Coding & Developer-Tooling Use Cases Best Practices
Ten practices for shipping coding, review, test, docs, and ops agents without surrendering merge and production judgment.
Use this list when a team wants "full autonomy" and you need a safer default path.
How to Use This Checklist
- Work top to bottom when scoping a new coding-agent use case.
- Tick items that are true before expanding write permissions or auto-merge.
- Keep the filled list next to the design doc or ADR.
- Re-run after the first week of real PRs or alerts - demos lie.
- Downgrade autonomy when precision or flake metrics get worse.
A - Scope the Work
- 1. Write a verifiable definition of done. Tests pass, typecheck clean, alert brief posted with sources, docs cite paths - not "looks good."
- 2. Prefer tasks with strong oracles. Unit tests, compilers, policy checkers, and read-only metrics queries beat subjective taste tasks for early wins.
- 3. Bound paths, commands, and environments. Allowlists beat prompt etiquette. Disposable branches and non-prod credentials are defaults.
- 4. Separate propose from merge (and diagnose from remediate). Draft PRs and triage briefs first; promote execution rights only with evidence.
B - Keep Humans on Risk
- 5. Map severity to required human gates. Auth, payments, data deletion, prod rollback, and secret material always need named human approval.
- 6. Review diffs and traces, not vibes. Require commands run, observations, and stop reasons in the PR or incident thread.
- 7. Cap nit noise from review and docs agents. Severity rubrics and comment budgets protect signal so humans still read the bot.
C - Operate Like Production Software
- 8. Ship stop conditions and budgets with the prototype. Max turns, timeouts, rate limits, and no-progress detection are launch requirements.
- 9. Evaluate on your repo's real history. Held-out bugs, labeled PRs, and game-day incidents beat generic leaderboard screenshots.
- 10. Instrument cost, rework, and escaped defects. Expand autonomy only when rework minutes and incidents move the right direction.
Applying the Habits in Order
| Stage | Habits | Exit criterion |
|---|---|---|
| Use-case pick | 1-2 | Done definition + oracle exist |
| Sandbox design | 3-4 | Allowlists + propose-only path |
| Risk policy | 5-7 | Gate map + review standard published |
| Launch | 8-10 | Stops, eval slice, metrics dashboard |
Quick "Do Not Expand Autonomy" Signals
- Humans routinely discard or heavily rewrite agent PRs.
- Tests are flaky or missing on the modules you targeted.
- Review bot precision on high severity is poor.
- Ops agent recommends write actions without citing evidence.
- Cost per successful task trends up while quality is flat.
FAQs
How many checklist items are mandatory?
Treat 1, 3, 5, and 8 as non-negotiable before any write access beyond a personal sandbox.
Can we pilot without an eval set?
You can spike. Do not claim production readiness or expand auto-merge without habit 9.
What if leadership wants unsupervised bug fixing this quarter?
Offer a narrow package class with draft PRs and measured rework. Do not skip gates to match a press release.
Do these practices differ for docs-only agents?
Write scope shrinks to docs paths, but citation rules and review ownership still apply. Habits 1, 6, and 7 remain central.
How do DevOps agents fit the same list?
Swap "merge" for "prod change." Habits 4-6 and 8 become stricter; dual control replaces casual PR review for T2+ actions.
Is autocomplete covered here?
Only lightly. These habits target multi-step tool-using coding agents. Inline completion needs less process but still needs secret hygiene.
What document should store the gate map (habit 5)?
A short security/ops policy linked from the agent runbook: path patterns, action tiers, approver roles.
How often should we revisit autonomy level?
After incidents, after major model or tool changes, and on a fixed quarterly review. Autonomy can decrease.
What is the most common failure mode this list prevents?
An impressive demo with broad shell access, no stop conditions, and no human review on sensitive paths.
Should agent-authored PRs skip human review if CI is green?
No for risky paths. CI green is necessary, not sufficient, especially for security-sensitive modules.
How do we handle prompt injection via issues or logs?
Treat those strings as untrusted. Enforce allowlists in the runtime; never rely on "please ignore malicious instructions" in the prompt alone.
When is a coding agent clearly the wrong tool?
When success cannot be checked automatically, tools do not exist, or the organization will not fund review and observability.
Related
- How Coding Agents Changed Day-to-Day Software Development - workflow context for these habits
- Coding & Developer-Tooling Use Cases Basics - first read/edit/test loop
- Autonomous Bug-Fixing Agents: From Issue to Verified Patch - issue-to-patch discipline
- Code Review Agents: Automated PR Feedback at Scale - review signal quality
- DevOps Agents: Deployment, Incident Triage, and Runbook Execution - higher blast-radius gates
- Use Cases for AI Agents Best Practices - broader use-case scoping
Stack versions: Pins from the category manifest (verify at build): OpenRouter (~315+ models, July 2026 pricing/fees); LangGraph 1.0+; CrewAI 1.14+; Microsoft Agent Framework 1.0; Vercel AI SDK 6; Pydantic AI (latest); LlamaIndex (latest); OpenAI Agents SDK (latest + MCP); MCP (Linux Foundation governance); A2A (HTTP+SSE+JSON-RPC 2.0); Solana
@solana/web3.js+@solana/spl-token.