Skip to content

Blog

Welcome to our technical blog — practical writing on platform engineering, GitOps, and AI-assisted operations. No thought leadership fluff. Just things that actually work in production.


Latest Posts

Git is the Source. Confluence is the Search Layer. Here's What Connects Them.

Published: 5 July 2026 | Author: Surjit Bains

Your docs team writes markdown in Git. Your AI agents query Confluence via MCP. The python-mkdocs-to-confluence plugin closes the gap — and confluence_properties makes every page CQL-queryable without full-text search.


HolmesGPT Knows What Your Runbooks Are Missing. Here's How to Fix It.

Published: 28 June 2026 | Author: Surjit Bains

Every failed Confluence lookup is a runbook gap. Build a feedback loop that turns HolmesGPT investigation logs into drafted PRs — clustered by Claude, reviewed by humans, merged back into the knowledge base Holmes reads next time.


The 6 GitHub Repos That Are Redefining How AI Agents Think, Act, and Talk to Each Other

Published: 15 June 2026 | Author: Surjit Bains

Skills frameworks, memory, multi-agent orchestration, A2A protocol — and a compatibility table showing exactly which of these works with Claude Code, Cursor, Copilot, and Windsurf.


Spec First, GitOps Second: The Platform Engineer's Guide to BMAD

Published: 15 June 2026 | Author: Surjit Bains

BMAD brings agile upstream thinking to AI-driven development. Here's how to use it before you write a single Helm chart — and how Sam, the Platform Engineer agent, hands off directly into your GitOps pipeline.


OpenTelemetry Graduated. Time to Stop Treating It Like a Bet.

Published: 15 June 2026 | Author: Surjit Bains

OTel hit CNCF graduated status on May 21. The eBPF profiler adds the fourth observability signal to any Kubernetes workload without touching source code. Here's what changes for your platform team.


From Prompt to Harness: The Three Eras of Working With AI

Published: 2 Jun 2026 | Author: Surjit Bains

Prompt engineering gave us the words. Context engineering gave us the knowledge. Harness engineering gives us reliability. Swapping the harness changes SWE-bench scores by 22 points. Swapping the model changes them by 1.


MCP Goes Stateless: What the 2026-07-28 RC Actually Changes

Published: 4 Jun 2026 | Author: Surjit Bains

The MCP spec RC removes Mcp-Session-Id and sticky routing at the protocol layer. If you've been holding off running MCP servers on Kubernetes because of session affinity headaches, that excuse just expired.


Your Platform Repo Needs an AGENTS.md. Here's What Goes In It.

Published: 9 Jun 2026 | Author: Surjit Bains

60,000+ public repos have an AGENTS.md. Almost none are written for a Kubernetes platform repo. Here's the template that covers forbidden paths, naming conventions, sync model, and secrets — plus a Kyverno policy to enforce it.


Your AGENTS.md Is Great. Now How Do You Roll It Out to 40 Repos?

Published: 10 Jun 2026 | Author: Surjit Bains

One AGENTS.md is a solved problem. Managing it across 40 repos, three git providers, and five teams without drift is not. Here's the three-zone file structure and provider-agnostic sync engine that keeps everything consistent.


The 5 GitHub Repos That Are Redefining How AI Agents Think, Act, and Talk to Each Other

Published: 16 Jun 2026 | Author: Surjit Bains

Skills frameworks, multi-agent orchestration, A2A protocol — these are the repos shaping the agent layer in 2026. Here's what each one actually does and why platform teams should care.


You Can't Debug What You Can't See: OTel GenAI Conventions for Agent Workloads

Published: 18 Jun 2026 | Author: Surjit Bains

Standard HTTP tracing tells you a model call took 3.2 seconds. GenAI semantic conventions tell you which tool caused it, how many tokens it burned, and why the finish reason was length not stop. Zero code changes with the OTel Operator.


A2A and MCP Are Not Competing — They're the Stack

Published: 23 Jun 2026 | Author: Surjit Bains

MCP is how an agent talks to tools. A2A is how one agent talks to another. 150+ organisations including AWS, Microsoft, and Salesforce are running A2A v1 in production. Here's what the split means for your platform architecture.


Cursor MDC Rules: The More Powerful AI Context File You're Probably Not Using

Published: 25 Jun 2026 | Author: Surjit Bains

Most Cursor users are still on .cursorrules. The new .cursor/rules/*.mdc format lets you scope rules to specific file types, activate them conditionally, and ship multiple rule sets per repo. Here's what changes for platform engineering teams.


