larsfaye.com article states agentic coding creates cognitive debt and reduces developer skill retention · Digg

larsfaye.com article states agentic coding creates cognitive debt and reduces developer skill retention · Digg

Posts from X

Most Activity

VIEWS25KBOOKMARKS90

Damian Barabonkov@damian_b

The sandboxing debate is becoming more widespread, but I fear it is focusing on the wrong things. Given too many people are ranking startup times, I decided to write this rebuttal.

From Peter’s tweet, his postulation is the correct one: "How would we build software if tokens don’t matter?". In this future, sandboxing will not be about shaving milliseconds off boot. Timings will still matter, but there will be many more layers to this cake.

Most critically, sandboxing will be about giving agents a high-fidelity operating environment.

I think the winners will have to get these three things right:

1. Full-capability sandboxes

Most sandboxes people are hyping are not actually capable enough for serious agentic work.

A useful coding agent needs to clone arbitrary repos, install dependencies, run tests, spin up services, debug failures, and iterate.

For example, many production repos depend on Docker. If your sandbox cannot run Docker, it is probably not ready for the workflows agents are about to own.

2. Trusted credential handling

The moment agents do real work, they need access to real systems.

GitHub, Linear, Slack, GMail, cloud accounts, internal dashboards, deployment tools.

You cannot just hand the model your secrets and hope for the best.

The right abstraction is some version of a trusted proxy: the agent can request actions, but secrets stay controlled, scoped, audited, and revocable.

3. Agent-to-agent communication

Today, most sandboxed agents are isolated workers.

I do not think that will last for long.

The future probably looks more like fleets of specialized agents, each with different tools, permissions, memories, and objectives.

Some review code. Some reproduce bugs. Some run benchmarks. Some test security. Some interact with external apps.

Those agents will need to talk to each other, delegate, verify, and coordinate.

So the sandbox stops being a box, and it starts to become more of a network substrate.

That is why I think this market is still wide open. Nobody really knows what the agentic software stack will look like yet.

But I am absolutely confident that the winning sandbox provider will not be the one that starts fastest. It will be the one that safely enables agents to do real work.

Peter Steinberger 🦞@steipete

People freaking out over my AI spend. What nobody sees: Part of what excites me so much about working on OpenClaw is that I'm trying to answer the question:

How would we build software in the future if tokens don't matter?

We constant run ~100 codex in the cloud, reviewing every PR, every issue. If a fix on main lands, @clawsweeper will eventually find that 6 month old issue and close it with an exact reference.

We run codex on every commit to review for security issues (as it's far too easy to miss).

We run codex to de-duplicate issues and find clusters and send reports for the most pressing issues.

We have agents that can recreate complex setups, spin up ephemeral http://crabbox.sh machines, log into e.g. Telegram, make a video and post before/after fix on the PR.

There's codex that watch new issues and - if it fits our documented vision well, automatically create a PR of it. (that then another codex reviews)

We have codex running that scans comments for spam and blocks people.

We have codex instances running that verify performance benchmarks and report regressions into Discord.

We have agents that listen on our meetings and proactively start work, e.g. create PRs when we discuss new features while we discuss them.

We build http://clawpatch.ai to split all our projects into functional units to review and find bugs and regresssions.

We do the same split for security with Vercel's deepsec and Codex Security to find regressions and vulnerabilities.

All that automation allows us to run this project extremely lean.

44d25K11090

LIKES275REPLIES94

roon@tszzl

does agentic code style matter? will anyone read code in another six months?

44d11.4K27520

RETWEETS29

Zara Zhang@zarazhangrui

AI psychosis: cycling between two mental states every single day ↑ after using coding agents: holy shit I'm omnipotent. I can build anything. I've never felt this powerful in my life. ↓ after scrolling twitter: holy shit I'm completely behind. everyone's ahead. the wave is moving and I'm going to get left.

44d15.6K25953

Bojan Tunguz@tunguz

build tools for ai agents, not people then

signüll@signulll

eventually we’ll have too many tools & not enough ppl to use them.

43d3.1K352

☣ junior developer ☣@chromatic_x

Ward Cunningham once told me "if I'm pairing with someone and we disagree on the approach to take, I'll go with their suggestion, because we can discover it's wrong quickly or I'll learn another way that works".

It's smart to realize what's taste.

Adam Jacob@adamhjk

Yeah, I understand the difference in shipping to different kinds of consumers. The ability to move quickly doesn't change the need for taste, or what happens when you overstuff a product.

If I review 100% of the code I've produced by an agent to 100% understanding, I too will find much to dislike. Because as a human with 30+ years of experience, I have developed taste and patterns that really matter to me (and that no doubt impact the quality of my work, especially when I'm the one doing it.) The domain you work in matters for this, but ultimately - questions of taste start to fall away, and instead you're looking for high quality repeatable patterns. External quality remains the immovable bar. But internal quality takes on a very different character.

44d1.9K102

Anicet@AniC_dev

everything that our custom sandboxes powering http://ascii.dev do btw

- sandboxes are VPSs with sudo access, all you ever need installed, a desktop, chrome even - startup times reasonably fast (<2s) but not overly optimized for no reason - credential management system for adding/revoking (no proxy tho because most programs need a .env file) - each ascii agent gets a ascii cli to spy on and prompt any other agent. great for automations where agents must avoid to do what others do and self-organize

44d52363

kache@yacineMTB

@tszzl yes

roon@tszzl

does agentic code style matter? will anyone read code in another six months?

44d748220

Saturn 🪐@satrn_o

@tszzl will anyone do anything in 6 months?

44d22612

roon@tszzl

@satrn_o yeah fair

44d21310

shako@shakoistsLog

@tszzl yes and yes

44d1775

Richa Sharma@richa_lq

@tszzl

44d4721

ib@Indian_Bronson

@tszzl No!

I decided to stop looking at any code for things I am personally working on and commit entirely to conversations

https://www.armyupress.army.mil/Portals/7/military-review/Archives/English/MilitaryReview_20131231_art011.pdf

Generals should not be looking at 5 para op orders or communicating directly with line infantry on a radio to make tactical decisions

44d7252

Ken 無 (non-official taco bell affiliate)@Ken67547214

@tszzl If nothing else, it matters to the agent ingesting it. But of course people will always read and write code. Those of us that think that way are still going to exist.

44d694

Jules Jacobs@JulesJacobs5

@tszzl Local coding style, no. But with bad architecture or just generating way too much code for the amount of functionality, the codebase will collapse under its own weight at some point, which limits what you can achieve.

44d1473

Kory Mathewson@korymath

Lars Faye warns that coding agents cause skill atrophy because they remove the friction of manual trial and error.

44d42920

ib@Indian_Bronson

@tszzl There is a rich language of doctrine, with immense historical record, replete with commands/functions/literal standard operating procedures at all abstraction levels for us to navigate gradually delegating more and more (but not too much) to AI agents

44d1432

chopwatercarry@chopwatercarry

@damian_b @hallerite - Weaker agents are best suited to have a single VM - Stronger agents naturally might need generalized capability for spinning up and managing VMs and for their own work and delegating tasks

44d1112

Romain Beaumont@rom1504

@tszzl I'd say the part that matters is what limits your future agency. "Paint yourself in a corner" kind of code "style" is what needs to be avoided.

So maybe bad overall system design rather than whether you have ; or not in js.

44d3421

Damian Barabonkov@damian_b

@AniC_dev Mind elaborating how you do creds?

44d2561

Eren Suner@geren8te

@zarazhangrui coding agents are a confidence amplifier and this app is a comparison machine. terrible combo if you confuse visible output with actual throughput.

44d1532