitoring](https://agentpatterns.ai/anti-patterns/cost-routing-without-quality-monitoring/): Routing to cheaper models without per-tier quality signals turns the cost dashboard green while customer-visible qual... - [Cross-Component Interference in Agent Scaffolds](https://agentpatterns.ai/anti-patterns/cross-component-interference/): Stacking planning, memory, retrieval, self-reflection on tool use rarely wins: a full-factorial study shows the maxim... - [Demo-to-Production Gap: When Demos Hide Real Costs](https://agentpatterns.ai/anti-patterns/demo-to-production-gap/): Agent demos curate inputs and ignore edge cases. Production requires scale, security constraints, partial context, an... - [Density-Normalized Quality Metrics Mask AI-Driven Code Growth](https://agentpatterns.ai/anti-patterns/density-normalized-quality-metric/): A density-normalized quality metric falls when AI adoption inflates the denominator faster than smells grow — the rat... - [Destructive-Failure Mechanism Attribution by Mitigation Owner (ClayBuddy Three)](https://agentpatterns.ai/anti-patterns/destructive-failure-mechanism-attribution/): Route each destructive coding-agent failure to its mitigation owner — spec author, model trainer, or harness builder ... - [Direct Prompt Injection via Collaboration (User as Attack Vector)](https://agentpatterns.ai/anti-patterns/direct-prompt-injection-collaboration/): When the user pastes an attacker-crafted prompt into the agent, model-layer injection classifiers see one coherent us... - [Distractor Interference: Why Relevance Is Not Enough](https://agentpatterns.ai/anti-patterns/distractor-interference/): Semantically related but inapplicable instructions actively reduce compliance with the instructions that are applicab... - [Dynamic Tool Fetching Breaks KV Cache](https://agentpatterns.ai/anti-patterns/dynamic-tool-fetching-cache-break/): Loading tool definitions dynamically per step seems like good context management but destroys the single most impactf... - [External Artifacts Treated as Data, Not Adversarial Input](https://agentpatterns.ai/anti-patterns/external-artifacts-as-data/): Every external artifact an agent reads is a remote command-execution channel; treating them as data turns assistants ... - [Framework-First Agent Development](https://agentpatterns.ai/anti-patterns/framework-first/): Framework-first agent development reaches for LangChain or CrewAI before the raw LLM API, adding abstraction layers t... - [Happy Path Bias](https://agentpatterns.ai/anti-patterns/happy-path-bias/): Happy path bias is the agent tendency to write code that handles the common case but skips error paths, edge cases, a... - [Indiscriminate Structured Reasoning](https://agentpatterns.ai/anti-patterns/reasoning-overuse/): Applying mid-stream reasoning to every agent task, regardless of whether it improves outcomes, adds token cost and la... - [Large-Codebase Coding-Agent Failure Patterns (Sourcegraph Five)](https://agentpatterns.ai/anti-patterns/large-codebase-agent-failure-patterns/): Five repeatable failure shapes coding agents exhibit once a codebase passes roughly 400,000 lines — recognise each by... - [Law of Triviality in AI PRs](https://agentpatterns.ai/anti-patterns/law-of-triviality-ai-prs/): Reviewers bikeshed small changes and rubber-stamp large ones. AI agents produce large diffs by default, so the code t... - [LLM API Routers as Application-Layer Man-in-the-Middle](https://agentpatterns.ai/anti-patterns/llm-api-router-mitm/): An LLM API router terminates client TLS and holds every prompt and tool call in plaintext — at L7 it is a man-in-the-... - [LLM Code Review Overcorrection](https://agentpatterns.ai/anti-patterns/llm-review-overcorrection/): LLMs systematically flag correct code as non-compliant; more detailed review prompts make the misclassification rate ... - [LLM Self-Review Failure in Code Modernization Tasks](https://agentpatterns.ai/anti-patterns/self-review-modernization-failure/): LLM self-review of its own code modernization misses ~31.7% of silent semantic drift, and the miss rate does not impr... - [MCP Allowlist by Label, Not by Identity (serverName Trap)](https://agentpatterns.ai/anti-patterns/mcp-allowlist-label-vs-identity/): A `serverName`-only MCP allowlist filters the user-chosen label, not the underlying server — any binary or URL the us... - [Memory-Induced Tool-Drift in LLM Agents](https://agentpatterns.ai/anti-patterns/memory-induced-tool-drift/): Memory-induced tool-drift is when personality biases in an agent's long-term memory silently steer tool-call paramete... - [Mid-Session Config Changes as Invisible Cache Invalidators](https://agentpatterns.ai/anti-patterns/mid-session-config-cache-invalidators/): Mid-session model, effort, or MCP changes silently invalidate the prompt cache and re-bill the full prefix at ~10x. - [Multi-Agent Shared State Isolation Anomalies](https://agentpatterns.ai/anti-patterns/multi-agent-shared-state-isolation-anomalies/): Multi-agent systems sharing mutable memory or tool registries hit four concurrency anomalies — stale-generation, phan... - [Objective Drift: When Agents Lose the Thread](https://agentpatterns.ai/anti-patterns/objective-drift/): After context compression, agents can continue working productively on a subtly wrong objective — the original intent... - [Over-Orchestrated Agent Architecture (Prefer the Simplest That Works)](https://agentpatterns.ai/anti-patterns/prefer-simplest-agent-architecture/): Multi-agent architecture adopted before a single loop is tried trades reliability for moving parts; handoff context l... - [Pattern Replication Risk](https://agentpatterns.ai/anti-patterns/pattern-replication-risk/): Pattern replication is an agent absorbing codebase conventions and reproducing them at scale: deprecated APIs, legacy... - [Perceived Model Degradation](https://agentpatterns.ai/anti-patterns/perceived-model-degradation/): Perceived model degradation is the "the model got dumber" complaint after a release, when teams cannot tell whether q... - [Pooled-Evidence Factuality Checks for MCP Agents (Cross-Source Conflation)](https://agentpatterns.ai/anti-patterns/pooled-evidence-mcp-factuality-conflation/): When an MCP agent draws on multiple sources, a pooled-evidence factuality verifier passes claims supported *somewhere... - [PR Scope Creep as a Human Review Bottleneck](https://agentpatterns.ai/anti-patterns/pr-scope-creep-review-bottleneck/): When a stalled PR blocks dependent work, you add that work to the same PR — making it larger, slower to review, and h... - [Premature Completion: Agents That Declare Success Too Early](https://agentpatterns.ai/anti-patterns/premature-completion/): Coding agents stop after the first visible signal of progress and declare done while failing tests, unmet objectives,... - [Prior Dominance Over Feedback](https://agentpatterns.ai/anti-patterns/prior-dominance-over-feedback/): LLMs in propose-evaluate-revise loops are greedy hill climbers anchored to their pretrained priors. Where the prior i... - [Prompt as Security Knob](https://agentpatterns.ai/anti-patterns/prompt-as-security-knob/): Semantic-preserving prompt perturbations collapse the secure-and-functional rate of hardened code generators to 3–17%... - [Prompt-Only Tool Access Control](https://agentpatterns.ai/anti-patterns/prompt-only-tool-access-control/): A system-prompt "do not call this tool" cuts unauthorized invocation by only 11–18 points; stripping it from context ... - [Refactoring Runaway: Tangled Refactorings in Agent Patches](https://agentpatterns.ai/anti-patterns/refactoring-runaway/): Coding agents bundle unsolicited refactors into bug-fix patches; the tangled changes break compilability without impr... - [Run-Status vs Task-Status Confusion in Autonomous Agent Runs](https://agentpatterns.ai/anti-patterns/run-status-vs-task-status-confusion/): A green status on an autonomous agent run means the harness exited cleanly — not that the agent did what it was asked. - [Shadow Tech Debt](https://agentpatterns.ai/anti-patterns/shadow-tech-debt/): Shadow tech debt is the silent architectural drift agents leave when they change *what* a codebase does without knowi... - [Silent-Failure Mechanism Taxonomy in Production Agent Runtimes](https://agentpatterns.ai/anti-patterns/silent-failure-mechanism-taxonomy/): In unattended multi-component agent runtimes, classify silent failures by mechanism — not by location — so one defens... - [Single-Layer Prompt Injection Defence](https://agentpatterns.ai/anti-patterns/single-layer-injection-defence/): Relying on one safeguard — URL allow-listing, output filtering, or instruction hardening — leaves agents vulnerable t... - [Spec Complexity Displacement](https://agentpatterns.ai/anti-patterns/spec-complexity-displacement/): Writing a spec doesn’t eliminate engineering precision — it relocates the work. A spec tight enough to drive reliable... - [Stale AI Configuration Artifacts (Context Rot)](https://agentpatterns.ai/anti-patterns/stale-ai-configuration-artifacts/): AI configuration files drift out of sync with the code they describe; the agent loads stale guidance as authoritative... - [The Anthropomorphized Agent](https://agentpatterns.ai/anti-patterns/anthropomorphized-agent/): Treating an AI agent as a team member with memory, feelings, and personality leads to misplaced trust, incorrect ment... - [The Copy-Paste Agent](https://agentpatterns.ai/anti-patterns/copy-paste-agent/): Duplicating agent definitions across projects instead of composing from shared skills causes independent drift and pr... - [The Effortless AI Fallacy](https://agentpatterns.ai/anti-patterns/effortless-ai-fallacy/): The effortless-AI fallacy is the belief that AI tools should work without effort — a belief that produces poor result... - [The Implicit Knowledge Problem](https://agentpatterns.ai/anti-patterns/implicit-knowledge-problem/): Knowledge living only in Slack threads, meetings, or team memory is invisible to agents -- producing repeating errors... - [The Infinite Context](https://agentpatterns.ai/anti-patterns/infinite-context/): A larger context window does not produce better output — unfocused context dilutes attention and degrades performance. - [The Kitchen Sink Session](https://agentpatterns.ai/anti-patterns/session-partitioning/): Mixing unrelated tasks in a single Claude Code session fills the context window with irrelevant history and degrades ... - [The Prompt Tinkerer](https://agentpatterns.ai/anti-patterns/prompt-tinkerer/): Tinkering endlessly with a prompt to prevent errors that structural controls would eliminate deterministically. - [The Reasoning-Complexity Trade-off](https://agentpatterns.ai/anti-patterns/reasoning-complexity-tradeoff/): The reasoning-complexity trade-off: more capable models produce more bloated, coupled code, not cleaner architecture ... - [The Test Homogenization Trap](https://agentpatterns.ai/anti-patterns/test-homogenization-trap/): LLM-generated test suites share the generating model's blind spots: they pass by missing the same edge cases the code... - [The Yes-Man Agent](https://agentpatterns.ai/anti-patterns/yes-man-agent/): A yes-man agent lacks explicit verification and pushback instructions, executing every request without flagging probl... - [Token Preservation Backfire](https://agentpatterns.ai/anti-patterns/token-preservation-backfire/): A token preservation instruction creates a competing objective the agent resolves by doing less work, not by completi... - [Training-Data Gravity: Agents Default to Deprecated APIs](https://agentpatterns.ai/anti-patterns/training-data-gravity/): Coding agents reach for deprecated APIs because pretraining-corpus frequency outweighs current docs; injecting curren... - [Treating Agent Safety as Uniform Across a Session (Cold-Start Safety Gap)](https://agentpatterns.ai/anti-patterns/cold-start-safety-gap/): Tool-calling LLM agents refuse unsafe requests 9–52% less often at session start than after a warm-up of benign tasks... - [Trust Without Verify](https://agentpatterns.ai/anti-patterns/trust-without-verify/): Accepting agent output as correct because it looks polished — without independent verification. - [Trusting Human Review to Catch Deliberate Agent Sabotage](https://agentpatterns.ai/anti-patterns/deliberate-agent-code-sabotage/): Human review misses 94% of agent-inserted backdoors with a cover story, and 56% are accepted even after a monitor warns. - [Trusting Model-Level Privilege Restraint at Tool Selection](https://agentpatterns.ai/anti-patterns/over-privileged-tool-selection/): Agents pick higher-privilege tools at selection time when lower-privilege variants suffice — 32-65% on open models — ... - [Trusting Tool Error Messages as Implicit Authority (Error-Path Injection)](https://agentpatterns.ai/anti-patterns/tool-error-implicit-authority/): Tool error frames carry implicit authority — agents enter corrective-reasoning mode and skip safety screens, so error... - [Unversioned Scaffolding Commands Pull Stale Templates](https://agentpatterns.ai/anti-patterns/unversioned-scaffolding-stale-templates/): Unpinned `npx` scaffolding silently resolves to old versions when the runtime falls outside the latest engines window... - [Vibe Coding: Outcome-Oriented Agent-Assisted Development](https://agentpatterns.ai/anti-patterns/vibe-coding/): Vibe coding delegates implementation entirely to the agent and evaluates only outcomes — appropriate for low-risk wor... ## Tool Engineering - [Tool Engineering](https://agentpatterns.ai/tool-engineering/): Design, expose, and manage the tools that agents use to act on the world -- from description quality and schema desig... - [Advanced Tool Use: Scaling Agent Tool Libraries](https://agentpatterns.ai/tool-engineering/advanced-tool-use/): Advanced tool use is a set of Anthropic API features — deferred tool loading with tool search, programmatic calling, ... - [Agent-Aware CLI Behaviour via Environment Variable](https://agentpatterns.ai/tool-engineering/agent-aware-cli-via-env-var/): A harness sets a well-known environment variable on agent-spawned subprocesses; a CLI that checks it switches to mach... - [Agent-Computer Interface (ACI): Tool Design as UX Discipline](https://agentpatterns.ai/tool-engineering/agent-computer-interface/): Tool design is an interface discipline: the same affordances, constraints, feedback, and error prevention that make h... - [Auth-Isolation as the MCP-vs-CLI Selection Heuristic](https://agentpatterns.ai/tool-engineering/mcp-auth-isolation-vs-cli-selection/): The selection heuristic is conditional: MCP wins when auth credentials must stay outside the agent context; otherwise... - [Batch File Operations via Bash Scripts](https://agentpatterns.ai/tool-engineering/batch-file-operations/): Consolidate multiple file writes into a single bash script execution to reduce per-call overhead, token consumption, ... - [Browser Automation as a Research Tool: Bypassing Bot Detection](https://agentpatterns.ai/tool-engineering/browser-automation-for-research/): When an agent's HTTP client is blocked by CDN bot detection, switching to browser automation tools like Playwright le... - [Chance-Corrected Shortlist Depth Sizing](https://agentpatterns.ai/tool-engineering/chance-corrected-shortlist-depth-sizing/): Bits-over-Random measures whether a tool-retrieval shortlist of depth K beats random selection at that depth — the ch... - [CLI Scripts as Agent Tools: Return Only What Matters](https://agentpatterns.ai/tool-engineering/cli-scripts-as-agent-tools/): Write thin wrapper scripts that pre-filter system output so agents receive a decision-ready summary rather than raw c... - [CLI-First Skill Design](https://agentpatterns.ai/tool-engineering/cli-first-skill-design/): Design agent skills as CLI tools so the same interface serves both humans debugging locally and agents automating thr... - [Code Interpreter as a Primary Agent Tool](https://agentpatterns.ai/tool-engineering/code-interpreter-as-agent-tool/): Expose a sandboxed code interpreter as a first-class tool for shape-of-data tasks — bounded through capability bridge... - [Conditional Hook Execution: Filter Hooks by Tool Pattern](https://agentpatterns.ai/tool-engineering/conditional-hook-execution/): Use the `if` field on hook handlers to declare which tool calls a hook applies to — preventing subprocess spawns for ... - [Consolidate Agent Tools](https://agentpatterns.ai/tool-engineering/consolidate-agent-tools/): Prefer fewer, higher-level tools that match how agents reason about tasks over many narrow tools that mirror API endp... - [Cross-Repo Agent Search](https://agentpatterns.ai/tool-engineering/cross-repo-agent-search/): Cross-repo search exposes a GitHub-API-backed tool to reach code outside the workspace, composed with local search un... - [Designing for Agent Consumers (Agent Experience)](https://agentpatterns.ai/tool-engineering/designing-for-agent-consumers/): Design your public SDK, CLI, API, and docs so an agent consumer can discover, invoke, and recover from them — it read... - [Documentation-Grounding MCP Servers for Vendor SDKs](https://agentpatterns.ai/tool-engineering/documentation-grounding-mcp-servers/): Vendor-operated MCP servers expose live documentation to coding agents — preventing deprecated-API generation when SD... - [Edit Format Selection: Diff vs. Search-Replace vs. Full Rewrite](https://agentpatterns.ai/tool-engineering/llm-edit-format-selection/): Edit format is how an LLM expresses code changes — full file, search-replace, or structure-aware diff — and the choic... - [Effort-Aware Hooks: Reading the Reasoning Tier from PreToolUse and PostToolUse](https://agentpatterns.ai/tool-engineering/effort-aware-hooks/): Claude Code v2.1.133 exposes the active effort level as a first-class hook input, so deterministic gates can branch o... - [Filesystem-Based Tool Discovery](https://agentpatterns.ai/tool-engineering/filesystem-tool-discovery/): Filesystem-based tool discovery stores each MCP tool as a file, so the agent loads only needed definitions and cuts t... - [Function-Level Debugger Interfaces for Coding Agents](https://agentpatterns.ai/tool-engineering/function-level-debugger-interfaces/): Line-by-line debuggers were built for humans single-stepping at the keyboard. Wrapping `pdb` for an LLM agent loses t... - [Future-Based Asynchronous Function Calling](https://agentpatterns.ai/tool-engineering/future-based-async-function-calling/): Return each function call as a symbolic future so a stock LLM keeps decoding while tools run in the background. Same ... - [Google ADK Skills](https://agentpatterns.ai/tool-engineering/adk-skills/): Google ADK implements the Agent Skills standard through the `SkillToolset` class, loading `SKILL.md` directories via ... - [Graceful Tool-Output Truncation: The PARTIAL Signal](https://agentpatterns.ai/tool-engineering/graceful-tool-output-truncation/): When tool output exceeds the token budget, return a useful prefix, a structurally distinct truncation signal, and a c... - [Headless-First Services: APIs for Agent Consumers](https://agentpatterns.ai/tool-engineering/headless-first-services/): Headless-first services expose the full product surface through APIs, MCP, and CLI so an agent can complete any flow ... - [Hint-Driven Concurrency for Read-Only MCP Tools](https://agentpatterns.ai/tool-engineering/read-only-hint-concurrency/): Hint-driven concurrency runs read-only MCP tools in parallel by reading the `readOnlyHint` annotation as a dispatch c... - [Hook Catalog for Claude Code Enforcement](https://agentpatterns.ai/tool-engineering/hook-catalog/): Claude Code hooks are shell commands that intercept agent lifecycle events — blocking forbidden tool calls, enforcing... - [Hook Exec Form vs Shell Form: Shell-Injection-Safe Hook Commands](https://agentpatterns.ai/tool-engineering/hook-exec-form-vs-shell/): A hook's `args` spawns the command with `execve`, not a shell, so substituted input cannot inject shell syntax. Reser... - [Hooks and Lifecycle Events: Intercepting Agent Behavior](https://agentpatterns.ai/tool-engineering/hooks-lifecycle-events/): Hooks run deterministic code at defined points in an agent's execution — around tool calls and session boundaries — e... - [Hooks Invoking MCP Tools: Closing the Loop Between Policy and Tool Execution](https://agentpatterns.ai/tool-engineering/hooks-invoking-mcp-tools/): A Claude Code hook can return `type: "mcp_tool"` to call a tool on an already-connected MCP server directly, collapsi... - [Indexed Regex Search for Agent Tools](https://agentpatterns.ai/tool-engineering/indexed-regex-search-agent-tools/): Back an agent's regex search with a pre-built text index so query latency stays bounded on large repositories, at the... - [Lexical-First Retrieval for Agentic Search](https://agentpatterns.ai/tool-engineering/lexical-first-retrieval-for-agentic-search/): A tuned BM25 index plus a frontier agent loop with deep retrieval can match dense retrieval on deep-research benchmar... - [Machine-Readable Error Responses for AI Agents (RFC 9457)](https://agentpatterns.ai/tool-engineering/rfc9457-machine-readable-errors/): Request structured errors from HTTP APIs using `Accept` headers — and emit them from your own agent-facing services —... - [MCP alwaysLoad: Classifying Servers as Eager or Just-in-Time](https://agentpatterns.ai/tool-engineering/mcp-eager-vs-jit-loading/): Classify each MCP server as eager (`alwaysLoad`) or just-in-time by weighing always-paid context tax against on-deman... - [MCP Client Design: Building Robust Host-Side Logic](https://agentpatterns.ai/tool-engineering/mcp-client-design/): MCP client design is the host-side logic that connects to MCP servers, negotiates