GitHub Copilot Has an AGENTS.md. Most Teams Don't Know It Exists.

Published: 1 Jul 2026 | Author: Surjit Bains

.github/copilot-instructions.md loads into every Copilot Chat session in your repo automatically. It covers different surface area from AGENTS.md — conversational context rather than agent constraints. Here's what to put in it.


CLAUDE.md Is Two Files in One. Most Teams Are Only Using Half of It.

Published: 8 Jul 2026 | Author: Surjit Bains

CLAUDE.md isn't just a rules file — it's a configuration layer for Claude Code. Memory blocks, MCP server declarations, PreToolUse hooks, custom slash commands, and sub-agents all live here. Here's the half most teams are missing.


Your AI Agent Doesn't Know You. Here's How to Fix That.

Published: 27 May 2026 | Author: Surjit Bains

Every agent session starts from scratch. experience-as-skill extracts your frameworks, decision patterns, and voice from your CV, git history, notes, and Slack — into a single skill file any agent can load.


The Four Rules That Make AI Agents Actually Trustworthy

Published: 26 May 2026 | Author: Surjit Bains

Karpathy's four CLAUDE.md rules cut AI coding mistakes from 41% to 11%. Here's why they're the missing discipline layer for platform teams running agents in production.

CLAUDE.md Is Two Files in One. Most Teams Are Only Using Half of It.

Banner image Banner image

CLAUDE.md Is Two Files in One. Most Teams Are Only Using Half of It.

If you've read the Karpathy CLAUDE.md post — the four rules, the 41% to 11% error rate reduction — you know why CLAUDE.md matters as a rules file. Write clear constraints, get better agent behaviour. That framing is accurate and it's useful.

But it's about half the picture. CLAUDE.md is also a configuration file for Claude Code. And the configuration half — memory blocks, MCP server declarations, tool permissions, hooks, custom slash commands, sub-agents — is where platform engineers have the most to gain. These features aren't available in AGENTS.md, Cursor MDC rules, or Copilot instructions. They're Claude Code-specific, and most teams either don't know about them or haven't made the connection between these features and what they'd actually want to do with them.

Git is the Source. Confluence is the Search Layer. Here's What Connects Them.

Banner image Banner image

Your engineers write markdown in Git. Your ops team lives in Confluence. Your AI agents query Confluence via MCP during incidents. You've been choosing between these audiences every time you write documentation — or maintaining two copies and watching them diverge.

There's a build step that eliminates the choice. This post shows you how to wire it up, and explains the one frontmatter block that makes every published page queryable by an AI agent without relying on fuzzy text search.

GitHub Copilot Has an AGENTS.md. Most Teams Don't Know It Exists.

Banner image Banner image

GitHub Copilot Has an AGENTS.md. Most Teams Don't Know It Exists.

There are somewhere north of 1.8 million active GitHub Copilot users. Most of them use it through VS Code or the GitHub web UI. Almost none of them have a .github/copilot-instructions.md in their repos — and that file would meaningfully change how Copilot behaves on every question they ask.

The file has been available since late 2024. GitHub documents it quietly. It doesn't show up in most tutorials. And for platform engineers who've spent time getting AGENTS.md right, it looks at first glance like a redundant thing. It isn't — it covers different surface area and reaches a different audience within your team.

HolmesGPT Knows What Your Runbooks Are Missing. Here's How to Fix It.

Banner image Banner image

Your runbooks are wrong. Not all of them — but the ones that matter most are the ones that don't exist yet. Every incident HolmesGPT handles without finding a matching runbook is a signal. Every Slack access request it can't resolve from policy. Every team repeating the same escalation pattern. That's your knowledge base telling you exactly where it's incomplete.

This post builds a closed-loop system that listens to those signals and drafts the missing runbooks — automatically, with human review before anything goes live.

Cursor MDC Rules: The More Powerful AI Context File You're Probably Not Using

Banner image Banner image

Cursor MDC Rules: The More Powerful AI Context File You're Probably Not Using

If you use Cursor, there's a good chance your repo has a .cursorrules file — a flat block of instructions that loads into every session. It works. But there's a newer format, .cursor/rules/*.mdc, that the flat file can't match: scoped rules that only activate when you're editing specific file types, multiple rule sets that coexist in the same repo, and front matter that controls exactly when and how each rule loads.

