The coding-agent workbench
A chatbot answers; a coding agent must ship working code to a real repository — and that's where reliability collapses. The fix isn't a smarter model, it's a workbench: executable verification as a feedback loop, scope contracts, a reproducible environment, and state that survives across sessions. The compiler doesn't hallucinate.
What you'll learn
- Why coding agents fail on real repos, and why a better model isn't the fix
- Executable verification as the central feedback loop — the model proposes, tests dispose
- Scope contracts, reproducible environments, and a reviewer pass
- Repo memory and multi-session handoff for tasks bigger than one context window
Before you start
A chatbot answers a question and it’s done. A coding agent has to do something far less forgiving: change a real codebase so that it still builds, still passes tests, and does what was asked. That’s where reliability collapses — the model writes plausible code that doesn’t compile, edits the wrong file, wanders out of scope, or loses the thread on a task bigger than its context window. The fix that actually moves the needle isn’t a smarter model. It’s the workbench: the engineering scaffolding that turns an open-loop text generator into a closed-loop engineer.
The core: executable verification as a feedback loop
The single most important idea is this: don’t trust the model’s “done” — verify it executably. The harness had verification as one of six components; for coding agents it becomes the center of gravity. The agent edits, the workbench runs the real gates — tests, linter, type-checker, build — and feeds the actual failure output back. The agent reads the error and fixes, looping until the gate passes:
def run_tests(version): # the executable verification gate -> (passed, message)
gate = {
1: (False, "FAIL test_add: expected 5, got 6 (off-by-one)"),
2: (False, "FAIL test_add: expected 5, got None (forgot return)"),
3: (True, "ok: 3 passed"),
}
return gate.get(version, (True, "ok"))
version = 1
while True:
passed, msg = run_tests(version)
print(f"attempt {version}: {msg}")
if passed:
print("constraint satisfied -> safe to commit")
break
version += 1 # agent reads the failure output and revises
attempt 1: FAIL test_add: expected 5, got 6 (off-by-one)
attempt 2: FAIL test_add: expected 5, got None (forgot return)
attempt 3: ok: 3 passed
constraint satisfied -> safe to commit
The magic is that the feedback is ground truth, not another opinion: the test suite and the compiler don’t hallucinate. A model guessing in the dark is unreliable; the same model given the real error message — “expected 5, got 6” — can correct itself. The workbench’s job is to make that loop tight and automatic.
The supporting pillars
The verification loop only works if the rest of the bench is built. Each pillar reuses an idea you’ve met, pointed at coding:
- Executable constraints. Specs the agent must satisfy, not prose to interpret. Your AGENTS.md lists the build/test/lint commands; the workbench is what actually enforces them as the gate (recall: an instruction file shapes behavior, it doesn’t guarantee it — the gate does).
- Scope contracts. Bound what the agent may touch — these files, these commands, no
git push --force. This is least privilege / propose-then-commit applied to a repo: a wrong edit is contained, and a human approves the irreversible step. - A reproducible environment. An init script that installs deps and makes tests runnable, so the agent can actually execute the gates rather than guess. No environment, no feedback loop.
- Repo memory & multi-session handoff. Real tasks outlast one context window. Persist progress, decisions, and a task list to a file (context engineering / memory) so a fresh session — or a fresh agent — resumes instead of restarting.
- A reviewer pass. Before committing, a second check — a reviewer agent or a stricter gate — catches what the author missed (the evaluator–optimizer / reflection pattern at the repo level).
In one breath
- A coding agent must change a real repo that still builds and passes tests — where plausible-but-wrong output, scope drift, and lost context make raw models unreliable; the fix is a workbench, not a bigger model.
- The center is executable verification as a feedback loop: the agent edits, the workbench runs the real gates (tests/lint/types/build) and feeds the actual failure back, looping until it passes — feedback that’s ground truth (the demo fixes an off-by-one in 3 attempts).
- Supporting pillars: executable constraints (enforced AGENTS.md commands), scope contracts (least privilege), a reproducible environment, repo memory / multi-session handoff, and a reviewer pass.
- It works because the compiler and tests don’t hallucinate — the same model that guesses badly self-corrects from a real error message.
- This — not model size alone — is what drove agents to resolve real issues (SWE-bench): the model proposes, the gates dispose.
Quick check
Quick check
Next
The workbench is what the agent harness becomes for real codebases; its payoff is measured by agent benchmarks like SWE-bench, and its scope/approval gates are agent safety controls.