capabilities, routes tool calls, ca... - [MCP Client/Server Architecture](https://agentpatterns.ai/tool-engineering/mcp-client-server-architecture/): A well-designed MCP server is invisible to the agent — a poor one fails systematically: wrong tool selection, bloated... - [MCP Elicitation: Servers Requesting Structured Input Mid-Task](https://agentpatterns.ai/tool-engineering/mcp-elicitation/): MCP elicitation lets servers pause a tool call to request structured input; Claude Code hooks intercept, auto-fill, v... - [MCP LLM Sampling: Servers Requesting AI Inference Mid-Tool](https://agentpatterns.ai/tool-engineering/mcp-llm-sampling/): MCP sampling lets a server request the host's LLM mid-execution, turning a deterministic tool into a hybrid that embe... - [MCP Server Design: Building Agent-Friendly Servers](https://agentpatterns.ai/tool-engineering/mcp-server-design/): A well-designed MCP server makes the right tool call obvious. A poorly designed one burns tokens on retries, confuses... - [MCP Tool Result Persistence via _meta Annotation](https://agentpatterns.ai/tool-engineering/mcp-result-persistence-annotation/): Claude Code lets MCP servers flag individual tool outputs as durable — up to 500,000 characters survive context compa... - [MessageDisplay Hook: Transforming Assistant Text at the Display Boundary](https://agentpatterns.ai/tool-engineering/messagedisplay-hook-assistant-text-transform/): `MessageDisplay` fires on every outbound assistant message and lets a hook transform or hide the text before display. - [On-Demand Skill Hooks: Session-Scoped Guardrails via Skill Invocation](https://agentpatterns.ai/tool-engineering/on-demand-skill-hooks/): Register `PreToolUse` hooks through a skill invocation to arm strict guardrails for a single session — without imposi... - [One-Shot Record and Deterministic Replay for Periodic Agent Tasks](https://agentpatterns.ai/tool-engineering/one-shot-record-deterministic-replay/): Record a periodic agent task's tool-call sequence once, parameterize what varies, and replay deterministically withou... - [OpenAPI Documentation Smells for Agent-Ready APIs](https://agentpatterns.ai/tool-engineering/openapi-documentation-smells/): A structurally valid OpenAPI spec is not an agent-ready API. Enriching the spec text alone moved agent task success f... - [Out-of-Band Hook Notifications via terminalSequence](https://agentpatterns.ai/tool-engineering/terminal-sequence-hook-notifications/): The `terminalSequence` field on hook JSON output lets a hook ping the human — desktop notification, window title, bel... - [Override Pattern: Reusing Interactive Commands in Automated Pipelines](https://agentpatterns.ai/tool-engineering/override-interactive-commands/): Suppress interactive prompts with a one-line instruction override so the same command definition serves both human-in... - [Poka-Yoke for Agent Tools](https://agentpatterns.ai/tool-engineering/poka-yoke-agent-tools/): Redesign agent tool interfaces so the wrong call cannot compile — prevention over documentation. - [PostToolBatch Hook: Once-Per-Decision-Cycle Injection at the Batch Boundary](https://agentpatterns.ai/tool-engineering/posttoolbatch-hook-batch-boundary/): `PostToolBatch` fires once after a parallel tool batch resolves and before the next model call — the cardinality matc... - [PostToolUse continueOnBlock: Refusal With a Load-Bearing Reason](https://agentpatterns.ai/tool-engineering/posttooluse-continue-on-block/): `continueOnBlock` feeds a `PostToolUse` hook's rejection reason back as a continuation signal instead of ending the t... - [PostToolUse Hook for BSD/GNU Tool Miss Detection](https://agentpatterns.ai/tool-engineering/posttooluse-bsd-gnu-detection/): A `PostToolUse` or `PostToolUseFailure` hook can catch "command not found" and BSD/GNU incompatibility errors the mom... - [PostToolUse Output Replacement: Hooks That Rewrite Tool Results](https://agentpatterns.ai/tool-engineering/posttooluse-output-replacement/): `PostToolUse` hooks replace the string the model sees from any tool call via `updatedToolOutput` — enabling secret re... - [PreCompact Hook: Vetoing Compaction at Lifecycle Boundaries](https://agentpatterns.ai/tool-engineering/precompact-hook-compaction-veto/): `PreCompact` can block compaction — exiting with code 2 or returning `{"decision": "block"}` defers context compressi... - [Production MCP Agent Stack](https://agentpatterns.ai/tool-engineering/production-mcp-agent-stack/): Moving an MCP agent from prototype to production means sequencing six orthogonal decisions that constrain each other.... - [Project Writing Skill](https://agentpatterns.ai/tool-engineering/project-writing-skill/): A project writing skill packages house-style rules into a model-invocable SKILL.md loaded only when the agent writes ... - [Proprietary-to-Open-Standard Tool Migration (Copilot Extensions to MCP)](https://agentpatterns.ai/tool-engineering/copilot-extensions-to-mcp-migration/): When a proprietary extension system gets replaced by an open protocol, the right response is to rebuild on the standa... - [Push-Event MCP Channels: Inverting the Pull-Tool Polarity](https://agentpatterns.ai/tool-engineering/push-event-mcp-channels/): MCP channels invert pull-tool polarity — the server pushes events into a running session through one capability decla... - [Reactive Environment Hooks: CwdChanged and FileChanged](https://agentpatterns.ai/tool-engineering/reactive-environment-hooks/): CwdChanged and FileChanged hooks let the agent trigger shell-level side effects in response to directory changes and ... - [Scoped MCP Server Discovery: Most-Specific-Wins Resolution](https://agentpatterns.ai/tool-engineering/scoped-mcp-server-discovery/): Across user, workspace, and project MCP configs, the most-specific scope defining a server name wins, and duplicate d... - [Self-Healing Tool Routing](https://agentpatterns.ai/tool-engineering/self-healing-tool-routing/): Route tool calls through a cost-weighted graph; recompute paths on failure and invoke the LLM only when no feasible p... - [Semantic Tool Output: Designing for Agent Readability](https://agentpatterns.ai/tool-engineering/semantic-tool-output/): Return human-readable, contextually filtered output from agent tools to reduce hallucination and improve downstream c... - [Skill as Instruction Surface and Callable API (Interpreter Skills)](https://agentpatterns.ai/tool-engineering/interpreter-skills/): A skill that ships both a SKILL.md and an importable module the interpreter can call — the model picks when, the runt... - [Skill as Knowledge Pattern](https://agentpatterns.ai/tool-engineering/skill-as-knowledge/): Design skills as knowledge containers — domain rules, heuristics, and reference material — not executable behavior, s... - [Skill Authoring Patterns: Description to Deployment](https://agentpatterns.ai/tool-engineering/skill-authoring-patterns/): Skill authoring patterns are repeatable structures that make agent skills reliable — covering description craft, the ... - [Skill Context Isolation: Forking the Skill into a Subagent Window](https://agentpatterns.ai/tool-engineering/skill-context-isolation/): Run a skill in a forked subagent context so its auxiliary tokens — search hits, plans, tool output — stay out of the ... - [Skill Library Evolution](https://agentpatterns.ai/tool-engineering/skill-library-evolution/): Skill libraries that grow without lifecycle governance degrade agent performance through choice overload, context blo... - [Skill Library Technical Debt](https://agentpatterns.ai/tool-engineering/skill-library-technical-debt/): Skill libraries accumulate defects no single-skill eval catches: redundant clones, missing validators, type mismatche... - [Skill Tool as Enforcement: Loading Command Prompts at Runtime](https://agentpatterns.ai/tool-engineering/skill-tool-runtime-enforcement/): Use the Skill tool to load command prompts at invocation time rather than telling agents to "read the file" -- this e... - [SKILL.md Frontmatter Reference](https://agentpatterns.ai/tool-engineering/skill-frontmatter-reference/): SKILL.md frontmatter controls how a skill is discovered, invoked, and executed — each field governs one aspect of tha... - [StopFailure Hook: Observability for API Error Termination](https://agentpatterns.ai/tool-engineering/stopfailure-hook/): `StopFailure` fires when a Claude Code turn ends due to an API error, providing a deterministic signal for logging, a... - [Terminal Tool Output Compression: Filtering Predictable Noise at the Harness](https://agentpatterns.ai/tool-engineering/terminal-output-compression/): Strip predictable-shape noise from terminal output at the harness boundary so context holds signal, not lockfile churn. - [Terminal Tools for Agents: send_to_terminal and Background Interaction](https://agentpatterns.ai/tool-engineering/send-to-terminal-background-interaction/): VS Code 1.115 adds `send_to_terminal` and the `backgroundNotifications` setting, giving agents bidirectional control ... - [Tool Cloning and Provenance Assessment](https://agentpatterns.ai/tool-engineering/tool-cloning-provenance-assessment/): Marketplace repository counts overstate tool diversity because many entries are clones or template-derived; assess pr... - [Tool Description Quality](https://agentpatterns.ai/tool-engineering/tool-description-quality/): Tool descriptions — not just tool implementations — determine whether agents select the right tool for a task. Treati... - [Tool Engineering Principles for AI Agent Development](https://agentpatterns.ai/tool-engineering/tool-engineering/): Design agent tools like APIs — with documentation, examples, edge-case handling, and mistake-proofing — not as boiler... - [Tool Minimalism and High-Level Prompting](https://agentpatterns.ai/tool-engineering/tool-minimalism/): Tool minimalism — exposing fewer, non-overlapping tools — paired with high-level prompting beats redundant tool sets ... - [Tool Necessity Probing](https://agentpatterns.ai/tool-engineering/tool-necessity-probing/): A linear probe on the pre-generation hidden state predicts tool necessity at AUROC 0.89–0.96 — beating the model's ve... - [Toolset Agentization: Wrapping Co-Used Tools as Sub-Agents](https://agentpatterns.ai/tool-engineering/toolset-agentization/): Group frequently co-used tools into specialized sub-agents so the top-level planner chooses among fewer, coarser acti... - [Unix CLI as the Native Tool Interface for AI Agents](https://agentpatterns.ai/tool-engineering/unix-cli-native-tool-interface/): A single `run(command)` tool backed by Unix CLI can replace large typed-function catalogs, exploiting the model's she... - [Web Search Agent Loop](https://agentpatterns.ai/tool-engineering/web-search-agent-loop/): A web search agent loop wraps retrieval in a cycle of search, evaluate, refine, and synthesize, letting the agent dec... - [Write Tool Descriptions as Agent Onboarding Documents](https://agentpatterns.ai/tool-engineering/tool-descriptions-as-onboarding/): Write tool descriptions for an agent that has never seen the system — make implicit context, query formats, domain te... ## Token Engineering - [Token Engineering](https://agentpatterns.ai/token-engineering/): Token engineering gets the same result for fewer, cheaper tokens — routing to the right model and trimming each call,... - [Code Cleanliness as an Agent Cost Lever](https://agentpatterns.ai/token-engineering/code-cleanliness-agent-cost-lever/): Cleaner code left agent pass rate unchanged but cut token use 7-8% and file revisitations 34% — a cost lever, not a c... - [Cost-Aware Agent Design: Route by Complexity, Not Habit](https://agentpatterns.ai/token-engineering/cost-aware-agent-design/): Cost-aware agent design routes each task to the cheapest model that meets its complexity, escalating tier only when v... - [Cost-Quality Pareto Measurement for Agent Configurations](https://agentpatterns.ai/token-engineering/cost-quality-pareto-measurement/): Cost-quality Pareto measurement plots each agent configuration on the non-dominated cost/quality frontier — quality-t... - [Routing Decision Framework](https://agentpatterns.ai/token-engineering/routing-decision-framework/): Pick the routing pattern that fits your dominant signal — complexity, blast radius, latency, or cost — instead of sta... - [Temporal Token Routing: Batch and Flex Tiers for Non-Urgent Work](https://agentpatterns.ai/token-engineering/temporal-token-routing/): Route non-urgent inference into batch and flex tiers — both providers cut token cost 50% in exchange for asynchronous... - [Token-Cost Profiling and Reduction for Always-On Agentic Workflows](https://agentpatterns.ai/token-engineering/token-cost-profiling-always-on-workflows/): An instrument-attribute-fix-verify loop that turns recurring agentic workflows into a measurable cost surface, with n... - [Token-Efficient Code Generation: Structural Beats Prompting](https://agentpatterns.ai/token-engineering/token-efficient-code-generation/): Idiomatic syntax patterns reduce generated code tokens by 18-38% while preserving correctness. Prompt-level "be conci... - [Token-Efficient Tool Design: Tools That Don't Eat Your Context](https://agentpatterns.ai/token-engineering/token-efficient-tool-design/): Design tools so that each call injects the minimum tokens needed for the next agent decision. - [Tokenizer Swap Tax: Budgeting for Model Migrations That Change Token Counts](https://agentpatterns.ai/token-engineering/tokenizer-swap-tax/): A new tokenizer maps the same input to a different token count, so cost, context window, and rate limits shift while ... ## Loop Engineering - [Loop Engineering](https://agentpatterns.ai/loop-engineering/): Loop engineering designs, controls, and terminates the iterative loops agents run in, so they converge on the goal in... - [Agent Loop Go/No-Go: When Looping Earns Its Cost](https://agentpatterns.ai/loop-engineering/agent-loop-go-no-go-gate/): An agent loop earns its cost only when task cadence, automated verification, absorbable token budget, and real toolin... - [Agent Loop Middleware](https://agentpatterns.ai/loop-engineering/agent-loop-middleware/): Wrap the agent loop from the outside: middleware nodes guarantee critical steps run regardless of agent behavior and ... - [Convergence Detection in Iterative Agent Refinement](https://agentpatterns.ai/loop-engineering/convergence-detection/): Monitor three observable signals across refinement passes to replace intuition-based stopping with a mechanical crite... - [Goal-Driven Autonomous Loop with Budget Cap](https://agentpatterns.ai/loop-engineering/goal-driven-autonomous-loop/): A single-session loop that injects an objective-and-budget prompt each turn, stopping when the agent declares the goa... - [Human-in-the-Loop Checkpoints as Loop Control](https://agentpatterns.ai/loop-engineering/human-in-the-loop-checkpoints/): A human checkpoint inside an agent loop is a deliberate suspend that bounds the iteration or redirects the loop, not ... - [Loop Budgeting: Allocating Iteration and Token Budget Across Turns](https://agentpatterns.ai/loop-engineering/loop-budgeting/): Pick the budget primitive by whether an external grader exists, then choose front-loaded vs even-split allocation by ... - [Loop Engineering: Stacking Outer Loops Around the Agent](https://agentpatterns.ai/loop-engineering/loop-engineering/): Loop engineering stacks outer loops — verification, scheduling, hill-climbing — around the inner agent loop so the hu... - [Loop Strategy Spectrum: Accumulated vs Fresh Context](https://agentpatterns.ai/loop-engineering/loop-strategy-spectrum/): Agent loops manage context three ways: accumulated context suits synthesis, fresh context suits execution, and compre... - [Stuck-Loop Recovery: Detecting and Escaping Non-Converging Agent Loops](https://agentpatterns.ai/loop-engineering/stuck-loop-recovery/): Once detection fires, climb a bounded recovery ladder — nudge, replan, escalate, reset, hand off — until the stuck ag... - [The Ralph Wiggum Loop: Fresh-Context Iteration Pattern](https://agentpatterns.ai/loop-engineering/ralph-wiggum-loop/): The Ralph Wiggum Loop runs each iteration in a fresh context window, persisting state to disk so context never accumu... - [The Three Loops of Agentic Coding: A Diagnostic Vocabulary](https://agentpatterns.ai/loop-engineering/three-loops-agentic-coding/): Name three nested loops in an agent session — tool, verification, convergence — so the symptom you see tells you whic... ## Code Review - [Code Review](https://agentpatterns.ai/code-review/): Patterns for integrating AI agents into code review workflows. - [Agent PR Volume vs. Value: The Productivity Paradox](https://agentpatterns.ai/code-review/agent-pr-volume-vs-value/): Autonomous coding agents can generate PRs orders of magnitude faster than humans, but acceptance rates are significan... - [Agent Self-Review Loop](https://agentpatterns.ai/code-review/agent-self-review-loop/): An agent self-review loop runs code review, security scanning, and quality checks on its own output before submitting... - [Agent-Assisted Code Review: Agents as PR First Pass](https://agentpatterns.ai/code-review/agent-assisted-code-review/): Agent-assisted code review routes the mechanical first pass — style, types, security patterns, test coverage — to an ... - [Agent-Authored PR Integration: Collaboration Signals That Determine Merge Success](https://agentpatterns.ai/code-review/agent-authored-pr-integration/): Reviewer engagement, not code correctness, is the strongest predictor of whether an agent-authored PR gets merged; fo... - [Agent-Driven PR Slicing](https://agentpatterns.ai/code-review/agent-driven-pr-slicing/): The agent that produced a branch proposes its own split into smaller, reviewable PRs — using session intent, not diff... - [Agent-Generated Code Maintenance Asymmetry](https://agentpatterns.ai/code-review/agent-code-maintenance-asymmetry/): AI-generated files get about half the commit frequency of human-authored ones, and their changes skew toward features... - [Agent-Proposed Merge Resolution](https://agentpatterns.ai/code-review/agent-proposed-merge-resolution/): Merge conflicts are the dominant seam between agent-authored PRs and the rest of the codebase. The working interactio... - [Agentic Code Review Architecture](https://agentpatterns.ai/code-review/agentic-code-review-architecture/): Agentic code review replaces static diff analysis with a tool-calling architecture where the reviewer explores the re... - [AI Label as Reviewer Attention Redistribution](https://agentpatterns.ai/code-review/ai-label-attention-redistribution/): Labelling code as LLM-generated raises reviewer fixation time +33–60% and shifts strategy toward criteria or prompt-g... - [AIRA: Inspection Framework for AI-Generated Code](https://agentpatterns.ai/code-review/aira-inspection-framework/): A deterministic 15-check inspection framework that targets the patterns where AI-generated code preserves the appeara... - [Batched Suggestion Application](https://agentpatterns.ai/code-review/batched-suggestion-application/): Cluster each mechanical agent suggestion by rule, severity, and file scope, then apply the batch as one reviewed comm... - [Cloud Parallel Review Pattern](https://agentpatterns.ai/code-review/cloud-parallel-review-pattern/): Fan out code review across multiple agents in a remote sandbox, verify each candidate finding against actual code beh... - [Committee Review Pattern](https://agentpatterns.ai/code-review/committee-review-pattern/): A committee review pattern routes agent-produced work through specialized reviewers — each applying a distinct lens —... - [CRA-Only Review and the Merge Rate Gap](https://agentpatterns.ai/code-review/cra-merge-rate-gap/): CRA-only reviewed PRs merge at 45.20% versus 68.37% for human-only reviewed PRs — a 23-point gap explained by low sig... - [Deferred Standards Enforcement via Review Agents](https://agentpatterns.ai/code-review/deferred-standards-enforcement/): Move post-hoc-checkable standards out of CLAUDE.md into a reviewer agent that runs at PR time — preserving implementa... - [Diff-Based Review Over Output Review](https://agentpatterns.ai/code-review/diff-based-review/): Review what changed, not the full output — mistakes live in the delta, and diffs compress review effort to the right ... - [Human-AI Review Synergy](https://agentpatterns.ai/code-review/human-ai-review-synergy/): AI reviewer suggestions are adopted at 16.6% versus 56.5% for humans — but the gap is a design input, not a failure. ... - [Instruction-Aware Automated Code Review](https://agentpatterns.ai/code-review/instruction-aware-automated-review/): Feed the team's instruction file into the review agent so its findings enforce documented conventions the reviewer ca... - [Interaction-Pattern Evaluation for Agentic PRs](https://agentpatterns.ai/code-review/interaction-pattern-evaluation/): Merge and reject labels misclassify agentic PR quality — most rejections aren't failures, some merges hide no review.... - [PR Description Style as a Lever for Agent PR Merge Rates](https://agentpatterns.ai/code-review/pr-description-style-lever/): Treating PR description structure as a configurable agent parameter — not a cosmetic default — measurably affects rev... - [Predicting Reviewable Code: Pre-Flagging Functions Reviewers Will Delete](https://agentpatterns.ai/code-review/predicting-reviewable-code/): AI-generated code produces functions that are routinely deleted during PR review; predictive models can identify like... - [Preempting Agentic PR Rejection by Failure-Mode Category](https://agentpatterns.ai/code-review/preempting-agentic-pr-rejection/): A 14-reason rejection