Skip to content
Luisa Lima
Go back

The task is the variable

We don’t talk enough about safety in AI-assisted coding. And when we do, we frame it as a dial between speed and caution: fast and loose, or slow and careful. I realized the real variable is the task, not the speed.

There are several fundamentally different jobs that we run as engineers when we are writing code:

It’s the same tool both times: the risk profiles are opposite.

For me, a spike doesn’t mean “no safety.” Rather, it means no safety you can safely postpone. You can defer the static analysis and the test coverage. What you can never defer is anything whose damage lands now: secrets, credentials, and anything wired to a live system.

So the unit of configuration is the posture, not the tool itself. And a posture should be a mode that is wired to the task’s risk level, and chosen before the agent starts.

Think about environments, our hard learning from years of software engineering done wrong.

Dev, staging and prod aren’t different because the code is super different (it is actually usually exactly the same!). Environments differ because you don’t pick prod, you promote into it. The hard part was never having different configs. The problem is in the seam: the moment a spike quietly becomes a build, but nobody reset the posture.

Match the posture to the task, then guard the seam between them.


Share this post:

Next Post
I switched from beads to plaintext tasks that live in the diff, managed by a skill