For platform repos with multiple languages, multiple concerns, and strict boundaries between what should and shouldn't change, the MDC format is meaningfully better. This post explains what's different and what a well-structured .cursor/rules/ directory looks like for a Kubernetes platform repo.

Spec First, GitOps Second: The Platform Engineer's Guide to BMAD

Banner image Banner image

Spec First, GitOps Second: The Platform Engineer's Guide to BMAD

Here's a pattern I see constantly with platform teams that have started leaning on AI: they skip straight to building. The security team needs vulnerability data in Prometheus so they can alert on critical CVEs in Grafana. Someone spins up a chat window and asks Claude to "write the ArgoCD Application for the tenable-exporter." No PRD. No architecture decision about secret management. No agreement on scrape interval or which clusters it deploys to. Just vibes and YAML.

And it works, kind of, for a while. Until the tenth iteration when the agent has lost context, the generated code contradicts a decision made in session two, and nobody can remember why they chose that particular pattern.

BMAD is the antidote. It's what happens when you take agile project discipline — upstream thinking before downstream building — and wire it into your AI workflow. And if you're already doing GitOps, the mental model maps perfectly: you don't kubectl apply before you know what you're applying. You shouldn't prompt an AI agent before you know what you're building.

49K reasons people are paying attention

BMAD-METHOD hit ~49,000 GitHub stars in June 2026 with v6.8.0 shipping in late May. It's the most-starred open-source spec-driven AI development framework right now — and it has a dedicated Platform Engineer agent (Sam) built specifically for Kubernetes, GitOps, and IaC workflows.

Cloud Native & Open Source AI Conference — Notes

These are my working notes from the sessions I attended.

The throughline across almost everything was the same tension platform teams have been sitting with for months: agents are genuinely useful, and making them safe to run at enterprise scale is harder than anyone wants to admit. Every speaker who touched on agentic workloads eventually arrived at the same place — governance isn't the constraint on adoption, it's the prerequisite for it. The Kafka session was the exception. That was about a completely different kind of complexity.

I'm not going to reproduce every bullet. What follows is what actually landed, what I'm thinking about differently, and what I'd do next week.


Keynote: Kubernetes, Headlamp, and Agentic Governance

Andrew Randall, Pal Lakatos-Toth — Microsoft

The keynote opened with a reflection on why Kubernetes won. The answer wasn't "better technology". It was better technology and a genuinely open, inclusive community. Both. Neither on its own.

That framing mattered more than it sounds. Because the second half of the keynote was about agentic workloads on Kubernetes, and the same logic applies. You don't make agents safe by picking the right model. You make them safe by building the right community of practice around them — and that starts with governance engineers actually trust.

On the UX side: Headlamp is now the official upstream Kubernetes UI. SIG UI has deprecated the previous dashboard. Multi-cluster visibility, a plugin model, a desktop app — real answers to onboarding friction, not cosmetic improvements. If you have engineers who avoid the CLI because it's overwhelming, Headlamp is worth a proper evaluation before the end of the quarter.

The demo that stuck with me was the agentic governance piece. CRD-driven controls specifying which tools an agent can call, what it can't do without operator approval, and how it routes through an inference policy before touching anything. Not "prompt the agent to be careful". Enforce it. Rate limits, budget controls, egress constraints — all expressed as Kubernetes resources. The agent proposes a fix, the operator approves, the controller reconciles. That's the loop you want.

The governance pattern that actually works

Tool policy, inference policy, runtime definition — all expressed as Kubernetes CRDs running live on-stage. The agent can still be useful. It just can't be reckless. The key distinction: separate agent autonomy from agent authority. Autonomy is what the agent decides to do. Authority is what it's actually permitted to do. Enforce the latter with policy, not prompts.

What to do next: - Evaluate Headlamp as your default multi-cluster UI in a lab before rolling it out broadly - Map one platform workflow that could become a CRD-backed agent contract - Define your minimum governance baseline: tool policy, inference policy, workload identity, audit trail - Build development and validation loops on kind before managed-cluster rollout


The Massively Parallel Agent Stack

Peter Bhabra — Doubleword

This was the talk I'd been hoping to see. Not "here's a demo where the agent writes code". But "here's why one giant agent is the wrong shape for this problem".