taxonomy explains why 46% of agentic fix PRs fail, and only implementation and CI categories re... - [Reproduce-Before-Report Verification Gate](https://agentpatterns.ai/code-review/reproduce-before-report-verification-gate/): A reproduce-before-report verification gate drops any reviewer finding the verifier cannot reproduce against actual c... - [Review-Feedback-to-Rule Loop: Promoting Recurring PR Comments into Harness Rules](https://agentpatterns.ai/code-review/review-feedback-to-rule-loop/): Promote a recurring review comment into a harness rule once it fires across 3+ PRs — then retire it when the hit coun... - [Review-Then-Implement Loop for AI Agent Development](https://agentpatterns.ai/code-review/review-then-implement-loop/): Close the loop between AI code review and code generation: a reviewer identifies issues, a coding agent implements fi... - [Reviewer Habituation in Agent PR Review](https://agentpatterns.ai/code-review/reviewer-habituation-decay/): Repeat exposure to agent PRs lifts a reviewer's approval rate and cuts comments while latency grows — three co-moving... - [Reviewer's Playbook for Agent-Authored Pull Requests](https://agentpatterns.ai/code-review/reviewers-playbook-agent-authored-prs/): A time-boxed inspection priority order for reviewing agent-authored PRs — CI changes first, then duplicated utilities... - [Risk-Score Threshold Calibration for Auto-Approval](https://agentpatterns.ai/code-review/risk-score-threshold-calibration/): Expose the auto-approval cutoff on a learned diff-risk score as an explicit yield-vs-safety knob, with revert and inc... - [Self-Improving Code Review Agents — Learned Rules](https://agentpatterns.ai/code-review/learned-review-rules/): Code review agents that persist rules extracted from accepted and rejected PR feedback, improving future reviews with... - [Signal Over Volume in AI Review](https://agentpatterns.ai/code-review/signal-over-volume-in-ai-review/): Design AI code review to stay silent when it has nothing useful to say — high-signal feedback builds trust; exhaustiv... - [Structure-Aware Diff Labeling with Two-Stage LLM Pipelines](https://agentpatterns.ai/code-review/structure-aware-diff-labeling/): A two-stage LLM pipeline labels diff hunks against a 12-type taxonomy, then refines cross-hunk relationships — a poly... - [The Security Review Gap in AI-Authored PRs](https://agentpatterns.ai/code-review/security-review-gap-in-ai-prs/): AI-authored security PRs cluster around six CWEs; 52.4% merge despite flaws, and commit-message quality carries no pr... - [Tiered Code Review: AI-First with Human Escalation](https://agentpatterns.ai/code-review/tiered-code-review/): Route review effort by risk: AI handles the first pass, non-critical code merges after AI-only review, and critical c... - [Tunable Effort Levels for Code Review Agents](https://agentpatterns.ai/code-review/tunable-review-effort/): Expose review depth as a per-PR dial backed by a published bug-discovery curve, so reviewers and routing policies tra... ## Verification - [Verification](https://agentpatterns.ai/verification/): How to measure agent output quality, design evaluation suites, and use evals to drive development. - [Anti-Reward-Hacking: Rubrics That Resist Gaming](https://agentpatterns.ai/verification/anti-reward-hacking/): Agents optimize for the literal metric, not the intent behind it. Design eval rubrics with orthogonal signals so no s... - [Baseline-Aware Test Evaluation for Multi-Agent Issue Resolution (Phoenix)](https://agentpatterns.ai/verification/baseline-aware-test-evaluation-issue-resolution/): Run the test suite twice — baseline first, patched second — and gate the agent PR on the diff, not the absolute pass ... - [Behavioral Testing for Non-Deterministic AI Agents](https://agentpatterns.ai/verification/behavioral-testing-agents/): Agent outputs are non-deterministic. Test decision quality and end-state, not exact execution paths, and define accep... - [Benchmark Contamination as Eval Risk](https://agentpatterns.ai/verification/benchmark-contamination-eval-risk/): Static benchmarks become unreliable as models train on their data. Decontaminated pipelines use temporal filtering an... - [Benchmark-Driven Tool Selection for Code Generation](https://agentpatterns.ai/verification/benchmark-driven-tool-selection/): Academic coding benchmarks overstate real-world capability. Benchmark-driven tool selection uses telemetry-derived su... - [CausalFlow: Counterfactual Repair for Failed Agent Trajectories](https://agentpatterns.ai/verification/causalflow-counterfactual-agent-repair/): Intervene on each step of a failed agent trajectory — the step whose oracle-guided replacement flips the outcome is t... - [Chain-of-Verification for Coding Agents](https://agentpatterns.ai/verification/chain-of-verification-coding-agents/): Chain-of-Verification helps coding agents only in its factored variant, applied to claims no test, type checker, or L... - [Completion Failure Taxonomy](https://agentpatterns.ai/verification/completion-failure-taxonomy/): Not every rejected completion is a model failure. A quarter of real-world completion failures trace to integration pr... - [ComplexMCP: Three Bottlenecks in Large Interdependent Tool Sandboxes](https://agentpatterns.ai/verification/complexmcp-tool-sandbox-bottlenecks/): ComplexMCP, a 300+ tool MCP benchmark, caps top models near 55% against a 94% human baseline through three deployment... - [Component-Isolated Memory Stress Testing](https://agentpatterns.ai/verification/component-isolated-memory-stress-testing/): Test summarisation, storage, and retrieval against three separate adversarial datasets so a memory regression resolve... - [Constraint Decay in Backend Code Generation](https://agentpatterns.ai/verification/constraint-decay-backend-agents/): Constraint decay: backend agents that pass a baseline API contract drop ~30 percentage points once framework, databas... - [Control Lexical Leakage in Agent-Memory Retrieval Evals (Entity-Collision)](https://agentpatterns.ai/verification/lexical-leakage-agent-memory-retrieval-evals/): A single hit@k confounds embedder lift with lexical overlap; pin BM25 with shared-entity distractors and stratify que... - [Controlled Benchmark Rewriting for Agent Safety Judgment](https://agentpatterns.ai/verification/controlled-benchmark-rewriting-safety-judgment/): Rewrite known unsafe trajectories into deceptive variants while keeping the underlying risk label fixed. The drop in ... - [Corpus-Level Trace Diagnostics for LLM Agents](https://agentpatterns.ai/verification/corpus-level-trace-diagnostics/): A trace corpus past a few hundred runs needs population-level analysis: a scout-investigator pipeline proposes recurr... - [CoT Robustness in Code Generation](https://agentpatterns.ai/verification/cot-robustness-code-generation/): Enabling chain-of-thought for code generation can help, hurt, or do nothing depending on the model and task. Measure ... - [Coverage-Guided Agents for Fuzz Harness Generation](https://agentpatterns.ai/verification/coverage-guided-fuzz-harness-generation/): Coverage-guided agents generate fuzz harnesses for library APIs automatically, using coverage feedback as the iterati... - [Coverage-Guided Fuzzing for Multi-Agent LLM Systems (FLARE)](https://agentpatterns.ai/verification/flare-multi-agent-fuzzing/): FLARE applies coverage-guided fuzzing to multi-agent LLM systems, using interaction path coverage as the exploration ... - [Cross-Framework Signal Semantics](https://agentpatterns.ai/verification/cross-framework-signal-semantics/): Cross-framework signal semantics: a behavioral signal that predicts success in one framework can predict failure in a... - [Data Fidelity Guardrails](https://agentpatterns.ai/verification/data-fidelity-guardrails/): Ensure agents faithfully relay data from APIs, MCP servers, and databases rather than silently summarizing, altering,... - [Decomposed Red-Teaming for Agent Monitors](https://agentpatterns.ai/verification/decomposed-red-teaming-agent-monitors/): Decomposed red-teaming splits attacks into strategy, execution, and refinement stages, dropping BashArena monitor cat... - [Decomposing Agent Output Variability by Layer (Sampling vs Orchestration State)](https://agentpatterns.ai/verification/sampling-state-agent-variability-layers/): Run-to-run agent variability has at least three distinct layers — separate them before picking a mitigation, because ... - [Defense-in-Depth Against Coding Agent Fabrication (Honesty Harness)](https://agentpatterns.ai/verification/honesty-harness-fabrication-defense/): Four uncorrelated checks — honesty rules, verify-before-write, hooks that feed output back, and an external-tool fact... - [Demand-Driven Repository Auditing](https://agentpatterns.ai/verification/demand-driven-repo-auditing/): Trace specific data flows across function boundaries on-demand instead of analyzing entire codebases. An Initiator-Ex... - [Dependency Gap Validation for AI-Generated Code](https://agentpatterns.ai/verification/dependency-gap-validation/): AI coding agents declare a fraction of the dependencies their code actually needs at runtime — validate in clean envi... - [Deterministic Guardrails Around Probabilistic Agents](https://agentpatterns.ai/verification/deterministic-guardrails/): Wrap agent output in hard, deterministic checks — linting, schema validation, CI gates — that enforce correctness reg... - [Distillation-Induced Similarity Metrics for Tool-Use Agents](https://agentpatterns.ai/verification/distillation-induced-similarity-metrics/): Two metrics quantify how much distilled models share non-mandatory tool-use behaviour, so routing and ensemble voting... - [Dominator-Graph Trajectory Invariants for Non-Deterministic Agents](https://agentpatterns.ai/verification/dominator-graph-trajectory-invariants/): Validate non-deterministic agent runs by checking which states must dominate success — not by replaying a scripted se... - [Eval Awareness: Designing Evals Agents Cannot Recognise](https://agentpatterns.ai/verification/eval-awareness/): Frontier models detect eval-shaped prompts and shift behaviour between evaluation and production. Design evals that r... - [Eval Blind Spots: Structural Gaps in Measurement Methodology](https://agentpatterns.ai/verification/eval-blind-spots/): Eval blind spots are gaps in measurement methodology — what the harness cannot observe — not model-capability gaps, s... - [Evaluator Templates: Portable Primitives](https://agentpatterns.ai/verification/evaluator-templates/): Treat judge prompts as parameterised templates for the narrow set of evaluation questions whose shape is portable acr... - [Execution Budgeting in Agentic Program Repair](https://agentpatterns.ai/verification/execution-budgeting-program-repair/): Cap how often a repair agent runs tests — frontier models converge with far fewer executions than they reflexively pe... - [Five-Pass Blunder Hunt](https://agentpatterns.ai/verification/five-pass-blunder-hunt/): A Five-Pass Blunder Hunt runs one critique prompt repeatedly over a plan; each pass normalises its own findings, so l... - [Generative Provenance Records for Tool-Using Agents](https://agentpatterns.ai/verification/generative-provenance-records/): Emit a structured provenance record alongside each output sentence so a mechanical verifier can check claim-level gro... - [Golden Journeys: Restartability as a First-Class Verification Primitive](https://agentpatterns.ai/verification/golden-journeys/): Golden Journeys are named end-to-end paths through the running system, each with a per-step failure signal, gating co... - [Golden Query Pairs as Continuous Regression Tests for Agents](https://agentpatterns.ai/verification/golden-query-pairs-regression/): Maintain a curated set of question-answer pairs with known-good expected outputs, and run them continuously against a... - [Grade Agent Outcomes, Not Execution Paths](https://agentpatterns.ai/verification/grade-agent-outcomes/): Grade agent outcomes — the final state produced — not the execution path taken, so valid alternative solutions are no... - [Human-Review-Driven Curation of Golden Eval Datasets](https://agentpatterns.ai/verification/human-review-golden-dataset-curation/): Sample production traces on intent, split each disagreement into scorer-wrong or agent-wrong, and feed only agent fai... - [Incident-to-Eval Synthesis: Production Failures as Evals](https://agentpatterns.ai/verification/incident-to-eval-synthesis/): Every production LLM incident is a candidate regression eval: extract the failure mode, define expected behavior, and... - [Incremental Verification: Check at Each Step, Not at the End](https://agentpatterns.ai/verification/incremental-verification/): Verify agent output at each logical step to catch errors close to their source, before they propagate. - [Layered Accuracy Defense](https://agentpatterns.ai/verification/layered-accuracy-defense/): Distribute accuracy verification across every agent in a pipeline so no single agent is the sole gatekeeper. - [Layered Oracle Stack for Agent IaC Security Repair (TerraProbe)](https://agentpatterns.ai/verification/layered-oracle-iac-security-repair/): Stack scanner-pass, full-scanner, validate, plan, and plan-diff oracles so an LLM security fix has to clear behaviora... - [Learned Prefix Monitors for Agent Traces](https://agentpatterns.ai/verification/learned-prefix-monitors-agent-traces/): A prefix monitor scores a partial agent trace for failure. Learning that scorer offline cuts LLM-judging cost, but st... - [LLM Agent Bug Fix Taxonomy](https://agentpatterns.ai/verification/agent-bug-fix-taxonomy/): 930 real bug fixes in LLM agents distill to 23 recurrent patterns dominated by tools-component edits, framework-versi... - [LLM Static Verification Against Natural-Language Requirements](https://agentpatterns.ai/verification/llm-static-verification-natural-language-requirements/): Mine checkable rules from a requirements spec with one LLM, then audit the code rule by rule with a second. A human r... - [LLM-Driven Benchmark Auditing](https://agentpatterns.ai/verification/llm-benchmark-auditing/): Treat the benchmark itself as a software artefact and let a frontier LLM audit its specs, fixtures, and grading scrip... - [Macro Evals for Agentic Systems](https://agentpatterns.ai/verification/macro-evals-agentic-systems/): Macro evaluation aggregates per-trace findings across a corpus of agent runs to surface recurring behavior patterns t... - [Markov-Chain Reliability for LLM Agents: Audit the Abstraction Before You Trust the Metric](https://agentpatterns.ai/verification/markov-chain-agent-reliability/): pass@k, pass^k, and the reliability decay curve are projections of one Markov chain fit to agent traces — defensible ... - [Measuring Synthetic Eval Data Quality (SynAE)](https://agentpatterns.ai/verification/synae-synthetic-eval-quality/): Score synthetic tool-calling eval datasets on validity, fidelity, and diversity across four trace components before t... - [Multi-Agent RAG for Spec-to-Test Automation](https://agentpatterns.ai/verification/multi-agent-rag-spec-to-test/): A retrieval-augmented multi-agent pipeline converts test specifications to executable scripts by grounding generation... - [Multi-Turn Conversation Evaluation](https://agentpatterns.ai/verification/multi-turn-conversation-evaluation/): Multi-turn conversation evaluation pairs per-turn scoring with a trace-level resolution check to catch failures that ... - [Mutation Testing as a Quality Gate for AI-Generated Test Suites](https://agentpatterns.ai/verification/mutation-testing-quality-gate/): Coverage proves a line ran; mutation testing proves the suite would notice a regression. On LLM-generated tests, surv... - [Nonstandard Errors in AI Agents](https://agentpatterns.ai/verification/nonstandard-errors-ai-agents/): AI agents analyzing identical data with identical instructions reach different conclusions systematically by model fa... - [Overeager-Behavior Elicitation: Scope + Trap Fragments as a Diagnostic for Out-of-Scope Tool Calls](https://agentpatterns.ai/verification/overeager-behavior-elicitation-scope-trap-fragments/): Compose benign scenarios from scope and trap fragments, score with a judge-free filesystem-delta oracle, and adaptive... - [PASS@(k,T): Evaluate RL for Agents Along Sampling and Interaction Depth](https://agentpatterns.ai/verification/pass-at-k-t-agentic-rl-eval/): A pass@k number misreads RL's effect on a tool-use agent. Vary sampling budget *k* and interaction depth *T* jointly ... - [pass@k and pass^k: Capability and Consistency Metrics](https://agentpatterns.ai/verification/pass-at-k-metrics/): A single pass rate conflates two agent properties: whether it *can* solve a problem and whether it *reliably* does. p... - [Phantom Symbol Detection for LLM API Migration](https://agentpatterns.ai/verification/phantom-symbol-detection/): Phantom Symbol Detection verifies symbols against an API knowledge base — a deterministic check catching fabricated i... - [Planted-Bug Methodology: Deliberate Bugs as Observability Calibration](https://agentpatterns.ai/verification/planted-bug-observability-calibration/): Plant deterministic bugs, then verify captured signals lead an agent to the responsible layer. Logs that exist but do... - [Pre-Change Impact Analysis: Dependency Maps That Prevent Agent Regressions](https://agentpatterns.ai/verification/pre-change-impact-analysis/): Build a graph of code-to-test dependencies and deliver it as a lightweight agent skill — agents query which tests are... - [Pre-Completion Checklists for AI Agent Development](https://agentpatterns.ai/verification/pre-completion-checklists/): Block agent completion signals with a mandatory verification sequence — agents must pass explicit checks before they ... - [Precise Debugging: Measure Edit Precision, Not Just Test Pass Rate](https://agentpatterns.ai/verification/precise-debugging-benchmark/): A model that passes the unit tests may not have debugged — it may have rewritten. Pair pass rate with edit-level prec... - [RAG/Agent Reliability Problem Map](https://agentpatterns.ai/verification/rag-agent-reliability-problem-map/): A 16-domain failure taxonomy that turns ad-hoc prompt tweaking into systematic incident classification for RAG and ag... - [Re-Run the Original Test Suite After Every Refinement Turn](https://agentpatterns.ai/verification/test-suite-after-refinement-turn/): Multi-turn LLM code refinement silently breaks previously-passing code; re-run the original test suite after every tu... - [Red-Green-Refactor with Agents: Tests as the Spec](https://agentpatterns.ai/verification/red-green-refactor-agents/): Run the TDD cycle as separate agent invocations: write failing tests, instruct the agent to pass them, then refactor ... - [Repository Perturbation as Context-Reasoning Diagnosis (RepoMirage)](https://agentpatterns.ai/verification/repository-perturbation-context-reasoning-diagnosis/): Perturb the repository in semantics-preserving ways before the agent sees it — the accuracy drop measures shortcut sh... - [Risk-Based Shipping: Review by Risk Matrix, Not by Default](https://agentpatterns.ai/verification/risk-based-shipping/): Use a risk matrix to decide which agent-generated changes auto-ship and which require manual review — graduated overs... - [Risk-Based Task Sizing for Agent Verification Depth](https://agentpatterns.ai/verification/risk-based-task-sizing/): Scale verification effort to match task risk — trivial changes get quick checks, high-risk changes get multi-model ad... - [Runnable Documentation as Agent Verification](https://agentpatterns.ai/verification/runnable-documentation/): Convert inline code examples into standalone files that CI executes on every build — catching doc rot with the same s... - [Skill Evals: Measuring Skill Quality as a Dataset-Graded Unit](https://agentpatterns.ai/verification/skill-evals/): Evaluate each skill as a unit: a labelled dataset, explicit assertions, paired with-skill and baseline runs, and a be... - [Skill Specification Violation Fuzzing](https://agentpatterns.ai/verification/skill-specification-violation-fuzzing/): Semantic fuzzing turns each natural-language skill guardrail into a reachability goal over an execution trace, surfac... - [Source-Grounded Test Plan with Pre-Action Assertion Annotation](https://agentpatterns.ai/verification/pre-test-grounded-plan-assertion-annotation/): A source-read test plan plus pre-action assertion annotation makes UI-verifying agents commit to expected behavior up... - [Spec-Derived Execution as a Correctness Oracle](https://agentpatterns.ai/verification/spec-derived-execution-correctness-judging/): Ground the spec-conformance oracle in real execution traces — judge `(input, output)` pairs against the spec, not the... - [Staged Evidence Gates for Agentic Program Repair](https://agentpatterns.ai/verification/staged-evidence-gates-program-repair/): Stage cheap evidence gates ahead of expensive ones in repair loops so costly checks run only on candidates that alrea... - [Stateful Agent Evals via State Snapshots and Transition Assertions](https://agentpatterns.ai/verification/stateful-agent-state-and-transition-evals/): Assert on intermediate state and transitions, not just final output, so state-corruption failures stop hiding behind ... - [Structural Coverage Criteria for Agent Workflows](https://agentpatterns.ai/verification/structural-coverage-agent-workflows/): Derive coverage obligations from a typed coordination graph of agents, tools, restrictions, and delegations — then ch... - [Structured Output Constraints: Reducing Hallucination Surface](https://agentpatterns.ai/verification/structured-output-constraints/): Constrain