Agentic AI Best Practices

This video explores the fundamental shift from simple AI assistance to building a high-performance AI-Native Software Delivery Pipeline. To move beyond "vibe coding" and simple autocomplete, organisations must adopt a disciplined set of Agentic AI Best Practices to ensure quality, security, and 10x productivity.

1. Separation of Agentic Concerns
Just as we moved from monoliths to microservices, we must move from "one AI to rule them all" to a multi-agent architecture.
• Specialisation: Use distinct cognitive modes for different phases of the SDLC, such as specialised agents for planning, coding, and analytical fault-finding (review).
• Orchestration: Use frameworks like TaskingAI or Claude Flow to manage these agent squads asynchronously, allowing them to collaborate rather than act as lone contributors.

2. Specification-First Methodology
Trust begins with clarity. Avoid ambiguous natural language prompts by adopting Specification-Driven Development (SDD).
• Executable Blueprints: Requirements should be formalized into machine-parsable specifications (e.g., Given/When/Then structures).
• Algorithmic Verification: By using machine-readable specs, you can algorithmically and deterministically generate tests without any "monkey" (AI) involvement, ensuring the code matches the intent.

3. Context Engineering (AX is the new DX)
The Agent Experience (AX) determines the quality of the output.
• The Knowledge Fabric: Use a centralized registry like Tessl to serve as a dependency system for knowledge, providing version-specific documentation to prevent AI hallucinations.
• Steering Files: Explicitly document non-obvious configurations and "golden rules" in agents.md or steering files to ensure high abstraction adherence, especially when using newer or private libraries.

4. Deterministic Safety & Identity
In a world of non-deterministic LLM outputs, you must build deterministic walls.
• Network Sandboxing: Implement policy engines like Cedar or Warden to strictly intercept agent requests and prevent destructive actions, such as deleting a production database, regardless of the tool used.
• Triple Identity: Agent permissions should be based on a combination of the user, the agent identity, and the session context to mitigate risks like prompt injection and data exfiltration.

5. Statistical Evals and Invariants
Testing alone is no longer enough; you need continuous verification.
• Statistical Evals: Run population tests against hundreds of use cases to measure performance and detect logic drift over time.
• Invariants: Define architectural properties that must always be true (e.g., memory safety, concurrency rules) and verify them to catch subtle bugs that traditional functional tests miss.

The Evolving Human Role
As the machine generates, tests, and improves code, the human engineer’s role transitions from a manual labourer to a Strategic Supervisor and AI System Architect. You are responsible for setting the rules of the factory and defining the boundaries of trust.