The use case was a security audit across a reasonably sized codebase — 512 files, roughly 2.5 million tokens of source. The single-agent approach burned through context, churned, and delivered weak coverage. You've probably seen this: the agent gets increasingly confused about what it's already seen and starts generating output that's plausible but thin.

The swarm approach worked differently. An orchestrator decides team composition and carves up the work. Specialist workers — each with a clear, bounded role like "find injection patterns" or "check unsafe file access" — process their slices in parallel. They return structured, schema-bound outputs. And critically: an independent verifier reviews each finding before it's included. A dedicated synthesiser then turns verified findings into an actionable report.

Better coverage, lower token cost. And the same runtime can be repointed at completely different use cases just by swapping prompts, schemas, and tools. The economic model for background audits is asynchronous inference — you don't need low-latency responses for something that runs overnight.

Context window size is not the same as coverage quality

Bigger context doesn't mean the agent sees more clearly — it often means it sees everything less clearly. The parallel worker approach isn't just about speed. It's about keeping each worker's context small, specific, and focused. A verifier stage before surfacing findings to engineering backlogs isn't optional. It's how you avoid noisy or hallucinated issues becoming real tickets.

What to do next: - Prototype a small swarm runtime for one internal use case — dependency review or secret scanning are good starting points - Define a minimal findings schema now (severity, confidence, file path, evidence, recommendation) before you need one - Add an independent verifier stage before creating issues in engineering backlogs - Benchmark single-agent vs swarm on the same repository with the same acceptance criteria


Silent Interpretation Errors at Scale

Maebh Booth — Senior Engineering Leader

This talk named something that's been quietly frustrating platform teams for months. Not "the agent failed" — but "the agent succeeded at the wrong thing and didn't mention it".

The term is silent interpretation drift. The agent makes an implicit decision, picks an interpretation, and moves forward without surfacing the ambiguity. It doesn't ask. It just gets on with it, because forward motion is what it's optimised for. The output often looks correct — tests pass, the prose is coherent — but it's missing something you specified, or it assumed something you didn't. At enterprise scale, across many teams and shared workflows, those small errors compound fast.

Her recommended controls are practical. Intent-based skills that route on cognitive operation rather than exact phrasing. Explicit "stop and ask" rules before agents commit inferred IDs, config defaults, or assumed paths. Deterministic pre-commit hooks that block known-bad patterns — not advisory, hard gates. And telemetry. Without transcript instrumentation and periodic evaluation, you can't prove your guardrails are working. You can only hope they are.

The point that landed hardest: require agents to bundle all their clarifications and ask them once, not interrupt five times mid-task. It sounds small. It changes the interaction model completely.

Soft prompts can't do the job of hard gates

Advisory guidance helps at the margins. But for anything high-impact — inferred paths, assumed IDs, hard-coded values — you need deterministic enforcement. One gate plus one measurable evaluation beats ten advisory skills with no feedback loop.

What to do next: - Audit current agent workflows for recurring overreach: assumed values, invented constants, ignored constraints - Add one explicit "stop and ask" gate for inferred values in a critical repository this week - Add push-time metrics for skill activation and non-compliance events - Schedule a weekly evaluation pass to catch behavioural drift before it compounds


Prompt-Driven Platforms: The Future of Self-Service Infrastructure

Salman Iqbal, Amir Tayabali — Wayfinder

Good demos are easy. Safe, repeatable, enterprise-wide adoption in high-security environments is the hard bit. That's where this talk lived, and it was more honest about the difficulty than most.

The central tension: give agents enough context and access to be genuinely useful, while still enforcing controls that security and compliance teams can audit. In locked-down environments, prompt conventions and local settings don't cut it. You need a gateway, a wrapper, and explicit trust boundaries — not because you distrust the AI, but because you need to explain what happened when something goes wrong.

The shadow IT angle was sharp. If platform teams don't provide a safe, easy path for AI tooling, engineers will build their own. And those homegrown setups won't have the governance controls you spent months designing. The paved road has to be genuinely paved — not a traffic cone maze that takes twenty minutes to navigate.

Context quality came up as a force multiplier. Teams getting the best agent outputs weren't just using better prompts. They were surfacing richer service-catalog metadata through Backstage. Who owns this service? What does it depend on? What are the constraints? When the agent has that context, it makes better decisions. When it doesn't, it guesses.