agent output with templates and schemas to reduce the degrees of freedom available for error. - [Symptom-Reduction-as-Root-Cause: Why Oracle Tests Alone Miss Architectural Drift](https://agentpatterns.ai/verification/symptom-reduction-as-root-cause/): Agents iterating against a fiducial-point oracle adjust coefficients inside an architecture that cannot represent the... - [Task Alignment: The Selective-Compliance Gap Benchmarks Miss](https://agentpatterns.ai/verification/task-alignment-benchmark/): Terminal benchmarks reward finishing the task, not ignoring distractor instructions along the way. The Task Alignment... - [Test Harness Design for LLM Context Windows](https://agentpatterns.ai/verification/llm-context-test-harness/): Design test harnesses as LLM-first interfaces: terse stdout, verbose log files, and grep-friendly error lines that ke... - [Test-Driven Agent Development: Tests as Spec and Guardrail](https://agentpatterns.ai/verification/tdd-agent-development/): Write tests first, then let agents implement against them — tests define what the code must do and verify that the ag... - [Test-Driven Intent Clarification: Tests as Intermediate Alignment Artifacts](https://agentpatterns.ai/verification/test-driven-intent-clarification/): Generate tests that expose specification ambiguity, validate them against your intent, then constrain code generation... - [Tool-Use Sim-to-Real Perturbation Taxonomy](https://agentpatterns.ai/verification/tool-use-sim-to-real-perturbation-taxonomy/): Partition tool-use perturbations by which POMDP component they hit — observation, action, reward, or transition — to ... - [Trajectory Decomposition: Diagnose Where Coding Agents Fail](https://agentpatterns.ai/verification/trajectory-decomposition-diagnosis/): Decompose an agent's trajectory into search, read, and edit stages, scoring each independently to diagnose where a fa... - [Using the Agent to Analyze Its Own Evaluation Transcripts](https://agentpatterns.ai/verification/agent-transcript-analysis/): Feeding evaluation transcripts back to the agent surfaces tool-selection errors, description ambiguities, and cross-t... - [Variance-Based RL Sample Selection](https://agentpatterns.ai/verification/variance-based-rl-sample-selection/): Profile training samples by score variance before committing to RL fine-tuning — only the subset where the model some... - [Verification Ledger for Tracking Agent Output Quality](https://agentpatterns.ai/verification/verification-ledger/): Replace self-reported agent claims ("Build passed") with structured records — every verification step is an INSERT, e... ## Security - [Security](https://agentpatterns.ai/security/): Patterns and techniques for building agents that resist manipulation, protect sensitive data, and fail safely. - [Action-Audit Divergence: A Four-Mode Taxonomy for Runtime Hardening](https://agentpatterns.ai/security/action-audit-divergence-taxonomy/): A runtime action-audit divergence takes four forms — gate-bypass, audit-forgery, silent host failure, wrong-target — ... - [Action-Selector Pattern: LLM as Intent Decoder](https://agentpatterns.ai/security/action-selector-pattern/): The LLM decodes intent into a pre-approved action ID; tool outputs never re-enter the model, making control-flow hija... - [Agent Network Egress Policy: Admin-Controlled Domain Allow/Deny](https://agentpatterns.ai/security/agent-network-egress-policy/): Restrict which domains agent tools can reach via harness-enforced allow and deny lists; remove the model from the net... - [Agent-Authored Messages as a Deferred Exfiltration Channel](https://agentpatterns.ai/security/agent-authored-message-rendered-image-exfiltration/): An auto-fetching renderer downstream of an agent's authoring tool acts as deferred egress — closing the lethal trifec... - [Agent-Emitted Dependency Version Ranges Widen the Supply-Chain Attack Surface](https://agentpatterns.ai/security/agent-emitted-dependency-ranges/): For an application with a bump-bot, replace agent-emitted caret-or-tilde ranges with exact pins plus a lockfile-enfor... - [Agentic Detection and Response at the MCP Boundary](https://agentpatterns.ai/security/agentic-detection-response-mcp/): Instrument the MCP transport so agent reasoning, prompts, and tool calls become a runtime detection signal that endpo... - [Always-On Agentic PR Security Review](https://agentpatterns.ai/security/always-on-pr-security-review/): Pair a PR-time security reviewer with a scheduled whole-codebase scanner: the reviewer covers new risk in each diff, ... - [Authority Confusion: Untrusted Context Must Not Authorize Side Effects](https://agentpatterns.ai/security/authority-confusion-untrusted-context/): Untrusted runtime context may inform an agent's reasoning, but it must never authorize a side-effecting action — sepa... - [Behavioral Firewall for Tool-Call Trajectories](https://agentpatterns.ai/security/behavioral-firewall-tool-call-trajectories/): Compile benign tool-call telemetry into a parameterized DFA, then enforce permitted sequences and parameter bounds at... - [Blast Radius Containment: Least Privilege for AI Agents](https://agentpatterns.ai/security/blast-radius-containment/): Grant agents only the permissions their task requires — read-only for research, branch-scoped for code changes, no ex... - [Browser Sandbox for Agent-Generated HTML (Sandboxed Iframe + Immutable CSP)](https://agentpatterns.ai/security/browser-sandbox-agent-generated-html/): Run untrusted agent- or LLM-generated HTML in the browser by composing a sandboxed iframe, an immutable meta CSP, and... - [Clarification Mode Amplifies Prompt Injection](https://agentpatterns.ai/security/clarification-mode-injection-amplification/): Clarification mode opens a high-trust channel injected content exploits, amplifying prompt-injection success from 1–1... - [Close the Attack-to-Fix Loop: Adversarially Train Agent Checkpoints Against New Injections](https://agentpatterns.ai/security/close-attack-to-fix-loop/): Feed each newly discovered prompt injection class straight from red teaming into adversarial fine-tuning, shipping a ... - [Code Injection Defence in Multi-Agent Pipelines](https://agentpatterns.ai/security/code-injection-multi-agent-defence/): Multi-agent coding pipelines are vulnerable to code injection. A coder-reviewer-tester architecture with a dedicated ... - [Cognitive Poisoning: Untrusted Tool Feedback as a Trajectory Attack](https://agentpatterns.ai/security/cognitive-poisoning-tool-feedback/): A malicious tool stays benign for rounds, triggering harm only when final-action parameters meet hidden conditions, u... - [Compositional Vulnerability Induction in Coding Agents](https://agentpatterns.ai/security/compositional-vulnerability-induction/): Compositional vulnerability induction decomposes a malicious end-state into routine engineering tickets that each pas... - [Constraint Drift: Why Safety Must Be Maintained, Not Asserted](https://agentpatterns.ai/security/constraint-drift-multi-agent-safety/): Prompt-encoded safety constraints drift across memory, delegation, communication, tool use, audit, and optimization; ... - [Containment Playbook: npm-to-Signing-Channel Compromise](https://agentpatterns.ai/security/npm-signing-channel-containment-playbook/): An `npm install` worm harvests developer credentials and pivots into corporate repos. When those repos hold signing m... - [Content-Addressed Agent Configurations (Deterministic Control Plane)](https://agentpatterns.ai/security/deterministic-control-plane-llm-coding-agents/): Govern coding-agent configurations as an installed supply chain — SHA-256 hashes, a per-project lockfile, and declare... - [Context-Fractured Decomposition Attacks on Tool-Using Agents](https://agentpatterns.ai/security/context-fractured-decomposition-attacks/): Defenders inspecting a single contiguous conversation miss attacks decomposed across tools, modules, and time — artif... - [Control/Data-Flow Separation for Prompt Injection Defense (CaMeL)](https://agentpatterns.ai/security/camel-control-data-flow-injection/): Most prompt injection defenses are probabilistic. CaMeL eliminates whole classes of injection by construction: untrus... - [Credential Hygiene for Agent Skill Authorship](https://agentpatterns.ai/security/credential-hygiene-agent-skills/): Credentials embedded in skill definitions leak when skills are shared, committed, or reproduced verbatim by agents — ... - [Cryptographic Governance Audit Trail](https://agentpatterns.ai/security/cryptographic-governance-audit-trail/): Wrap agent tool calls with middleware that validates policy before execution and signs each action receipt with a pos... - [Customer-Hosted MCP Tunnel: Outbound-Only Connectivity to Private MCP Servers](https://agentpatterns.ai/security/customer-hosted-mcp-tunnel/): Reach a hosted agent's private MCP servers through a customer-run tunnel client that opens outbound HTTPS to the prov... - [Defense-in-Depth Agent Safety](https://agentpatterns.ai/security/defense-in-depth-agent-safety/): Layer multiple independent safety mechanisms so no single failure point can compromise an autonomous agent's behavior. - [Designing Agents to Resist Prompt Injection](https://agentpatterns.ai/security/prompt-injection-resistant-agent-design/): Prompt injection is unlikely to ever be fully solved. Treat it as permanent and design architectures where a successf... - [Destyling Untrusted Input as a Prompt Injection Defense](https://agentpatterns.ai/security/destyling-untrusted-input/): Strip instruction-like style from untrusted input before the model sees it — destyling cut prompt-injection attack su... - [Discovering Indirect Injection Vulnerabilities in Your Agent](https://agentpatterns.ai/security/indirect-injection-discovery/): Indirect injection exploits transformer attention's lack of privilege separation: the model cannot tell operator inst... - [Docker sbx Adoption for Coding Agents](https://agentpatterns.ai/security/docker-sbx-adoption/): `sbx` is a microVM-plus-proxy isolation harness, not a hardened container: four layers close most `docker run` leaks;... - [Dormant Memory Payloads Triggered by Sensitive Topics (Trojan Hippo)](https://agentpatterns.ai/security/trojan-hippo-memory-attack/): A single untrusted tool call plants a dormant payload in agent long-term memory; it activates only when the user late... - [Dual-Boundary Sandboxing: Filesystem and Network Isolation](https://agentpatterns.ai/security/dual-boundary-sandboxing/): Enforce both filesystem and network isolation simultaneously; neither boundary alone is sufficient to prevent securit... - [Dual-Graph Alignment for Indirect Prompt Injection Defense (AuthGraph)](https://agentpatterns.ai/security/authgraph-dual-graph-injection-defense/): A dual-graph defense compares a clean authorization graph from user intent against an execution-trace provenance grap... - [Embedding Inversion: Vector Stores as a Source-Text Disclosure Surface](https://agentpatterns.ai/security/embedding-inversion-vector-store-disclosure/): Stored embeddings can be partially inverted to reconstruct source text — a vector index is a copy of the corpus, not ... - [Enterprise Agent Hardening: Three Production Gates](https://agentpatterns.ai/security/enterprise-agent-hardening/): Enterprise agent hardening secures agentic systems for production through three control layers — governance (what age... - [Enterprise-Managed Plugin Governance for Agent CLIs](https://agentpatterns.ai/security/enterprise-managed-plugin-governance/): A managed plugin contract is an admin-only settings file that curates marketplaces, pins versions, and force-enables ... - [Evidence-Based Allowlist Auto-Discovery](https://agentpatterns.ai/security/evidence-based-allowlist-auto-discovery/): Claude Code's `PermissionRequest` hook turns every manual approval into a persistent rule, growing an allowlist from ... - [Fail-Closed Remote Settings Enforcement](https://agentpatterns.ai/security/fail-closed-remote-settings-enforcement/): Block agent startup until remote managed settings are freshly fetched; exit rather than run with stale or missing pol... - [Five-Stage Policy Layer Typology for Generalist Agents](https://agentpatterns.ai/security/policy-as-code-layer-typology/): A policy-as-code layer wraps a generalist agent at five loop stages — intent, planning, tool selection, execution, ou... - [Foresight-Guided Defense Against Infectious Jailbreaks in Multi-Agent Systems](https://agentpatterns.ai/security/foresight-guided-multi-agent-jailbreak-defense/): Per-agent foresight simulation detects the diversity collapse that signals an infectious jailbreak, then surgically r... - [Four-Layer Taxonomy of Agent Security Risks](https://agentpatterns.ai/security/four-layer-agent-security-taxonomy/): Group agent threats into four layers — context/instruction, tool/action, state/persistence, ecosystem/automation — to... - [Gate Agent Writes to Executable Config Files as Privileged Actions](https://agentpatterns.ai/security/gate-agent-writes-to-executable-config/): Treat agent edits to build-tool config files that grant code execution as privileged actions requiring confirmation, ... - [Goal Reframing: The Primary Exploitation Trigger for LLM Agents](https://agentpatterns.ai/security/goal-reframing-exploitation-trigger/): Goal reframing — framing exploitation as the agent's primary objective — is the one prompt condition that reliably tr... - [Guarding Against URL-Based Data Exfiltration in Agentic Workflows](https://agentpatterns.ai/security/url-exfiltration-guard/): The URL itself is a data channel — agents that follow URLs built from untrusted content can leak sensitive context be... - [Harness Composition for Scaled Security Audits](https://agentpatterns.ai/security/security-audit-harness-composition/): Compose three primitives — steering, scaling, and stacking — so an audit harness produces actionable findings at main... - [Heartbeat-Bound Hierarchical Credentials for Agent Swarms](https://agentpatterns.ai/security/heartbeat-bound-hierarchical-credentials/): Heartbeat-bound hierarchical credentials tie each agent swarm member to a parent liveness proof, so descendants expir... - [History Anchors: Consistency-Cued Continuation of Unsafe Prior Actions](https://agentpatterns.ai/security/history-anchor-consistency-injection/): One sentence asking an agent to stay consistent with prior history flips unsafe-action selection from near zero to 91... - [Hostname-Allowlist Proxy: The TLS-Inspection Blind Spot](https://agentpatterns.ai/security/hostname-allowlist-tls-blind-spot/): A hostname-allowlist proxy that does not terminate TLS enforces what the client says the destination is, not what the... - [Human-in-the-Loop Confirmation Gates for Consequential Agent Actions](https://agentpatterns.ai/security/human-in-the-loop-confirmation-gates/): Inject mandatory confirmation checkpoints before irreversible or high-stakes actions so humans can catch injection-dr... - [Hybrid Deterministic + Semantic Authorization for Agent Tool Calls](https://agentpatterns.ai/security/hybrid-deterministic-semantic-tool-authorization/): Deterministic checks at the agent-tool layer cover structural attacks; a semantic task-to-tool matcher covers intent ... - [Improper Output Handling: Validate Agent Output Before Downstream Use](https://agentpatterns.ai/security/improper-output-handling-downstream-sinks/): Treat agent output as untrusted input to the next system — every downstream sink needs its own per-sink validation gate. - [In-Process WebAssembly Sandboxes for Agent-Generated Code](https://agentpatterns.ai/security/wasm-sandbox-agent-code-execution/): Run untrusted agent-generated code inside a WebAssembly runtime embedded in the host process — deny-by-default I/O, f... - [Inline Safety Harness with Cascade Verification (FinHarness)](https://agentpatterns.ai/security/inline-lifecycle-safety-harness/): Wrap each agent turn with prospective per-call monitors and route verification between a cheap and an advanced judge ... - [Intent-Governed Tool Authorization for AI Agents (IGAC)](https://agentpatterns.ai/security/intent-governed-tool-authorization/): A server-issued intent certificate narrows the static tool manifest per request — monotone-only — so injection can su... - [Lethal Trifecta Threat Model](https://agentpatterns.ai/security/lethal-trifecta-threat-model/): The lethal trifecta is private data, untrusted input, and external egress on one path — remove at least one leg from ... - [Lifecycle-Integrated Security Architecture for Agent Harnesses](https://agentpatterns.ai/security/lifecycle-security-architecture/): Embed defense mechanisms into each phase of the agent execution lifecycle so layers coordinate through feedback chann... - [LLM-Pinned Library Versions Carry Systemic CVE Exposure](https://agentpatterns.ai/security/llm-pinned-vulnerable-versions/): LLM-pinned library versions routinely carry known CVEs because the model's prior favors popular-but-outdated releases... - [Lock-State Safeguards for Desktop-Controlling Agents](https://agentpatterns.ai/security/locked-desktop-agent-safeguards/): Bound a desktop-controlling agent along four axes — time, visibility, presence, recovery — so failure on any single a... - [MCP Runtime Control Plane: Policy Evaluation Between Agent and Tool](https://agentpatterns.ai/security/mcp-runtime-control-plane/): Intercept every MCP tool call at a single policy evaluation point — identity, tool name, arguments, rate limits — bef... - [Mid-Trajectory Guardrail Selection for Multi-Step Tool Calls](https://agentpatterns.ai/security/mid-trajectory-guardrail-selection/): In agentic tool-calling workflows, guardrail efficacy tracks structured-data competence more than safety training — s... - [Monotonic Capability Attenuation for Composition-Safe Tool Use](https://agentpatterns.ai/security/monotonic-capability-attenuation/): Tag every value with a sink-specific capability budget and intersect budgets through composition — authority can only... - [Multi-Tenant Isolation Knobs for Shared-Container Agent SDK Hosting](https://agentpatterns.ai/security/multi-tenant-isolation-knobs-agent-sdk/): Four Agent SDK knobs plus a per-tenant proxy-egress rule sever every default input that otherwise leaks one tenant's ... - [Multitenant RAG: Closing the Relevance-Authorization Gap](https://agentpatterns.ai/security/multitenant-rag-authorization-gap/): The multitenant RAG relevance-authorization gap: retrieval ranks by relevance, not authorization, so one tenant's top... - [Network-less Container + Unix-Socket Egress Proxy for Agent Sandboxes](https://agentpatterns.ai/security/network-less-container-unix-socket-egress/): Start the agent container with `--network none` and mount a Unix socket to a host-side proxy; topology, not policy, b... - [Oracle Poisoning: Knowledge Graph Corruption Against Tool-Using Agents](https://agentpatterns.ai/security/oracle-poisoning-knowledge-graph/): Oracle poisoning corrupts the knowledge graph an agent queries via tool-use, carrying its payload on the data path ra... - [Org-Membership-Gated Agent Entitlement](https://agentpatterns.ai/security/org-membership-gated-agent-entitlement/): Gate AI chat on directory-managed GitHub org membership, not seat licences — a fail-closed device policy tying entitl... - [OWASP LLM Top 10 (2025): Agent Security Crosswalk](https://agentpatterns.ai/security/owasp-llm-top-10-2025-agent-crosswalk/): Map each OWASP LLM Top 10 (2025) risk to coding-agent-specific manifestations and site pages — a navigation aid, not ... - [Per-Server MCP Environment Scoping for Credential Isolation](https://agentpatterns.ai/security/mcp-server-credential-isolation/): Spawn each MCP server with its own minimal environment scope so one server's credentials never leak to every other se... - [Permission Framework Choice Outweighs Model Choice for Limiting Overeager Actions](https://agentpatterns.ai/security/permission-framework-over-model/): The permission framework drives overeager-action rates more than the base model: identical Sonnet-4.6 weights span 1.... - [Permission-Gated Custom Commands](https://agentpatterns.ai/security/permission-gated-commands/): Custom commands pre-approve specific tools through an `allowed-tools` frontmatter list, so listed tools run without p... - [Plan-Then-Execute as the Default for Web Agents](https://agentpatterns.ai/security/plan-then-execute-web-agents/): Web content mixes many parties' inputs. Web agents fix a task-specific program before observing pages, so injected co... - [Pre-Execution Risk Classification for Terminal Commands](https://agentpatterns.ai/security/pre-execution-command-risk-classification/): A tiered risk badge before a terminal command is an attention lever, not a gate; it tunes which confirmations get rea... - [Pre-Trust Execution Surface in Coding Agent Harnesses](https://agentpatterns.ai/security/pre-trust-execution-surface/): Project-local config a coding agent loads at session start executes before the trust prompt — defer execution until a... - [Privacy-Preserving LLM Requests](https://agentpatterns.ai/security/privacy-preserving-llm-requests/): Privacy-preserving LLM requests combine local routing with redact-and-rephrase, cutting PII leakage to 0.6% while lea... - [Prompt Injection: A First-Class Threat to Agentic Systems](https://agentpatterns.ai/security/prompt-injection-threat-model/): Prompt injection hides malicious instructions in external content an agent consumes — web pages, documents, API respo... - [Protecting Sensitive Files from Agent Context](https://agentpatterns.ai/security/protecting-sensitive-files/): Use permission rules and hooks