If you don't build the paved road, engineers will build their own

Shadow AI is the enterprise equivalent of shadow IT. It happens when the unofficial path is easier than the official one. Gateway enforcement and wrapper-based tool launch aren't bureaucracy — they're what lets you say "yes, use it" rather than "use it and good luck".

What to do next: - Map every current AI access path and identify which ones bypass policy controls - Pilot gateway-mediated model access in one team before broader rollout - Invest in service-catalog metadata quality — it's a force multiplier for agent output quality - Publish a small set of platform-curated skills and track actual adoption


Controlling AI Agent Access in Cloud-Native Engineering Workflows

Viola Lykova — nuclecode

The clearest reframe of the day: agent access control is a platform engineering problem, not a prompt engineering problem.

The moment agents move from autocomplete to autonomous action — triggering CI, opening PRs, mutating infrastructure — they become execution actors. And execution actors need the same rigour as human privileged access. The problem isn't that agents are malicious. It's that their scope tends to expand quietly over time. You add a tool. You widen a token scope. You give them access to production "just for diagnostics". Three months later you're looking at a token with write permissions across five services that was originally scoped to read-only logs.

Drift is the word she used. Not a single bad decision, but incremental scope expansion that's hard to notice until you audit it. And without continuous drift detection, you won't audit it until something goes wrong.

The state mutation framing matters. Every tool call can change platform reality. Every API call is evidence. The discipline is: explicit permission contracts, scoped tokens per tool per action class, approval checkpoints for high-risk changes, and forensic audit trails that attach actor, scope, rationale, and approval metadata to each meaningful mutation. Prompts can influence behaviour. They are not security boundaries.

A prompt is not a permission boundary

Natural-language instructions guide what an agent wants to do. Tokens, scopes, and policy enforcement determine what it can do. These are not the same thing, and treating them as equivalent is how you end up with an agent that's polite about exceeding its authority.

What to do next: - Create an agent access inventory: tool, token, scope, owner, environment — even a spreadsheet works to start - Replace broad shared credentials with purpose-specific scoped tokens per tool and action class - Add policy checks that block scope increases without explicit approval - Define and test rollback paths for high-impact mutations before you need them in production


Platform as a Product: What Happens When We Treat Security as a User?

Hannah Foxwell — Bimp

If your platform team genuinely builds "platform as a product" but security teams are still downstream reviewers rather than first-class users, you're not actually doing it.

That's the core provocation, and it landed. Developer experience has received enormous investment over the last few years — golden paths, self-service, reducing friction. Security teams have largely been left with manual triage queues that don't scale with the pace of discovery. And the AI-era wrinkle makes this worse: vulnerability discovery is accelerating. AI-assisted scanning will find more CVEs, faster. Traditional human-only triage is already approaching its limits, and we're at the beginning of the curve, not the middle.

The practical moves aren't glamorous but they're achievable. Filter and correlate findings before they hit human queues. Surface ownership metadata on every finding so the right team gets the right alert. Add runtime environment and data sensitivity to guide prioritisation urgency. Automate the obvious patches — not everything, just the changes with high confidence and low blast radius. That alone removes a significant chunk of the toil and lets security teams focus on the decisions that actually require human judgment.

Security teams are platform users — run the same discovery with them

Interview your security team the way you'd interview developers for user research. Map their current pain in your platform workflows. The gap between what security teams need and what platform teams have built for them is often embarrassingly wide, and most of it is fixable once you can see it clearly.

What to do next: - Run one user research session with your security team, treating them as platform users - Add ownership and impact metadata to every service and surface it in security findings - Pilot one automated remediation workflow for a high-frequency, low-risk vulnerability class - Define a response playbook for high-severity disclosures and rehearse it before you need it


Beyond the Portal: AI-Native Platforms with CNOE and MCP

Hossein Salahi

The portal isn't dead. But it's no longer the only surface that matters, and for some users it was never quite the right one.

That's the honest read of this talk. Portals did useful work: they standardised self-service and gave platform teams a way to offer repeatable workflows without writing a Slack bot for everything. But for operational users — SREs, incident responders, people who are in a terminal or a chat window when something is on fire — a static form wizard is the wrong shape.

The CNOE/MCP model being shown here is additive, not a replacement. Your existing GitOps, policy controls, and capability planes stay exactly where they are. What changes is the interface and control model. An alert triggers agent reasoning. The agent gathers context through MCP-connected tools. It proposes a Git-based fix. A human approves. The controller reconciles. No new control plane, no parallel infrastructure — just a better interface for an operational workflow that already exists.

The piece I'd push on in my own context: cross-session memory. If the same class of alert fires again next month, the agent should have context from the previous resolution. That's what turns a one-off demo into a durable operational pattern.

Start with one operational workflow that's currently too slow in a portal

Don't frame this as "AI-native replaces the portal". Frame it as "operational users who can't afford to navigate forms under pressure now have a better interface". Pick one high-friction workflow — noisy alert class, slow diagnosis path — and build the agent contract for that. Don't start with a platform overhaul.

What to do next: - Identify one operations workflow that's genuinely painful in portal-only mode - Define an agent contract for it: scope, tools, allowed actions, approval requirements - Route all production-affecting changes through PRs with required human review, even in the agentic path - Capture incident telemetry and assess whether agent-assisted workflows actually improve MTTR


Intro to Apache Kafka on Aiven: From Managed Simplicity to Inkless Architectures

Hugh Evans — Aiven

The different-shaped talk. Not about agents. About a real shift in how Kafka stores data.

Classic Kafka replicates partitions across brokers across availability zones. That's the durability model. It works. It's also expensive — cross-AZ data transfer is one of the biggest cost drivers in managed Kafka deployments. And operationally, it's heavy: rebalancing when you add or replace a broker is a genuine pain that gets worse as clusters grow.

Diskless Kafka — sometimes called "inkless" or "disaggregated", the terminology is still settling — moves durability off broker-local disks and onto object storage. The economics are materially different: object storage replication doesn't carry the same cross-AZ transfer cost as broker-to-broker replication. You also get less rebalancing friction when scaling horizontally, because broker state isn't tied to local disk.

The trade-off is latency. If your workload is latency-sensitive, the object storage path adds overhead you need to measure and design for. Mixed-mode support — running classic and diskless topics in the same cluster — gives you the flexibility to choose per workload rather than making a binary call for the whole cluster.

Worth watching, not uncritically adopting today. The open-source governance path involves competing KIPs and community alignment work, which is a useful reminder that "accepted direction" and "production ready" are different milestones.

Pull your cross-AZ transfer costs before anything else

That number is the entire justification for a pilot. For many teams it will be larger than expected, and the potential saving from diskless topics for the right workload class is real. The latency trade-off matters, but it's manageable if you profile first.

What to do next: - Profile current Kafka workloads by latency sensitivity and retention/replay patterns - Quantify cross-AZ transfer costs as a baseline before running any pilot - Test mixed-mode topics in a non-production cluster with p95/p99 latency measurement - Define clear topic placement rules (classic vs diskless) for engineering teams to use


The Age of "Big Tech" is Over

Sean M Tracey — Mitchell Technologies

The most contrarian talk of the day. Also probably the most honest.

The argument wasn't about market share or antitrust. It was more personal and more pointed: we've stopped questioning the assumption that progress requires giant platforms with giant defaults. We accept that a simple internal tool needs Kubernetes with five nodes, a managed database, a load balancer, and a monthly bill that would embarrass a small-team startup. We call it "enterprise-grade". Sometimes it's just overengineered.

Sean's counter: build small. Build local. Measure actual usage before sizing anything. The live demo — lightweight app deployment, a browser-based calling flow running with minimal resource usage — wasn't technically impressive by the standards of the rest of the conference. That was the point. Most of what we build doesn't need impressive infrastructure. It needs sufficient infrastructure.

The open source compounding argument is worth sitting with. Decades of shared tooling have made it dramatically cheaper to build good software than it was ten years ago. But we've developed habits of complexity that cancel out most of that gain. We reach for the same patterns we used when they were necessary, in contexts where they're not.

I'm not sure "the age of big tech is over" quite holds up as a thesis. But "our default infrastructure assumptions are probably wrong more often than we check" — that I buy.

Start from the minimum, measure your way up

When you next propose infrastructure for a new internal tool, start from the smallest thing that solves the real user need. "We'll scale later" is reasonable. "Let's start with enterprise defaults just in case" is where the waste compounds over years.

What to do next: - Audit one current service for over-provisioning against measured usage data, not assumed load - Pilot one new internal tool using the smallest viable deployment path and compare delivery speed - Compare total cost of ownership for one workflow across your current platform vs a lighter-weight path - Document a "small-first" engineering guide for new internal projects


What I'm taking away

Taken together, the sessions painted a fairly consistent picture.