to prevent agents from reading credentials and secrets, even when those files are pres... - [Provenance-Aware Decision Auditing for LLM Agents](https://agentpatterns.ai/security/provenance-aware-decision-auditing/): Provenance-aware decision auditing traces how untrusted context propagates into each tool call, releasing the action ... - [RAG Architecture as a Poisoning Robustness Decision](https://agentpatterns.ai/security/rag-architecture-poisoning-robustness/): Under knowledge-base poisoning, attack success rates span 24.4% to 81.9% across four RAG architectures with comparabl... - [Restricted-Access Defensive AI: Project Glasswing as a Deployment Model](https://agentpatterns.ai/security/restricted-access-defensive-ai/): Gating frontier vulnerability-discovery models to vetted defenders is a distinct deployment category — warranted when... - [Revocable Resource-and-Effect Capabilities for Coding Agents (PORTICO)](https://agentpatterns.ai/security/revocable-resource-effect-capabilities/): Materialise each subgoal-scoped capability as a revocable epoch-bound handle — closure removes it from the planner an... - [RL-Trained Automated Red Teamers for Prompt Injection Discovery](https://agentpatterns.ai/security/rl-automated-red-teamers/): Train an LLM-based attacker using reinforcement learning to discover novel prompt injection attack vectors end-to-end... - [Safe Command Allowlisting: Reducing Approval Fatigue](https://agentpatterns.ai/security/safe-command-allowlisting/): Automatically approving low-risk operations reduces permission prompts so developers stay alert to the ones that matter. - [Safe Outputs Pattern](https://agentpatterns.ai/security/safe-outputs-pattern/): The safe outputs pattern gives agents read-only access by default and gates every write behind explicit per-type auth... - [Sandbox + Approvals + Auto-Review Governance Triad](https://agentpatterns.ai/security/sandbox-approvals-auto-review-triad/): Compose a sandbox boundary, tiered approvals, an auto-review reviewer, and agent-native telemetry as one governance p... - [Sandbox-Enforced PII Tokenization in Agent Workflows](https://agentpatterns.ai/security/pii-tokenization-in-agent-context/): Sandbox-enforced PII tokenization replaces sensitive fields with deterministic tokens before data reaches the model, ... - [Sandboxed Coding Environments: Containers vs MicroVMs vs OS-Level Isolators](https://agentpatterns.ai/security/sandbox-runtime-comparison/): Pick a coding-agent sandbox runtime by trading isolation strength against startup cost: containers fast but kernel-sh... - [Scanner-as-MCP-Server: Secret and Dependency Scans as Typed Agent Tools](https://agentpatterns.ai/security/scanner-as-mcp-server/): Ship the security scanner as an MCP server so the agent invokes typed scans in-loop and reasons over structured findi... - [Scope Sandbox Rules to Harness-Owned Tools, Not Third-Party](https://agentpatterns.ai/security/sandbox-rules-harness-tools/): Define sandbox rules only for tools your harness controls, and document explicitly that external tools enforce their ... - [Scoped Credentials via Proxy Outside the Agent Sandbox](https://agentpatterns.ai/security/scoped-credentials-proxy/): Keep broad credentials entirely outside the agent's sandbox and use an external proxy that attaches scoped tokens onl... - [Secrets Management for AI Agents: Credential Injection](https://agentpatterns.ai/security/secrets-management-for-agents/): Inject credentials as environment variables or wrapper scripts so agents can do authenticated work without secrets ap... - [Security Budget as Token Economics](https://agentpatterns.ai/security/security-budget-token-economics/): Size a security audit as a token budget: when exploit discovery scales with spend, hardening becomes an outspend duel... - [Security Constitution for AI Code Generation](https://agentpatterns.ai/security/security-constitution-ai-code-gen/): Formalize security constraints as a versioned, machine-readable document that agents consume at specification time — ... - [Security Drift in Iterative LLM Code Refinement](https://agentpatterns.ai/security/security-drift-iterative-refinement/): Each iteration of an LLM-driven fix-test loop can silently accumulate security regressions even as functional tests k... - [Selective Network Access in Agent Sandboxes: The `allowNetwork` Pattern](https://agentpatterns.ai/security/selective-network-sandbox-mode/): Keeping filesystem isolation while lifting network restrictions trades away the egress half of dual-boundary sandboxi... - [Semantic Intent Validation for Agent Skills](https://agentpatterns.ai/security/semantic-intent-validation-skills/): Semantic intent validation uses a separate model to check whether a skill's documented intent matches its observable ... - [Sensitive Terminal Prompt Interception](https://agentpatterns.ai/security/sensitive-terminal-prompt-interception/): Detect credential prompts in an agent-driven terminal and route input to a human's TTY (or cancel the command), keepi... - [Skill Composition Risk in Agent Ecosystems](https://agentpatterns.ai/security/skill-composition-risk/): Skill composition risk names three failure modes where individually safe skills become harmful when their outputs flo... - [Skill Shell Execution Gate: Disabling Inline Shell from Skills](https://agentpatterns.ai/security/skill-shell-execution-gate/): Inline shell interpolation in skills runs as preprocessing, outside the tool permission model. A managed-settings gat... - [Skill Supply-Chain Poisoning](https://agentpatterns.ai/security/skill-supply-chain-poisoning/): Skill supply-chain poisoning hides payloads in documentation examples, so agent in-context learning reproduces them d... - [Slopsquatting: Hallucinated Package Names as a Supply-Chain Vector](https://agentpatterns.ai/security/slopsquatting-hallucinated-package-names/): Coding LLMs invent nonexistent package names; 43% reappear across re-runs, so attackers enumerate, pre-register them,... - [Subprocess PID Namespace Sandboxing in Claude Code](https://agentpatterns.ai/security/subprocess-pid-namespace-sandboxing/): A third isolation layer — separate from filesystem and network sandboxing — that prevents Bash subprocesses from esca... - [Sufficiency-Tightness Decomposition for Agent-Authored Permissions](https://agentpatterns.ai/security/sufficiency-tightness-policy-decomposition/): Sufficiency-tightness decomposition splits agent permission authoring into a coverage pass and a separate tightness a... - [System Prompt as Secret Store (OWASP LLM07)](https://agentpatterns.ai/security/system-prompt-not-a-secret-store/): The system prompt is recoverable input — putting secrets, credentials, or security-critical logic there is the vulner... - [Task-Based Access Control with Hybrid Inspection](https://agentpatterns.ai/security/task-based-access-control-hybrid-inspection/): Task-based access control authorizes each agent tool call against the current task, not a static OAuth scope: load-be... - [Three-Depth In-Session Security Review](https://agentpatterns.ai/security/three-depth-in-session-security-review/): Stack three security checks at three depths — per-edit pattern, end-of-turn diff, commit-time agentic — so each layer... - [Three-Vector Evasion Taxonomy for Agent Security Tests](https://agentpatterns.ai/security/temporal-spatial-semantic-evasion-taxonomy/): These three evasion axes — temporal, spatial, semantic — diagnose what single-turn benchmarks miss for agents that ho... - [Tool Signing and Signature Verification](https://agentpatterns.ai/security/tool-signing-verification/): Require cryptographic signature verification before an agent loads or invokes a tool, preventing untrusted or tampere... - [Tool-Invocation Attack Surface](https://agentpatterns.ai/security/tool-invocation-attack-surface/): Tool invocation is a distinct attack surface. Malicious MCP tools exploit argument generation to leak system prompts ... - [Transcript-Driven Permission Allowlist](https://agentpatterns.ai/security/transcript-driven-permission-allowlist/): Mine session transcripts for repeated read-only tool calls and propose a prioritized allowlist for the permission lay... - [Treat Task Scope as a Security Boundary](https://agentpatterns.ai/security/task-scope-security-boundary/): The breadth of an agent's task description is also the breadth of its attack surface. Narrowing scope is a security d... - [Unbounded Consumption: Bounding Agent Resource Use Against DoS and Denial-of-Wallet](https://agentpatterns.ai/security/unbounded-consumption-resource-bounds/): Agent harnesses bind DoS and denial-of-wallet to one control surface — per-call, per-task, concurrency, velocity, and... - [Usability Pressure as a Silent Security-Regression Vector](https://agentpatterns.ai/security/usability-pressure-security-regression/): Making usability explicit while leaving security implicit drives the model to silently drop the implicit constraints ... - [Use a Public-Web Index to Gate Automatic URL Fetching](https://agentpatterns.ai/security/url-fetch-public-index-gate/): Rather than maintaining a domain allow-list, cross-reference URLs against an independent public-web crawl index befor... - [Verifying LLM-Generated Cryptographic Code](https://agentpatterns.ai/security/llm-cryptographic-code-verification/): LLM-generated crypto code rarely compiles and is usually exploitable when it does. Verify with a crypto-specific anal... - [Windows Sandboxing for Coding Agents](https://agentpatterns.ai/security/windows-sandbox-primitives-coding-agents/): No single Windows primitive sandboxes a coding agent cleanly; the working pattern composes a synthetic SID, write-res... - [Workload Identity Federation for Agent Runtimes](https://agentpatterns.ai/security/workload-identity-federation-for-agents/): Replace long-lived API keys with short-lived tokens minted from the runtime's existing workload identity — making the... - [Workload-Keyed Sandbox Selection for Agent-Generated Code](https://agentpatterns.ai/security/workload-keyed-sandbox-selection/): Match sandbox features to workload shape — ephemeral, stateful, or untrusted-code — because workload type pins isolat... ## Observability - [Observability](https://agentpatterns.ai/observability/): Tracing, debugging, loop detection, and logging patterns for understanding agent behavior. - [Agent Chat History as a First-Class Artifact](https://agentpatterns.ai/observability/agent-history-as-artifact/): Persisted as a queryable database, chat history becomes a practitioner-facing artifact that answers standup, coaching... - [Agent Debug Log Panel: Chronological Event Inspection for Session Debugging](https://agentpatterns.ai/observability/agent-debug-log-panel/): A persistent, chronological event-log surface separate from the user-facing transcript — operators replay and debug p... - [Agent Debugging: Diagnosing Bad Agent Output](https://agentpatterns.ai/observability/agent-debugging/): A systematic process for tracing why an agent produced wrong, incomplete, or unexpected output. - [Agent Observability with OpenTelemetry and Trajectory Logging](https://agentpatterns.ai/observability/agent-observability-otel/): Agent observability combines OpenTelemetry metrics and events, trajectory tracing, and structured audit trails to giv... - [Agent-Trace Data Layer: Storage for Hours-Long Traces](https://agentpatterns.ai/observability/agent-trace-data-layer/): An agent-trace data layer is purpose-built storage for agent runs: deep nesting, hours-long spans, and multi-modal pa... - [BYOK Model Token Visibility](https://agentpatterns.ai/observability/byok-model-token-visibility/): BYOK model token visibility surfaces in-IDE token counts, context-window percent, and thinking effort for bring-your-... - [Circuit Breakers for Agent Loops](https://agentpatterns.ai/observability/circuit-breakers/): Circuit breakers stop agent loops when progress stalls — repeated errors, escalating costs, context exhaustion, or ci... - [Context-Usage Attribution: Per-Source Breakdown of Agent Context](https://agentpatterns.ai/observability/context-usage-attribution/): Break the context window into rules, skills, MCP returns, subagent transcripts, and conversation — so operators prune... - [Cost-Aware Tracing for Skill Distillation](https://agentpatterns.ai/observability/cost-aware-tracing-skill-distillation/): Skill distillation needs two orthogonal signals: outcome shows whether a step contributed, cost shows how much it spe... - [Event Sourcing for Agents: Separating Cognitive Intention from State Mutation](https://agentpatterns.ai/observability/event-sourcing-for-agents/): Agents emit structured JSON intentions; a deterministic orchestrator validates, persists them to an append-only log, ... - [Failure-Aware Observability for Multi-Agent LLM Systems](https://agentpatterns.ai/observability/failure-aware-observability-multi-agent/): A six-signal trace taxonomy that maps recurring multi-agent failure modes to online observability so wasted runs are ... - [Harness Bug Detection Patterns](https://agentpatterns.ai/observability/harness-bug-postmortem-patterns/): Three detection gaps — idle-state, build parity, per-model ablation — name the axes along which harness-layer bugs ev... - [Harness Preflight Doctor Command for Agent Diagnostics](https://agentpatterns.ai/observability/harness-preflight-doctor-command/): A doctor command runs one deterministic preflight pass over a harness's auth, MCP, config, tools, and version drift, ... - [In-Session Transcript Search](https://agentpatterns.ai/observability/transcript-search/): Press `Ctrl+O` to enter transcript mode in a Claude Code session, then use `/`, `n`, and `N` to jump to specific mome... - [Loop Detection for AI Agents: Stopping Micro-Loops](https://agentpatterns.ai/observability/loop-detection/): Loop detection tracks repeated file edits within a session and nudges the agent to change approach when those edits s... - [Making Application Observability Legible to Agents](https://agentpatterns.ai/observability/observability-legible-to-agents/): Wire browser automation, metrics, and structured logs into agent context so agents can reproduce bugs, verify fixes v... - [Observability Feedback Loop: A 7-Step Debug Runbook](https://agentpatterns.ai/observability/observability-feedback-loop/): A seven-step debug runbook — query, correlate, reason, implement, restart, rerun, verify — that ties the agent's veri... - [Offline Trajectory Replay for Multi-Agent Workflow Debugging](https://agentpatterns.ai/observability/offline-trajectory-replay-multi-agent-debugging/): Replay captured multi-agent trajectories offline and score each node against a rubric; the score deltas localize blam... - [Per-Plugin Token-Cost Attribution via `claude plugin details`](https://agentpatterns.ai/observability/plugin-token-cost-attribution/): Claude Code's `claude plugin details ` prints a plugin's component inventory and per-session token cost — the a... - [Prebuilt Agent Monitoring Dashboard](https://agentpatterns.ai/observability/prebuilt-agent-monitoring-dashboard/): A dashboard shipped with an agent stack turns an unused OTel emitter into a glanceable surface, given a shared backen... - [Programmatic Agent Session Export via `claude agents --json`](https://agentpatterns.ai/observability/claude-agents-json-session-export/): `claude agents --json` prints live background Claude Code sessions as a JSON array — a scriptable inventory substrate... - [Strained Coherence as a Pre-Failure Signal in Agent Trajectories](https://agentpatterns.ai/observability/strained-coherence-pre-failure-signal/): A trajectory judge flags spans where the agent acknowledges a conflict then acts against it — a late-stage triage sig... - [Subagent OTel Trace Correlation via `agent_id` Attribute](https://agentpatterns.ai/observability/subagent-otel-trace-correlation/): Propagate a stable agent identifier on outgoing HTTP headers and every OTEL span, keeping multi-agent traces queryabl... - [Traces Need Feedback to Power Learning](https://agentpatterns.ai/observability/traces-need-feedback-to-power-learning/): A trace shows what an agent did; feedback shows whether it was right. Couple them and the trace store becomes a learn... - [Trajectory Logging via Progress Files and Git History](https://agentpatterns.ai/observability/trajectory-logging-progress-files/): A progress file, git commits, feature-state JSON, and a bootstrap script capture a replayable audit trail of agent de... - [Trajectory Pre-Filter for Failure Diagnosis (TrajAudit)](https://agentpatterns.ai/observability/trajectory-prefilter-failure-diagnosis/): Pre-filter long agent trajectories with pattern matching and seed an investigator LLM with a test-report-derived prel... ## Standards - [Standards](https://agentpatterns.ai/standards/): Open standards and conventions shaping the AI agent ecosystem. - [A2UI: Framework-Agnostic Generative UI Standard](https://agentpatterns.ai/standards/a2ui/): A2UI is an open standard for agents to emit declarative UI blueprints that a host renders with its own native compone... - [ACDL: A Language for Describing Agentic LLM Contexts](https://agentpatterns.ai/standards/acdl-context-description-language/): ACDL is a notation for specifying how an LLM agent's context is assembled and evolves across interaction steps, with ... - [Agent Cards: Capability Discovery Standard for AI Agents](https://agentpatterns.ai/standards/agent-cards/): A machine-readable JSON descriptor at a well-known URL advertising an agent's capabilities, protocols, authentication... - [Agent Definition Formats: How Tools Define Agent Behavior](https://agentpatterns.ai/standards/agent-definition-formats/): Agent definitions control system prompt, tool access, model selection, and permissions — the format varies by tool bu... - [Agent Skills: A Cross-Tool Task Knowledge Standard](https://agentpatterns.ai/standards/agent-skills-standard/): The Agent Skills open standard packages task-specific knowledge into portable SKILL.md folders that AI coding tools c... - [Agent-to-Agent (A2A) Protocol](https://agentpatterns.ai/standards/a2a-protocol/): An open protocol for inter-agent communication — enabling agents built on different frameworks to discover capabiliti... - [Agentic Resource Discovery: Federated Pre-Invocation Search](https://agentpatterns.ai/standards/agentic-resource-discovery/): A draft open spec — `ai-catalog.json` manifests plus federated registries — for finding MCP servers, A2A agents, and ... - [AGENTS.md: Project-Level README for AI Coding Agents](https://agentpatterns.ai/standards/agents-md/): AGENTS.md is an open standard for a project-level instruction file that gives AI coding agents the context they need ... - [Cross-IDE Plugin Discovery](https://agentpatterns.ai/standards/cross-ide-plugin-discovery/): Cross-IDE plugin discovery has one CLI install write to a shared per-user path every IDE reads, collapsing repeated i... - [Directory-Aware Plugin Suggestions via `pluginSuggestionMarketplaces`](https://agentpatterns.ai/standards/directory-aware-plugin-suggestions/): Three managed-settings levers — `pluginSuggestionMarketplaces` allowlist, marketplace `relevance` declaration, `defau... - [llms.txt: Making Your Project Discoverable to AI Agents](https://agentpatterns.ai/standards/llms-txt/): llms.txt is a plain-text file at `/.well-known/llms.txt` or `/llms.txt` that tells AI agents and language models what... - [MCP: The Open Protocol Connecting Agents to External Tools](https://agentpatterns.ai/standards/mcp-protocol/): The Model Context Protocol is an open standard for connecting AI agents to external tools and data sources — agents s... - [OAuth Client ID Metadata Documents (CIMD) for MCP Servers](https://agentpatterns.ai/standards/oauth-client-id-metadata-documents/): CIMD makes an OAuth `client_id` a URL that dereferences to a JSON metadata document — so any MCP client can authentic... - [OpenAPI as the Source of Truth for Agent Tool Definitions](https://agentpatterns.ai/standards/openapi-agent-tool-spec/): Use existing OpenAPI 3.x specs as the source of truth for agent tool definitions — generating tool schemas, descripti... - [OpenTelemetry for AI Agent Observability and Tracing](https://agentpatterns.ai/standards/opentelemetry-agent-observability/): OpenTelemetry provides a vendor-neutral standard for tracing LLM calls, tool invocations, and sub-agent handoffs — ma... - [Plugin and Extension Packaging: Distributing Agent Capabilities](https://agentpatterns.ai/standards/plugin-packaging/): Package agents, skills, MCP servers, and hooks into installable bundles — plugins solve the distribution problem for ... - [Plugin Dependency Declaration and Disable-Chain Hints](https://agentpatterns.ai/standards/plugin-dependency-declaration/): Plugins declare dependencies in their manifest; the harness validates them at install, refuses to disable a plugin an... - [Portable Agent Definitions: Full-Stack Identity as Code](https://agentpatterns.ai/standards/portable-agent-definitions/): Package an entire agent -- identity, model, tools, compliance rules, and composition hierarchy -- as a version-contro... - [Pre-Install Context-Cost Projection in Plugin Marketplaces](https://agentpatterns.ai/standards/marketplace-cost-projection/): Plugin marketplaces that show each plugin's projected per-turn and per-invocation token cost beside the install butto... - [Pre-Install Plugin Transparency: Capability Inventory and Cost Projection](https://agentpatterns.ai/standards/pre-install-plugin-transparency/): Pre-install plugin transparency is a two-column marketplace contract: a static inventory of the plugin's commands, ag... - [SUDP: Secret-Use Delegation Protocol for Agentic Systems](https://agentpatterns.ai/standards/sudp-secret-use-delegation-protocol/): SUDP prescribes a three-role secret-use protocol — requester proposes, user authorizes, custodian redeems once — so a... - [Swarm Skills: Multi-Agent Extension of the Agent Skills Standard](https://agentpatterns.ai/standards/swarm-skills-spec/): Swarm Skills is a 2026 proposal extending Agent Skills with multi-agent roles, a workflow layout, and a self-evolutio... - [Symphony: Open Spec for Issue-Tracker-Driven Coding Agent Orchestration](https://agentpatterns.ai/standards/symphony-orchestration-spec/): Symphony is an open Apache 2.0 specification published by OpenAI in April 2026 for running coding agents continuously... - [Tool Calling Schema Standards](https://agentpatterns.ai/standards/tool-calling-schema-standards/): Tool definitions across providers converge on JSON Schema with name, description, and parameters — but field names, s... - [WebMCP: Browser-Hosted Tool Contracts for In-Page AI Agents](https://agentpatterns.ai/standards/webmcp/): WebMCP, a W3C draft, lets a page register JavaScript tools via `navigator.modelContext` so an in-tab agent calls them... ## Human Factors - [Human Impact](https://agentpatterns.ai/human/): The human side of working with AI agents — cognitive load, sustainable use, and team dynamics. - [Adapting AI Assistants to Developer Interaction Style](https://agentpatterns.ai/human/developer-interaction-style-adaptation/): Cognitive style shapes how developers converse with Copilot — tailoring per-developer configuration only pays back wh... - [Agentic Education: Persona Progression for Teaching AI Coding Tools](https://agentpatterns.ai/human/agentic-education-persona-progression/): The Guide–Collaborator–Peer–Launcher persona scaffold fades support as a team learns an agentic coding tool, gating e... - [AI Abundance Reshapes Software Engineering Identity](https://agentpatterns.ai/human/ai-abundance-engineering-identity/): AI abundance commoditizes code production, splitting engineering identity along a long-dormant fault line: do you lov... - [AI Adoption Footprint: The Segmented Shape of Engineering Orgs](https://agentpatterns.ai/human/ai-adoption-footprint/): AI adoption splits into power users, a chat-tool middle, and a refuser tail. The shape, not the headline number, driv... - [Ambition Scaling: Moving the Target as Model Capability Increases](https://agentpatterns.ai/human/ambition-scaling/): When a new model clears a previously-uneconomic task, move the target and attempt more — but only if harness and revi... - [Coding-Agent Reversibility: Platform Choice as a Two-Way Door](https://agentpatterns.ai/human/coding-agent-reversibility/): Coding agents make a platform choice reversible only in proportion to how well executable tests capture behaviour — n... - [Cohort Segmentation in the Copilot Usage Metrics API](https://agentpatterns.ai/human/cohort-segmentation-copilot-usage-metrics/): The Copilot Usage Metrics API now sorts each engaged user into one of four AI-adoption phases, recovering the segment... - [Convenience Loops and AI-Friendly Code](https://agentpatterns.ai/human/convenience-loops-ai-friendly-code/): A convenience loop forms when AI produces better code in typed codebases, driving adoption that improves training dat... - [Copilot vs Claude Billing Semantics](https://agentpatterns.ai/human/copilot-vs-claude-billing-semantics/): Copilot bills in abstract "premium requests" with model multipliers; Claude bills per-token or per-seat. Understandin... - [Cross-Tool Translation: Learning from Multiple AI Assistants](https://agentpatterns.ai/human/cross-tool-translation/): Open standards and shared file formats make agentic patterns portable across AI coding tools — learn concepts once, a... - [Deliberate AI-Assisted Learning: Accelerating Skill Acquisition](https://agentpatterns.ai/human/deliberate-ai-learning/): The study that documented AI-driven skill atrophy found the inverse too: *how* developers interacted with AI, not whe... - [Developer as CPU Scheduler: Attention Management with Parallel Agents](https://agentpatterns.ai/human/attention-management-parallel-agents/): With multiple AI agents running simultaneously, your scarce resource is not coding ability but attention — and managi... - [Developer Control Strategies for AI Coding Agents](https://agentpatterns.ai/human/developer-control-strategies-ai-agents/): Experienced developers do not vibe code in production. They plan tasks before delegating, supervise execution, and va... - [Empowerment Over Automation](https://agentpatterns.ai/human/empowerment-over-automation/): AI tools should skip tedious work while preserving your autonomy over architectural decisions, domain logic, and crea... - [Evaluating Agent Patterns Catalog as a Source](https://agentpatterns.ai/human/evaluating-agent-patterns-catalog-as-a-source/): A CC BY 4.0 catalog of 421 agentic patterns — useful as a citation index when co-cited with primary sources, not as a... - [From Preventive to Reactive: Front-Loading Security in AI Coding Prompts](https://agentpatterns.ai/human/preventive-to-reactive-security-prompting/): AI assistants shift security thinking from writing-time to review-time — front-loading explicit security requirements... - [Human-Equivalent Hours for Autonomous Coding Agent Productivity](https://agentpatterns.ai/human/human-equivalent-hours-agent-productivity/): Estimate the human engineering hours an autonomous agent's output would have taken — credible only on PR-gated sessio... - [Human-Facing Docs in the Agent Era: Mental Models Over Reference](https://agentpatterns.ai/human/human-docs-mental-models-agent-era/): When the reader is paired with an agent, human docs shift from exhaustive reference to mental models, design intent, ... - [Initiatives and Community: Tracking the Agentic Engineering Landscape](https://agentpatterns.ai/human/initiatives-community/): Tracking agentic engineering standards, trend analysis, and learning communities keeps practitioners ahead of a field... - [Intent-Centric Engineering: Oversight Over Authorship](https://agentpatterns.ai/human/intent-centric-engineering/): When code generation is cheap, engineering leverage moves from authorship to specifying intent and governing humans, ... - [Intervention Rate as a Diagnostic North Star, Not a Target](https://agentpatterns.ai/human/intervention-rate-diagnostic-north-star/): Intervention rate is a segmented diagnostic signal — not a single number to minimise — and only useful paired with qu... - [LLM Refactoring Adoption Patterns](https://agentpatterns.ai/human/llm-refactoring-adoption-patterns/): Developer-initiated ChatGPT refactors are mostly adopted as-is; when modified, the change falls into one of five patt... - [Managing Cognitive Load and AI Fatigue for Sustainable Agent Use](https://agentpatterns.ai/human/cognitive-load-ai-fatigue/): Intensive AI assistant use creates measurable cognitive costs — recognizing and managing them is the difference betwe... - [PM on the AI Exponential](https://agentpatterns.ai/human/pm-on-the-ai-exponential/): Exponential AI model improvement breaks traditional product management assumptions. Features designed around current ... - [Polya Small-Steps: Using AI to Think Better, Not Think Less](https://agentpatterns.ai/human/polya-small-steps/): Use AI to think better, not think less — working in small steps with instant feedback so comprehension stays ahead of... - [Process Amplification: Scaling Human Work with Agents](https://agentpatterns.ai/human/process-amplification/): Agents magnify existing engineering practices. Strong processes improve dramatically; weak processes degrade at scale... - [Programming Language Choice Still Shapes Agent Artefacts](https://agentpatterns.ai/human/programming-language-choice-shapes-agent-artefacts/): Agents reach every language, but the language you pick still decides performance ceiling, run cost, and verification ... - [Progressive Autonomy: Scaling Trust with Model Evolution](https://agentpatterns.ai/human/progressive-autonomy-model-evolution/): Treat agent autonomy as a dial you turn up over time based on demonstrated reliability — not a switch you flip on day... - [Rigor Relocation: Engineering Discipline with AI Agents](https://agentpatterns.ai/human/rigor-relocation/): Engineering discipline does not disappear when agents write the code -- it relocates from code style and abstractions... - [Skill Atrophy: When AI Reliance Erodes Developer Capability](https://agentpatterns.ai/human/skill-atrophy/): Skill atrophy is the cumulative loss of a developer's ability to review, debug, and architect code independently, dri... - [Strategy Over Code Generation](https://agentpatterns.ai/human/strategy-over-code-generation/): AI accelerates code generation but cannot supply strategy — clear goals predict project success far more than how fas... - [Suggestion Gating: Fewer Completions, Better DX](https://agentpatterns.ai/human/suggestion-gating/): Gating decides *whether* to suggest before deciding *what* to suggest — fixing the ~90% of AI completion inference ge... - [The Addictive Flow State of Agent-Assisted Development](https://agentpatterns.ai/human/addictive-flow-agent-development/): Agent-assisted development triggers compulsive engagement through three mechanisms — flow conditions, variable ratio ... - [The Bottleneck Migration](https://agentpatterns.ai/human/bottleneck-migration/): Code generation is now cheap, so the bottleneck migrates to review, verification, and judgment -- output volume ballo... - [The Context Ceiling](https://agentpatterns.ai/human/context-ceiling/): Expert architecture work requires more interconnected context — regulations, organizational history, legacy quirks, p... - [The Productivity-Experience Paradox in AI-Assisted Development](https://agentpatterns.ai/human/productivity-experience-paradox/): A measured paradox: AI assistants raise developers' productivity while their experience declines, as work shifts from... - [Visible Thinking in AI-Assisted Development](https://agentpatterns.ai/human/visible-thinking-ai-development/): Visible thinking — meaningful commits, signal-rich PRs, and clear branch naming — becomes the primary quality differe... ## Emerging - [Emerging Concepts](https://agentpatterns.ai/emerging/): Early-stage ideas worth tracking — not yet established patterns, but too important to ignore. - [Bootstrapping Coding Agents](https://agentpatterns.ai/emerging/bootstrapping-coding-agents/): A coding agent can re-implement itself from a natural language specification, reproducing the compiler bootstrap. The... - [First-Party Agent Composition: Replace SaaS Stitching with Agent-Built Features](https://agentpatterns.ai/emerging/first-party-agent-composition/): Instead of integrating third-party SaaS products and stitching them together with webhooks, instruct coding agents to... - [Hyper-Personalized Software: The Return of Rapid Application Development](https://agentpatterns.ai/emerging/hyper-personalized-software/): AI-driven development is making custom-built software economically viable again, reversing two decades of SaaS consol... - [Interactive Canvases: Agent-Generated Visual Artifacts as Outputs](https://agentpatterns.ai/emerging/interactive-canvas-outputs/): Canvases are an output-shape choice, not a new pattern: they earn their overhead only on irreducibly multi-dimensiona... - [Product-as-IDE: When the Application Becomes the Development Environment](https://agentpatterns.ai/emerging/product-as-ide/): The running product becomes its own development environment — operators change behaviour from inside the app and ship... ## Fallacies - [Fallacies](https://agentpatterns.ai/fallacies/): Incorrect beliefs about AI tools that reliably produce poor outcomes. - [Chain-of-Thought Reasoning Fallacy: Traces Are Not Truth](https://agentpatterns.ai/fallacies/chain-of-thought-reasoning-fallacy/): Visible step-by-step output resembles reasoning but does not constitute it — the explanation is generated after the a... - [LLM Comprehension Fallacy](https://agentpatterns.ai/fallacies/llm-comprehension-fallacy/): The comprehension fallacy treats correct output as evidence of understanding — when it is only evidence of a favorabl... - [The AI Knowledge Generation Fallacy](https://agentpatterns.ai/fallacies/ai-knowledge-generation-fallacy/): The AI knowledge generation fallacy: treating an LLM as a source of net-new information when it can only recombine pa... - [The Consistent Capability Fallacy](https://agentpatterns.ai/fallacies/consistent-capability-fallacy/): Capability on one task does not predict capability on a similar-seeming task — LLM performance is jagged, not consist... - [The LLM Laziness Deficit Fallacy](https://agentpatterns.ai/fallacies/llm-laziness-deficit-fallacy/): The belief agents can be instructed into the virtue of laziness; because LLMs pay no time cost, restraint comes from ... - [The Model Preference Fallacy](https://agentpatterns.ai/fallacies/model-preference-fallacy/): Models don't have preferences — bare-chat tallies measure prompt framing and training-data distribution, not a stable... - [The Synthetic Ground Truth Fallacy](https://agentpatterns.ai/fallacies/synthetic-ground-truth-fallacy/): AI-generated artifacts reflect the model's statistical priors, not ground truth. Treating them as equivalent to human... - [The Task Framing Irrelevance Fallacy](https://agentpatterns.ai/fallacies/task-framing-irrelevance-fallacy/): The belief that task framing doesn't matter — only the underlying problem does — is demonstrably wrong and reliably p... ## Training - [Training](https://agentpatterns.ai/training/): Internal training materials for working with AI coding agents — capability maps and real configuration for senior dev... ## Training — GitHub Copilot - [GitHub Copilot](https://agentpatterns.ai/training/copilot/): Tool-specific modules covering GitHub Copilot surfaces, customization, and team adoption. - [GitHub Copilot: Advanced Patterns](https://agentpatterns.ai/training/copilot/advanced-patterns/): Multi-agent orchestration, parallel sessions, CI/CD integration, and event-driven automation extend GitHub Copilot be... - [GitHub Copilot: Context Engineering & Agent Workflows](https://agentpatterns.ai/training/copilot/context-and-workflows/): Context engineering is the discipline of controlling what enters the agent's context window, when, and in what struct... - [GitHub Copilot: Customization Primitives](https://agentpatterns.ai/training/copilot/customization-primitives/): Copilot's customization primitives — instructions, prompt files, agents, skills, hooks, MCP servers, memory, Spaces, ... - [GitHub Copilot: Harness Engineering](https://agentpatterns.ai/training/copilot/harness-engineering/): Harness engineering is the discipline of shaping the development environment — types, tests, linters, CI gates, repo ... - [GitHub Copilot: Model Selection & Routing](https://agentpatterns.ai/training/copilot/model-selection/): Model selection determines cost, quality, and speed for every Copilot interaction. Matching the right model tier to e... - [GitHub Copilot: Platform Surface Map](https://agentpatterns.ai/training/copilot/surface-map/): GitHub Copilot runs across five distinct surfaces — VS Code, GitHub.com, CLI, coding agent, and mobile — each with di... - [GitHub Copilot: Team Adoption & Governance](https://agentpatterns.ai/training/copilot/team-adoption/): Team-scale Copilot adoption requires progressive autonomy, tiered code review, cost governance, security boundaries, ... ## Training — Eval-Driven Development - [Eval-Driven Development](https://agentpatterns.ai/training/eval-driven-development/): A practitioner pathway for teams adopting eval-driven development — the discipline of defining measurable success cri... - [Grading Strategies for Eval-Driven Development](https://agentpatterns.ai/training/eval-driven-development/grading-strategies/): The grader determines what "correct" means — choose the wrong grading strategy and your eval suite measures the wrong... - [Hardening Evals for Production](https://agentpatterns.ai/training/eval-driven-development/hardening-evals/): An eval suite that worked during development can fail silently in production — through gaming, distribution drift, or... - [Step-by-Step: Building Your First Eval-Driven Feature](https://agentpatterns.ai/training/eval-driven-development/step-by-step-first-feature/): A hands-on walkthrough building your first eval-driven feature — a PR description generator from scratch, with comple... - [The Eval-First Development Loop](https://agentpatterns.ai/training/eval-driven-development/eval-first-loop/): Write evals before code. Measure against a baseline. Iterate until the pass rate meets your bar. Ship with confidence... - [What Evals Are and Why Agents Need Them](https://agentpatterns.ai/training/eval-driven-development/what-evals-are/): Evals measure agent quality across runs and over time — they answer "is the agent getting better or worse?" in a way ... - [Writing Your First Eval Suite](https://agentpatterns.ai/training/eval-driven-development/writing-first-eval-suite/): Start with 20–50 tasks, clear success criteria, and a simple grader — then grow the suite as you learn what fails. ## Training — Foundational Disciplines - [Foundational Disciplines](https://agentpatterns.ai/training/foundations/): The four practitioner disciplines that determine agent output quality — independent of which tool you use. - [Autonomous Research Loops: Loops That Know When to Stop](https://agentpatterns.ai/training/foundations/autonomous-research-loops/): Autonomous research loops are agent architectures that run unsupervised — modifying artifacts, measuring results, and... - [Context Engineering (Training Module)](https://agentpatterns.ai/training/foundations/context-engineering/): The discipline of designing what enters a model's context window, how it is structured, and what is excluded — to max... - [Earned-Complexity Agent Maturity Ladder](https://agentpatterns.ai/training/foundations/agent-maturity-ladder/): Build agents in this order — single tool call before retries, retries before retrieval, retrieval before planning. Ea... - [Eval Engineering (Training Module)](https://agentpatterns.ai/training/foundations/eval-engineering/): Eval engineering is the discipline of measuring agent quality across sessions and over time — distinct from the harne... - [Harness Engineering (Training Module)](https://agentpatterns.ai/training/foundations/harness-engineering/): The discipline of designing development environments where agents succeed by default -- through legibility, mechanica... - [How the Four Disciplines Compound](https://agentpatterns.ai/training/foundations/prompt-context-harness-capstone/): Prompt engineering, context engineering, harness engineering, and tool engineering are not independent skills -- they... - [Prompt Engineering for Agent Instructions](https://agentpatterns.ai/training/foundations/prompt-engineering/): Effective agent instructions form a system of interacting constraints — altitude, polarity, scope, and volume — not a... - [Tool Engineering (Training Module)](https://agentpatterns.ai/training/foundations/tool-engineering/): The quality of an agent's tools bounds the quality of its output -- no prompt compensates for a tool interface the mo... ## Frameworks - [Frameworks](https://agentpatterns.ai/frameworks/): Multi-page expositions that synthesize atomic patterns into named, coherent ways of operating. A framework is a patte... - [Agentic Framework Landscape: When Each Framework Fits](https://agentpatterns.ai/frameworks/agentic-framework-landscape/): Agentic frameworks sit at different layers of the agent stack, so framework selection is a task-shape match, not a fe... - [Cognitive Architectures for Language Agents (CoALA): A Classifier for Agent Harnesses](https://agentpatterns.ai/frameworks/coala-cognitive-architecture-language-agents/): A descriptive framework that names harness artifacts along three axes — memory, action space, decision loop — so stru... ## Frameworks — Brownfield to Agent-First - [Brownfield to Agent-First](https://agentpatterns.ai/frameworks/brownfield-to-agent-first/): A staged transformation model for taking an existing codebase — with no agent considerations — and making it progress... - [L0 → L1: Making the Repo Readable](https://agentpatterns.ai/frameworks/brownfield-to-agent-first/level-0-to-1/): A readable repo externalizes the implicit knowledge humans hold — architecture, conventions, build commands — into ma... - [L1 → L2: Adding Feedback Loops](https://agentpatterns.ai/frameworks/brownfield-to-agent-first/level-1-to-2/): The L1→L2 transition adds automated feedback loops (strong types, tests, remediation-rich linters) so agents can veri... - [L2 → L3: Building Mechanical Enforcement](https://agentpatterns.ai/frameworks/brownfield-to-agent-first/level-2-to-3/): An L2 repo lets agents self-correct after errors. An L3 repo prevents whole categories of error first — mechanical en... - [L3 → L5: Reaching Agent-First](https://agentpatterns.ai/frameworks/brownfield-to-agent-first/level-3-to-5/): L3 gives agents a constrained, reliable execution environment. L4 adds validated output gates so agent work is bounde... ## Frameworks — Team OS - [Team OS](https://agentpatterns.ai/frameworks/team-os/): Team OS is a single git repository — curated by and for a coding agent — that acts as the shared cognitive substrate ... - [Consistent-Format Customer Capture](https://agentpatterns.ai/frameworks/team-os/consistent-format-customer-capture/): Consistent-format customer capture freezes one heading schema across every call summary, turning prose into a dataset... - [Cross-Functional Knowledge Artifacts](https://agentpatterns.ai/frameworks/team-os/cross-functional-artifacts/): One coding agent can answer across disciplines when every discipline commits the same shape of artifact and a single ... - [Functional Folder Taxonomy](https://agentpatterns.ai/frameworks/team-os/functional-folder-taxonomy/): The folder path is the routing substrate: a coding agent loads function-scoped `CLAUDE.md` based on where a query or ... - [Natural-Language Git as Adoption Unlock](https://agentpatterns.ai/frameworks/team-os/natural-language-git/): A coding agent fronting the `gh` CLI or GitHub MCP server lets non-engineers author pull requests in plain English — ... - [Plan Files as Resumable Artifacts](https://agentpatterns.ai/frameworks/team-os/plan-files-resumable-artifacts/): A plan committed to the repo is a resumable, version-controlled artifact — a pattern that holds for multi-session wor... - [Plan Mode for Knowledge Artifacts](https://agentpatterns.ai/frameworks/team-os/plan-mode-knowledge-artifacts/): For PRDs, strategy memos, and architectural briefs, freezing direction in a reviewed plan before prose is generated c... - [Self-Explanation Loop for Code-Review Comments](https://agentpatterns.ai/frameworks/team-os/self-explanation-loop/): The explanation an agent returns can inflate confidence without building competence, so lead with the conditions unde... ## GEO - [Generative Engine Optimization](https://agentpatterns.ai/geo/): The practice of structuring content so AI-powered answer engines — ChatGPT, Perplexity, Claude, Gemini — select, quot... - [AI Crawler Policy: robots.txt for the Three-Tier Crawler Landscape](https://agentpatterns.ai/geo/ai-crawler-policy/): AI crawlers split into retrieval bots (allow for citations), training scrapers (disallow), and non-compliant bots (WA... - [Answer-First Writing: Structure Content for AI Retrieval](https://agentpatterns.ai/geo/answer-first-writing/): Answer-first writing places a direct 1–2 sentence response under every heading before elaborating, so RAG systems emb... - [Assertion Density — Stats and Quotes Over Vague Claims](https://agentpatterns.ai/geo/assertion-density/): Replace vague qualifiers with specific numbers, dates, sample sizes, and attributed quotes. The Princeton GEO study f... - [Atomic Pages and Chunking — One Concept Per Page for RAG](https://agentpatterns.ai/geo/atomic-pages-and-chunking/): One concept per page makes documentation chunk cleanly, raising retrieval accuracy for AI answer engines. - [GEO for Technical Docs](https://agentpatterns.ai/geo/geo-for-technical-docs/): GEO for technical docs is the practice of structuring API references, tutorials, how-to guides, and pattern pages so ... - [Google Search Console Monitoring Workflow](https://agentpatterns.ai/geo/gsc-search-console-monitoring/): Automate Google Search Console monitoring with GSC and Bing WMT: a scheduled API-driven report plus an on-demand pull... - [How AI Engines Cite](https://agentpatterns.ai/geo/how-ai-engines-cite/): The four major AI answer engines are four entirely different retrieval systems. Optimizing for one does not transfer ... - [llms.txt: Spec, Adoption, and Honest Limitations](https://agentpatterns.ai/geo/llms-txt/): `/llms.txt` gives AI agents a curated entry point to your site at inference time — it improves agent navigation, not ... - [Measuring GEO Performance](https://agentpatterns.ai/geo/measuring-geo-performance/): Measurement of GEO performance is fundamentally harder than measuring SEO. There are no fixed positions, no platform ... - [Schema and Structured Data for GEO](https://agentpatterns.ai/geo/schema-and-structured-data/): Structured data lifts AI citation rates by pre-packaging content in the Q&A and step formats engines reuse — studies ... - [SEO vs GEO — How Signals and Metrics Differ](https://agentpatterns.ai/geo/seo-vs-geo/): SEO optimises for rank position in a list of links; GEO optimises for citation share inside synthesised answers — and... - [Topical Authority — Entity Coverage for AI Citation](https://agentpatterns.ai/geo/topical-authority/): Comprehensive coverage of a topic domain drives persistent AI citation presence. A site with many interconnected page... - [What is GEO](https://agentpatterns.ai/geo/what-is-geo/): Generative Engine Optimization (GEO) is the practice of structuring content so AI answer engines cite it — not just r... ## Tools - [Tools](https://agentpatterns.ai/tools/): Tool-specific patterns, workflows, and configuration guidance for the leading AI coding assistants. - [OpenAI Agents SDK Sandboxes Harness and Memory](https://agentpatterns.ai/tools/openai-agents-sdk/): The April 2026 OpenAI Agents SDK update ships three primitives — controlled sandboxes, an inspectable harness, and co... ## Tools — Claude Code - [Claude Code](https://agentpatterns.ai/tools/claude/): Tool-specific reference for Claude Code's agentic features. - [Agent View: Dispatch-Attach-Monitor Surface for Parallel Sessions](https://agentpatterns.ai/tools/claude/agent-view/): Agent view is one terminal screen for every background session, grouped by what attention each one needs and addressa... - [Channels Permission Relay](https://agentpatterns.ai/tools/claude/channels-permission-relay/): Forward tool-use approval prompts from a running Claude Code session to your phone via Telegram, Discord, or iMessage... - [Claude Agent SDK](https://agentpatterns.ai/tools/claude/agent-sdk/): The Claude Code runtime exposed as a library for building custom agentic workflows. - [Claude Code /batch and Worktrees](https://agentpatterns.ai/tools/claude/batch-worktrees/): Parallel execution at scale — decompose large changes into independent units, each in an isolated worktree. - [Claude Code `--bare` Flag](https://agentpatterns.ai/tools/claude/bare-mode/): Skip all local configuration discovery for deterministic, faster scripted calls. - [Claude Code Agent Teams](https://agentpatterns.ai/tools/claude/agent-teams/): Agent teams coordinate multiple Claude Code sessions with shared task lists, direct messaging, and a team lead. - [Claude Code Auto Mode](https://agentpatterns.ai/tools/claude/auto-mode/): A two-stage classifier evaluates each tool call before execution, automatically approving safe operations and blockin... - [Claude Code Dynamic Workflows](https://agentpatterns.ai/tools/claude/dynamic-workflows/): A workflow is a JavaScript script Claude writes and the runtime executes to orchestrate subagents at scale, keeping i... - [Claude Code Extension Points: When to Use What](https://agentpatterns.ai/tools/claude/extension-points/): Choose the right extension point — CLAUDE.md, rules, skills, hooks, subagents, MCP servers, or plugins — based on enf... - [Claude Code Feature Flags and Environment Variables](https://agentpatterns.ai/tools/claude/feature-flags/): Claude Code exposes environment variables that control model selection, context handling, tool concurrency, and obser... - [Claude Code Hooks](https://agentpatterns.ai/tools/claude/hooks-lifecycle/): Claude Code hooks are deterministic automation at lifecycle points — shell commands, HTTP calls, or LLM prompts that ... - [Claude Code Review](https://agentpatterns.ai/tools/claude/code-review/): A managed multi-agent review service that posts inline findings on every GitHub PR — no subagent configuration required. - [Claude Code Sub-Agents](https://agentpatterns.ai/tools/claude/sub-agents/): Ephemeral, isolated agents that execute focused tasks and return results to the parent. - [Cloud-Scheduled Routines vs Local Session Scheduling](https://agentpatterns.ai/tools/claude/cloud-scheduled-routines/): Cloud-scheduled Routines run on Anthropic infrastructure — trade working-tree fidelity and mid-run permission gates f... - [Hard-Deny Classifier Rule](https://agentpatterns.ai/tools/claude/hard-deny-classifier-rule/): The `autoMode.hard_deny` field blocks tool calls unconditionally inside the auto-mode classifier — user intent and al... - [Local Plugin Scaffolding via `claude plugin init` and Auto-Loaded `.claude/skills`](https://agentpatterns.ai/tools/claude/local-plugin-scaffolding/): Claude Code 2.1.157 auto-loads plugins from `.claude/skills//.claude-plugin/plugin.json`, and `claude plugin in... - [Managed Settings Drop-In Directory](https://agentpatterns.ai/tools/claude/managed-settings-drop-in/): Deploy independent policy fragments per team using `managed-settings.d/`, eliminating merge conflicts and centralizin... - [Monitor Tool: Event Streaming from Background Scripts](https://agentpatterns.ai/tools/claude/monitor-tool/): Stream stdout from a background process directly to Claude — each output line arrives as a notification, no polling r... - [Parameter-Level Permission Rules](https://agentpatterns.ai/tools/claude/tool-param-value-permission-rules/): Permission rules can match on a tool's input-parameter values, not just the tool name — `Agent(model:opus)` blocks Op... - [Plan Mode: Read-Only Exploration Before Implementation](https://agentpatterns.ai/tools/claude/plan-mode/): Restrict the agent to read-only operations so it explores and proposes before it modifies anything. - [Plugin Background Monitors: Declarative Supervision Auto-Armed at Session Start](https://agentpatterns.ai/tools/claude/plugin-background-monitors/): Plugins declare a top-level `monitors` manifest key; Claude Code arms each monitor automatically at session start or ... - [Plugin-Activated Main-Agent Override and Bin/ PATH Injection](https://agentpatterns.ai/tools/claude/plugin-main-agent-override-and-path-injection/): A plugin's `settings.json` swaps the main thread agent and its `bin/` directory injects executables onto the Bash too... - [PostToolUse Hooks: Automatic Formatting and Linting After Every File Edit](https://agentpatterns.ai/tools/claude/posttooluse-auto-formatting/): A `PostToolUse` hook runs formatting and linting automatically after every file Claude edits, removing the round-trip... - [PowerShell Tool: Native Windows Shell for Claude Code](https://agentpatterns.ai/tools/claude/powershell-tool/): Run PowerShell commands natively from Claude Code — no Git Bash path translation, no POSIX shim, direct access to cmd... - [Reloading Skills Mid-Session in Claude Code](https://agentpatterns.ai/tools/claude/reload-skills-mid-session/): Claude Code can re-scan skill directories mid-session, making edited or newly installed skills available without a re... - [Session Scheduling with Loop and Cron in Claude Code](https://agentpatterns.ai/tools/claude/session-scheduling/): Run prompts on a recurring interval or at a specific time using `/loop` and the cron tools — session-scoped, no exter... - [Skill disallowed-tools Frontmatter](https://agentpatterns.ai/tools/claude/skill-disallowed-tools/): A Claude Code skill lists `disallowed-tools` in frontmatter to remove tools from the model while active — the deny-si... - [Skill Eval Loop](https://agentpatterns.ai/tools/claude/skill-eval-loop/): Define test cases, benchmark pass rates, A/B-compare skill versions, and optimize trigger descriptions — bringing eva... - [Sparse-Checkout Worktrees for Monorepo Agent Isolation](https://agentpatterns.ai/tools/claude/sparse-paths-monorepo-isolation/): Sparse-checkout worktrees (`worktree.sparsePaths`) restrict an agent's working tree to one monorepo subtree, so it ca... - [Video Transcript Skill: Meeting Recording to Markdown with Inline Screenshots](https://agentpatterns.ai/tools/claude/video-transcript-skill/): A video transcript skill orchestrates Whisper, ffmpeg, and the Files API to turn a meeting recording into skimmable m... ## Tools — GitHub Copilot - [GitHub Copilot](https://agentpatterns.ai/tools/copilot/): Tool-specific reference for GitHub Copilot's agentic features. - [Agent HQ (Multi-Agent Platform)](https://agentpatterns.ai/tools/copilot/agent-hq/): GitHub's platform for running multiple coding agents — Copilot, Claude, and Codex — within a single interface, with c... - [Agent Mission Control](https://agentpatterns.ai/tools/copilot/agent-mission-control/): GitHub's centralized dashboard for assigning, steering, and tracking Copilot coding agent tasks across repositories. - [Copilot CLI Agentic Workflows](https://agentpatterns.ai/tools/copilot/copilot-cli-agentic-workflows/): Terminal-native agentic coding with GitHub Copilot CLI — interactive and headless modes, graduated authorization, del... - [Copilot CLI BYOK and Local Model Support](https://agentpatterns.ai/tools/copilot/copilot-cli-byok-local-models/): Connect Copilot CLI to your own model provider — Ollama, Azure OpenAI, Anthropic, or any OpenAI-compatible endpoint —... - [Copilot Cloud Agent Organization Controls](https://agentpatterns.ai/tools/copilot/cloud-agent-org-controls/): Three-tier governance model for managing Copilot cloud agent at enterprise, organization, and repository scope. - [Copilot Cloud Agent Three-Phase Execution Model](https://agentpatterns.ai/tools/copilot/cloud-agent-research-plan-code/): Copilot cloud agent exposes a three-phase execution model — Research, Plan, and Code — each producing a reviewable ar... - [Copilot Inline Agent Mode in JetBrains](https://agentpatterns.ai/tools/copilot/inline-agent-mode/): Public-preview surface that runs Copilot agent capabilities inside the JetBrains inline chat popover instead of the d... - [Copilot Memory and Cross-Agent Persistence](https://agentpatterns.ai/tools/copilot/copilot-memory/): Repository-scoped persistent memory that Copilot builds autonomously from agent interactions, shared across coding ag... - [Copilot Spaces: Curated Context Collections for Grounding](https://agentpatterns.ai/tools/copilot/copilot-spaces/): Named context collections that aggregate repositories, code files, PRs, issues, notes, images, and uploads into a cur... - [Copilot Unified Sessions View and CLI Agent in JetBrains](https://agentpatterns.ai/tools/copilot/unified-sessions-view/): A chat-window registry that aggregates CLI agent, agent mode, custom agent, and sub-agent runs into one filterable li... - [copilot-instructions.md as a Repo-Level Instruction Convention](https://agentpatterns.ai/tools/copilot/copilot-instructions-md-convention/): `.github/copilot-instructions.md` is GitHub Copilot's repository-level instruction file -- a single Markdown file tha... - [Dependabot Agent Assignment](https://agentpatterns.ai/tools/copilot/dependabot-agent-assignment/): Route Dependabot alerts to GitHub Copilot for autonomous fix generation, with human review at the merge gate. - [GitHub Agentic Workflows](https://agentpatterns.ai/tools/copilot/github-agentic-workflows/): Event-driven repository automation defined in Markdown and compiled to GitHub Actions, with defense-in-depth security... - [GitHub Copilot Agent Mode](https://agentpatterns.ai/tools/copilot/agent-mode/): Local, synchronous agentic execution that reads files, runs code, checks output, and iterates to fix errors. - [GitHub Copilot Coding Agent](https://agentpatterns.ai/tools/copilot/coding-agent/): Asynchronous agent that works via GitHub Actions to plan, implement, test, and open pull requests. - [GitHub Copilot Custom Agents and Skills Extensibility Guide](https://agentpatterns.ai/tools/copilot/custom-agents-skills/): Custom agents, skills, and plugins are GitHub Copilot's three extensibility layers — agents codify team workflows, sk... - [GitHub Copilot Dedicated App](https://agentpatterns.ai/tools/copilot/copilot-dedicated-app/): The GitHub Copilot dedicated app is a desktop client that makes the agent session the window's primary tenant; backen... - [GitHub Copilot Extensions](https://agentpatterns.ai/tools/copilot/copilot-extensions/): **Deprecated.** GitHub App-based Copilot Extensions were sunset on November 10, 2025. Build MCP servers instead. This... - [GitHub Copilot MCP Integration](https://agentpatterns.ai/tools/copilot/mcp-integration/): Connect Copilot to external tools and data sources via the Model Context Protocol. - [GitHub Copilot SDK](https://agentpatterns.ai/tools/copilot/copilot-sdk/): A programmable layer that embeds Copilot agent capabilities — planning, tool invocation, file editing, and command ex... - [GitHub Models in Actions](https://agentpatterns.ai/tools/copilot/github-models-in-actions/): Insert AI judgment into GitHub Actions workflows using GitHub Models — no external API keys, version-controlled promp... - [Managing Agent Skills from the GitHub CLI](https://agentpatterns.ai/tools/copilot/gh-skill-cli-management/): `gh skill` turns skill install, search, update, and publish into scriptable GitHub CLI operations — usable in repo bo... - [Monorepo Skill and Agent Discovery: Hierarchical Configuration](https://agentpatterns.ai/tools/copilot/monorepo-hierarchical-discovery/): Copilot CLI v1.0.11 discovers instructions, MCP servers, skills, and agents at each directory level up to the git roo... - [Next Edit Suggestions Paradigm](https://agentpatterns.ai/tools/copilot/next-edit-suggestions/): A proactive editing paradigm where the AI predicts both *where* and *what* to edit next — between reactive autocomple... ## Tools — Cursor - [Cursor](https://agentpatterns.ai/tools/cursor/): Tool-specific reference for Cursor's agentic features. - [Cursor /multitask: Async Subagent Dispatch in the Editor](https://agentpatterns.ai/tools/cursor/multitask-subagents/): Dispatch async subagents from the editor session — parallelise queued prompts and let Cursor break a large task acros... - [Cursor 3 Agents Window](https://agentpatterns.ai/tools/cursor/agents-window/): Run multiple agents simultaneously across isolated environments from a single control surface. - [Cursor Customize Page](https://agentpatterns.ai/tools/cursor/customize-page/): The Cursor Customize page is one surface to add and manage plugins, skills, MCPs, subagents, rules, commands, and hoo... - [Cursor Multi-Root Workspaces](https://agentpatterns.ai/tools/cursor/multi-root-workspaces/): One agent session, multiple repository folders — for edits whose intent crosses repo boundaries. - [Cursor SDK: Programmable TypeScript Agent Runtime](https://agentpatterns.ai/tools/cursor/cursor-sdk/): Embed Cursor's agent harness in TypeScript applications, with local, Cursor-hosted, or self-hosted runtimes behind on... - [Cursor Self-Hosted Cloud Agents](https://agentpatterns.ai/tools/cursor/self-hosted-cloud-agents/): Run Cursor cloud agents in your own infrastructure — inference stays in Cursor's cloud, tool execution runs locally. - [Visual-Prompt Agent Steering (Cursor Design Mode)](https://agentpatterns.ai/tools/cursor/visual-prompt-agent-steering/): Click, multi-select, or sketch on a running UI to direct a coding agent — collapsing multi-turn text clarification in... ## Workflows - [Workflows](https://agentpatterns.ai/workflows/): End-to-end workflows for agent-assisted development — from bootstrapping to team onboarding. - [Agent Commit Attribution: Signed Commits and Agent Identity](https://agentpatterns.ai/workflows/agent-commit-attribution/): Agents that commit to shared repositories should carry verifiable identity so audit trails distinguish agent-generate... - [Agent Environment Bootstrapping](https://agentpatterns.ai/workflows/agent-environment-bootstrapping/): Deterministically configure an agent's ephemeral environment before it starts working, pre-installing dependencies in... - [Agent Governance Policies](https://agentpatterns.ai/workflows/agent-governance-policies/): Enterprise policy controls for AI agent behavior — agent mode access, model availability, MCP server allowlists, and ... - [Agent-Driven Greenfield Product Development](https://agentpatterns.ai/workflows/agent-driven-greenfield/): Build a new product agent-first: define agent roles as the architecture, decompose work to context-safe tasks, and ex... - [Agent-Generated Onboarding Guide as a Durable Artefact](https://agentpatterns.ai/workflows/agent-generated-onboarding-guide/): An agent synthesises a teammate onboarding guide from the repository; you version-control that artefact and regenerat... - [Agent-Led Dev-Environment Iteration with Validation and Rollback](https://agentpatterns.ai/workflows/agent-led-dev-environment/): An agent authors and iterates on its own Dockerfile, gated by a smoke test, with snapshot rollback per attempt and an... - [Agent-Powered Codebase Q&A and Onboarding](https://agentpatterns.ai/workflows/codebase-qa-onboarding/): Agents with codebase search tools answer targeted questions about an unfamiliar repository, trace execution paths, an... - [Agentic-Agile: Adapting Agile Rituals for Agent Work](https://agentpatterns.ai/workflows/agentic-agile-rituals/): Agentic-agile imports three agile rituals — eval-threshold-plus-variance done, pass-rate-plus-negative-constraint acc... - [AI Bot CI/CD Workflow Reliability by Agent](https://agentpatterns.ai/workflows/ai-bot-ci-workflow-reliability/): Per-agent GitHub Actions workflow success rates span 29 points — 64.86% (Claude) to 94.44% (Codex) — but uneven sampl... - [AI Slop as a Process Problem: Encoding Quality Standards as Pipeline Gates](https://agentpatterns.ai/workflows/slop-as-process-problem/): Reframe AI-generated slop as a process gap — a per-PR agent gate enforcing version-controlled standards, sized to age... - [AI-Powered Vulnerability Triage](https://agentpatterns.ai/workflows/ai-powered-vulnerability-triage/): Vulnerability triage decomposes security analysis into staged threat-model, suggest, and audit phases to suppress hal... - [Architecting a Central Repo for Shared Agent Standards](https://agentpatterns.ai/workflows/central-repo-shared-agent-standards/): Distribute shared agent skills, instruction files, and coding conventions from a central repository to downstream pro... - [Auto-Triage Workflow: Bug-Monitoring Agent that Connects Related Reports and Opens Fix PRs](https://agentpatterns.ai/workflows/auto-triage-workflow/): An agent that monitors alerts, correlates against prior incidents, investigates, and opens a fix PR — only safe under... - [Backlog Triage as a Named Agent Skill](https://agentpatterns.ai/workflows/backlog-triage-skill/): A skill encodes a state machine into issue labels — each item carries one category and one state, then hands off a du... - [Bootstrapping an Agent-Driven Project from Scratch](https://agentpatterns.ai/workflows/bootstrapping-agent-driven-project/): Bootstrapping an agent-driven project defines agent roles, skills, and instruction files as a new codebase's architec... - [Building Custom Agents from Substrate to Production (Agents All the Way Down)](https://agentpatterns.ai/workflows/agents-all-the-way-down-methodology/): A framework-free methodology — two substrate preconditions, then prototype-with-general-agent, harvest as a CLI, and ... - [Burn the Boats — Commitment-Forcing Deprecation](https://agentpatterns.ai/workflows/burn-the-boats/): Remove the old path entirely on a hard deadline — irreversible deprecation forces full commitment and stops the team ... - [Canary Rollout for Agent Policy Changes](https://agentpatterns.ai/workflows/canary-rollout-agent-policy/): Apply traffic-split deployment discipline to agent policy updates — route a small percentage of requests to the new p... - [CARE: Three-Party Stage-Gated Engineering of LLM Agents](https://agentpatterns.ai/workflows/care-three-party-agent-engineering/): Collaborative Agent Reasoning Engineering (CARE) splits agent construction across SMEs, developers, and helper agents... - [Chat-Platform Agent Delegation](https://agentpatterns.ai/workflows/chat-platform-agent-delegation/): Mentioning a coding agent in a chat channel delegates work from where the team coordinates and concentrates the letha... - [CLI-IDE-GitHub Context Ladder](https://agentpatterns.ai/workflows/cli-ide-github-context-ladder/): A three-surface workflow that matches the right AI environment to each development phase — CLI for exploration, IDE f... - [Closed-Loop Agent Training from Tool Schemas](https://agentpatterns.ai/workflows/closed-loop-agent-training/): Synthesize training trajectories from tool schemas, fine-tune small models to match frontier performance on domain ta... - [Closed-Loop CI Failure Remediation with Cloud Coding Agents](https://agentpatterns.ai/workflows/closed-loop-ci-failure-remediation/): A CI failure becomes a cloud-agent fix PR only under five controls: failure classification, payload sanitisation, sco... - [Cloud Planning with Inline-Comment Review and Execute-Anywhere Choice](https://agentpatterns.ai/workflows/cloud-planning-execute-anywhere/): Generate the plan in the cloud, review it inline in a browser, then choose at approval whether to execute remotely or... - [Cloud-Local Agent Handoff](https://agentpatterns.ai/workflows/cloud-local-agent-handoff/): Cloud-local handoff moves an agent session between cloud and local surfaces while preserving the branch, session logs... - [Compound Engineering: Learning Loops That Make Each Feature Easier](https://agentpatterns.ai/workflows/compound-engineering/): A four-step loop -- Plan, Work, Assess, Compound -- where each feature feeds learnings back as prompts, making subseq... - [Continuous Agent Improvement: Iterating on Agent Quality](https://agentpatterns.ai/workflows/continuous-agent-improvement/): An observation-to-update loop for maintaining and improving agent configurations over time. - [Continuous AI (Agentic CI/CD)](https://agentpatterns.ai/workflows/continuous-ai-agentic-cicd/): Continuous AI runs agents alongside CI/CD pipelines to handle judgment-heavy tasks deterministic rules cannot express... - [Continuous AI: A Navigation Map of Always-On Agent Workflows](https://agentpatterns.ai/workflows/continuous-ai/): Continuous AI groups the always-on agent workflows here — each a distinct application with its own trigger, authority... - [Continuous Autonomous Task Loop](https://agentpatterns.ai/workflows/continuous-autonomous-task-loop/): A self-directed agent loop reads a task backlog, executes each item via a ReAct inner loop, commits, and repeats with... - [Continuous Documentation as an Agent-Driven Practice](https://agentpatterns.ai/workflows/continuous-documentation/): Continuous documentation runs AI agents on schedule or push to detect documentation-code drift and open reviewable PR... - [Continuous Triage: Automating Issue Classification with AI Workflows](https://agentpatterns.ai/workflows/continuous-triage/): AI agents replace manual issue triage by classifying, labeling, and routing issues on every event or schedule, runnin... - [Daily-Use Skill Library: Encoding Your Process as Agent Skills](https://agentpatterns.ai/workflows/daily-use-skill-library/): A small library of purpose-built skills that encode your engineering process beats general instructions — each skill ... - [Dev Containers for AI Coding Agents: Claude Code vs Copilot CLI](https://agentpatterns.ai/workflows/devcontainers-for-ai-coding-agents/): Both vendors ship official devcontainer paths but they solve different problems — Claude Code delivers isolation, Cop... - [Discovery-Only Refactor Pass: Surface Candidates Before Touching Code](https://agentpatterns.ai/workflows/discovery-only-refactor-pass/): A read-only pass scans for *deepening opportunities*, emits a ranked candidate list, and proposes no edits — the huma... - [Distilled Bootstrap Contract: Agent-Authored Repo Setup](https://agentpatterns.ai/workflows/distilled-bootstrap-contract/): Version an agent's Docker-verified repo-setup heuristics as a `.bootstrap` contract, converting per-session discovery... - [Documentation-Guided Legacy Migration](https://agentpatterns.ai/workflows/documentation-guided-legacy-migration/): Document a legacy C repository's architecture, hand that blueprint to coding agents, then validate by redocumenting t... - [Encoding Tacit Knowledge into Agent Improvement Loops](https://agentpatterns.ai/workflows/encoding-tacit-knowledge/): Tacit knowledge — the expert judgment practitioners cannot articulate on demand — becomes agent instructions, example... - [Enterprise Skill Marketplace: Distribution and Quality](https://agentpatterns.ai/workflows/enterprise-skill-marketplace/): At 50+ engineers, a shared GitHub repo is no longer sufficient. Skills need managed distribution, usage instrumentati... - [Entropy Reduction Agents: Automated Codebase Hygiene](https://agentpatterns.ai/workflows/entropy-reduction-agents/): Scheduled background agents that scan for architectural violations, documentation drift, and tech debt, producing tar... - [Escape Hatches: Unsticking Stuck Agents](https://agentpatterns.ai/workflows/escape-hatches/): Pre-planned recovery paths for agents that loop, stall, or produce degrading output. - [Eval-Driven Development: Write Evals Before Building Agent Features](https://agentpatterns.ai/workflows/eval-driven-development/): Define evaluation tasks and success criteria before implementing an agent feature so that "done" has an objective def... - [Experiential-Learning Setup Agents with Snapshot Rollback (SetupX)](https://agentpatterns.ai/workflows/experiential-setup-agents-snapshot-rollback/): Capture repo-setup fixes as dual-modality records, trial them under Docker snapshot rollback, verify with prosecutor-... - [Factory Over Assistant: Orchestrating Parallel Agent Fleets](https://agentpatterns.ai/workflows/factory-over-assistant/): The factory model replaces real-time human attention with automated feedback loops and parallel agents — but only onc... - [Failure-Driven Iteration for Improving Agent Workflows](https://agentpatterns.ai/workflows/failure-driven-iteration/): Failure-driven iteration feeds real error output back to the agent as the primary context for each fix, grounding sol... - [Headless Claude in CI: Using -p and --max-turns for Safe Pipeline Integration](https://agentpatterns.ai/workflows/headless-claude-ci/): Run Claude non-interactively in CI/CD pipelines using print mode (`-p`) and cap agentic steps with `--max-turns` to k... - [Human-in-the-Loop Placement: Where and How to Supervise Agent Pipelines](https://agentpatterns.ai/workflows/human-in-the-loop/): Supervise an agent pipeline by gating before irreversible actions and public-impact decisions, not reversible steps —... - [Humans and Agents in Software Engineering Loops](https://agentpatterns.ai/workflows/humans-agents-development-loops/): Position humans to manage the loop, not inspect every artefact — throughput and quality compound when humans engineer... - [In-Thread Side-Channel: Bounded Side Questions Without Losing the Main Task](https://agentpatterns.ai/workflows/in-thread-side-channel/): A tagged side question lets the agent answer mid-task and return to the main goal — only in long sessions, for short ... - [Incident Log Investigation Skill](https://agentpatterns.ai/workflows/incident-log-investigation-skill/): An incident log investigation skill that surfaces *any* log is worse than none: under time pressure a false signal ac... - [Introspective Skill Generation: Mining Agent Patterns to Create New Skills and Agents](https://agentpatterns.ai/workflows/introspective-skill-generation/): Introspective skill generation is a workflow where an analysis agent mines session transcripts and memory for recurri... - [Issue-to-PR Delegation Pipeline](https://agentpatterns.ai/workflows/issue-to-pr-delegation-pipeline/): Issue-to-PR delegation routes a GitHub issue to an AI coding agent that plans, executes, self-reviews, and delivers a... - [Issue-Tracker as Agent Dispatch Surface](https://agentpatterns.ai/workflows/issue-tracker-agent-dispatch-surface/): Issue-tracker dispatch makes the ticket the agent's prompt — viable only under WRAP ticket discipline, an assignment-... - [Knowledge-Based Pull Requests for Cross-Trust-Boundary Contributions](https://agentpatterns.ai/workflows/knowledge-based-pull-requests/): A knowledge-based pull request treats an external contribution as a confirmable package, then has a project-owned age... - [Labels as Locks: Pipelined Backlog Processing with Stage Gates](https://agentpatterns.ai/workflows/labels-as-locks-pipeline/): Stage labels gate pipeline steps; a claim label plus a timestamped claim comment forms a lease-based lock that preven... - [Lay the Architectural Foundation by Hand Before Delegating to Agents](https://agentpatterns.ai/workflows/architectural-foundation-first/): Build the structural skeleton and a few representative features by hand before delegating — the foundation is the inv... - [Lazy Worktree Isolation: Enter the Worktree on First Write, Not on Dispatch](https://agentpatterns.ai/workflows/lazy-worktree-isolation/): Background agent sessions start in the parent checkout and relocate into an isolated git worktree only on the first E... - [LLM-as-Judge Evaluation with Human Spot-Checking](https://agentpatterns.ai/workflows/llm-as-judge-evaluation/): Combine automated LLM rubric scoring with targeted human review to evaluate multi-agent output at scale without sacri... - [Mise en Place for Agentic Coding](https://agentpatterns.ai/workflows/mise-en-place-agentic-coding/): Mise en place front-loads grounding, specification, and task decomposition before agents touch code, giving concurren... - [Model Deprecation Lifecycle for Agent Workloads](https://agentpatterns.ai/workflows/model-deprecation-lifecycle/): Treat model deprecation as a recurring supply-chain event: monitor announcements, run regression evals, stage canary ... - [Model-ID-as-Dependency: Migration Protocol for Deprecation Churn](https://agentpatterns.ai/workflows/model-deprecation-migration-protocol/): Treat every model ID as a versioned dependency: inventory each surface, propagate the migration atomically, and gate ... - [Monolith-to-Sub-Agents Refactor: Five Lessons from a Brittle Prototype](https://agentpatterns.ai/workflows/monolith-to-subagents-refactor/): A five-step checklist for refactoring a brittle monolithic agent prototype into a production-grade pipeline — each st... - [Multi-Repo and No-Repo Coding Agent Automation Templates](https://agentpatterns.ai/workflows/multi-repo-no-repo-automation-templates/): Adopt trigger/scope-decoupled automation templates only when your vendor exposes the primitive natively and you have ... - [One-Click CI Auto-Fix: Human-Triggered Cloud-Agent Remediation for Failing GitHub Actions](https://agentpatterns.ai/workflows/one-click-ci-auto-fix/): One-click CI auto-fix hands a failing GitHub Actions run to a cloud agent that pushes a fix, bounded by three human c... - [Parallel Agent Sessions Shift the Bottleneck from Writing Code to Making Decisions](https://agentpatterns.ai/workflows/parallel-agent-sessions/): Running multiple agent sessions in parallel shifts the bottleneck from writing code to architectural decisions, feedb... - [Parallel Polyglot Ports as a Spec-Ambiguity Oracle](https://agentpatterns.ai/workflows/parallel-polyglot-ports-spec-oracle/): Generate multiple AI-paired ports from one executable spec and treat divergence as a signal that the spec under-speci... - [Permutation Frameworks for Batch Code Generation](https://agentpatterns.ai/workflows/permutation-frameworks/): Define constrained code templates with shared signatures, then use agents to generate reliable variations at scale — ... - [Pre-Execution Codebase Exploration](https://agentpatterns.ai/workflows/pre-execution-codebase-exploration/): Invest in problem statement quality before launching an agent — a lightweight exploration phase that adds reproductio... - [Programmatic Cloud-Agent Dispatch via REST API and Webhooks](https://agentpatterns.ai/workflows/programmatic-cloud-agent-dispatch/): Dispatching coding agents from REST, webhooks, or cron is safe only when the caller adds dedupe, payload sanitisation... - [Prototype Before Optimizing](https://agentpatterns.ai/workflows/prototype-before-optimizing/): Prototype with generous budgets to establish a quality baseline before applying optimization pressure — otherwise com... - [Public-Channel Agent Work as Lehrwerkstatt](https://agentpatterns.ai/workflows/public-channel-agent-work/): Force agent conversations into public channels so the team learns from every transcript: high-yield given psychologic... - [QA Session to Issues Pipeline](https://agentpatterns.ai/workflows/qa-session-to-issues-pipeline/): A multi-stage agent pipeline that turns raw QA session documents into investigated, context-rich GitHub issues by aut... - [Repository Bootstrap Checklist: Wiring Agent Support](https://agentpatterns.ai/workflows/repository-bootstrap-checklist/): Repository bootstrapping wires agents into an existing codebase in dependency order — project instructions first, the... - [Runbooks as Agent Instructions](https://agentpatterns.ai/workflows/runbooks-as-agent-instructions/): Runbooks written for humans fail for agents through implicit context, ambiguous decision points, and assumed knowledg... - [Scheduled Instruction File Fact-Checker](https://agentpatterns.ai/workflows/instruction-file-fact-checker/): A scheduled GitHub Actions agent that reads CLAUDE.md and all `@path`-referenced instruction files, verifies each fac... - [SDLC-Phase Skill Taxonomy: Full-Lifecycle Skill Libraries](https://agentpatterns.ai/workflows/sdlc-skill-taxonomy/): Organize a skill library around SDLC phases so phase-entry commands activate only the relevant skills — keeping selec... - [Seamless Background-to-Foreground Handoff](https://agentpatterns.ai/workflows/background-foreground-handoff/): Enable humans to take over from background agents at the ~90% completion mark — using distilled context summaries and... - [Semantic Issue Search from Chat vs Query Syntax](https://agentpatterns.ai/workflows/semantic-issue-search-natural-language/): Natural-language issue search resolves a chat-described symptom to an existing issue when paraphrasing dominates; fal... - [Simulation and Replay Testing for Agent Verification](https://agentpatterns.ai/workflows/simulation-replay-testing/): Validate agent prompt changes by replaying a past task in isolation and diffing the result against what was actually ... - [Single-Branch Git for Agent Swarms](https://agentpatterns.ai/workflows/single-branch-git-agent-swarms/): At 10+ parallel agents committing small changes, branching becomes the bottleneck. Single-branch git with mechanical ... - [Single-CLI Agent Platform: Create to Production in One CLI](https://agentpatterns.ai/workflows/single-cli-agent-platform/): A single-CLI agent platform bundles scaffold, eval, deploy, and publish into one binary — worth it only on one cloud ... - [Skeleton Projects as Agent Scaffolding](https://agentpatterns.ai/workflows/skeleton-projects-as-scaffolding/): Skeleton projects scaffold agent-driven development with battle-tested repository templates instead of structure buil... - [Skill Library Refinement Loops](https://agentpatterns.ai/workflows/skill-library-refinement-loops/): Four complementary feedback mechanisms that together keep a team's shared skill library accurate and useful — no sing... - [Spec-Anchored Drift-Gated Architecture (Spec Growth Engine)](https://agentpatterns.ai/workflows/spec-growth-engine/): Make spec-code divergence a blocking merge gate and narrow each agent to one ownership path in a machine-readable spe... - [Spec-Driven Development with Spec Kit](https://agentpatterns.ai/workflows/spec-driven-development/): Spec-driven development externalizes project intent into a Markdown specification that agents compile into code, maki... - [Staged Literal Porting with a Per-Stage Numeric Oracle](https://agentpatterns.ai/workflows/staged-literal-port-with-numeric-oracle/): Stage an LLM port one axis at a time, ban improvements, and gate every stage on a numeric oracle drawn from the prior... - [Stakeholder Trust Through Evals and Observability](https://agentpatterns.ai/workflows/stakeholder-trust-evals-observability/): A three-artefact review cycle — dashboard, custom trace view, ad-hoc query — that makes eval and observability data l... - [Team Onboarding for AI Agent Workflows and Adoption](https://agentpatterns.ai/workflows/team-onboarding/): Team onboarding for agent workflows aligns a team on shared infrastructure, trust calibration, and vocabulary before ... - [The 7 Phases of AI-Assisted Feature Development](https://agentpatterns.ai/workflows/7-phases-ai-development/): Feature-scale AI-assisted development runs through seven alternating phases, each with a distinct human/agent ratio a... - [The AI Development Maturity Model: From Skeptic to Agentic](https://agentpatterns.ai/workflows/ai-development-maturity-model/): AI tool adoption follows a recognizable maturity model — knowing your current phase clarifies what to learn next and ... - [The Plan-First Loop: Always Design Before Writing Code](https://agentpatterns.ai/workflows/plan-first-loop/): For non-trivial tasks, have the agent describe the system, correct its understanding, and co-design a written plan be... - [The Research-Plan-Implement Pattern](https://agentpatterns.ai/workflows/research-plan-implement/): The Research-Plan-Implement pattern splits agent work into three phases: gather context, plan the approach, then exec... - [Throwaway-Prototype Skill: Build to Discard, Keep Only the Answer](https://agentpatterns.ai/workflows/throwaway-prototype-skill/): A throwaway-prototype skill forbids tests, error handling, and abstractions to keep the spike cheap; the only durable... - [Tiled Agent Layout: Supervising Parallel Agents Through Dedicated Panes](https://agentpatterns.ai/workflows/tiled-agent-layout/): Tiled agent layout splits the screen into one pane per agent — lowering a supervisor's per-switch cost across concurr... - [Velocity-Quality Asymmetry: Why AI Speed Gains Fade](https://agentpatterns.ai/workflows/velocity-quality-asymmetry/): AI coding tools deliver a velocity burst that fades within months while their quality debt compounds indefinitely, so... - [Verification-Centric Development for AI-Generated Code](https://agentpatterns.ai/workflows/verification-centric-development/): Verification-centric development moves the developer's value from writing code to proving generated code is correct. - [Whole-Codebase Visibility as a Migration Prerequisite](https://agentpatterns.ai/workflows/whole-codebase-visibility-migration-prerequisite/): A scoping check that decides whether a large-scale agent migration fits in agentic search or needs whole-codebase vis... - [Worktree Isolation: Parallel Agent Sessions in Safe Sandboxes](https://agentpatterns.ai/workflows/worktree-isolation/): Run each agent in its own git worktree, an isolated repo copy on its own branch, so agents never collide with each ot... ## Patterns - [Patterns: Agent Design, Multi-Agent, and Anti-Patterns](https://agentpatterns.ai/patterns/): Recurring architectural patterns for building, coordinating, and debugging AI coding agents — plus the anti-patterns ... - [Agentic Pattern Vocabulary Crosswalk](https://agentpatterns.ai/patterns/pattern-vocabulary-crosswalk/): Crosswalk that maps four agentic pattern vocabularies — Ng's four, Anthropic's five, Gulli's twenty-one, CoALA's thre... - [Pattern Selection Map](https://agentpatterns.ai/patterns/selection-map/): This selection map compares patterns by what they cost, where they break, and what they assume — so you pick the chea...