Agents are moving into operational workflows — not as a future capability but as something teams are actively deploying now. The teams doing it well share three things: governance expressed as policy and code rather than prompts, genuine observability over what agents are actually doing, and a clear human-in-the-loop for high-impact changes. The teams doing it badly are relying on natural language instructions to enforce security boundaries. They're not.

On the platform side: portals aren't being replaced, but they are being supplemented. The operational interface is shifting toward conversational and MCP-connected patterns for users who live outside the portal. Context quality — service ownership, dependency metadata, team annotations — is becoming a force multiplier for agent usefulness. The teams with richer catalogs are getting better outputs.

And the Kafka session was a useful reminder that not everything interesting is about AI. Diskless architecture is a real cost and operational improvement for the right workloads, and it's worth following as it matures through the KIP process.

The question I keep coming back to is the one from Maebh Booth's session. If your team is using AI agents and hasn't explicitly defined what "stop and ask" means versus "use your judgment", you don't know what you're actually running. That conversation is worth having before something goes quietly wrong.


Which session was most immediately actionable?

The parallel swarm talk (Peter Bhabra) is probably the most directly applicable. The pattern is simple enough to prototype in a day or two, and the "independent verifier before backlogs" insight applies to almost every team running agents at scale.

Is governance-first realistic for smaller teams?

Yes. You don't need a full CRD-based control plane to start. Viola Lykova's access inventory approach — tool, token, scope, owner, environment — can live in a spreadsheet today. The principle scales down; the implementation grows with you.

What's the one thing I'd take into a Monday morning team meeting?

The silent interpretation drift frame from Maebh Booth. If your team is using agents and hasn't explicitly defined what "stop and ask" means versus "use your judgment", you don't know what you're actually running. That conversation is worth having before something goes quietly wrong.

Is the 'age of big tech is over' framing credible?

Probably not literally. But the underlying point — that our default infrastructure sizing assumptions are wrong more often than we check — is worth taking seriously regardless of how the headline lands.

Your AGENTS.md Is Great. Now How Do You Roll It Out to 40 Repos?

Banner image Banner image

Your AGENTS.md Is Great. Now How Do You Roll It Out to 40 Repos?

Writing one AGENTS.md is a solved problem. You commit the file, the agents read it, the naming convention incident stops happening. Done.

Then someone asks: "Should all our repos have this?" And you say yes. And now you have 40 repos across three teams, some on GitHub, some on GitLab, one stubborn service still on Bitbucket — and the question of how you keep them consistent, how you propagate updates when the org-level conventions change, and how you know when a repo has drifted from the standard.

That's the harder problem, and it looks a lot like every other configuration management problem you've already solved for your infrastructure. The same instincts that made you reach for GitOps and policy-as-code apply here.

Your AI Agent Doesn't Know You. Here's How to Fix That.

Banner image Banner image

Your AI Agent Doesn't Know You. Here's How to Fix That.

You open a new agent session. You paste in the problem. And the agent starts from zero.

It doesn't know you spent eighteen months migrating that monolith. It doesn't know you have a strong opinion about when to introduce abstractions (late) versus when not to (almost never). It doesn't know your default response to "let's just ship it and fix it later" is to ask what the rollback plan is. It doesn't know any of it. Every session is amnesia.

That's the cold-start problem. And most people solve it by writing better prompts — which works, until you forget to write the prompt, or the context window fills up, or you're halfway through a task before realising the agent is reasoning nothing like you would.

There's a better fix. Point a tool at your CV, your git history, your notes, your Slack export — and let it extract a behavioral profile. Not a biography. Not a career summary. A decision toolkit. The answer to "what would you do?" for every type of problem you routinely face.

That's experience-as-skill.

From Prompt to Harness: The Three Eras of Working With AI

Banner image Banner image

From Prompt to Harness: The Three Eras of Working With AI

There's a moment every team hits after they've been running AI in production for a few months. The demos worked great. The initial results were impressive. And then the cracks appeared.

The agent ignored your naming conventions. It generated code that violated an architectural boundary you thought was obvious from context. Two parallel agent sessions clobbered each other's work. You added more detail to the prompt. You tuned the context window. And it still happened — not always, not predictably, but enough to matter.

What you ran into is the gap that neither prompt engineering nor context engineering was designed to close. And in 2026, there's a name for the discipline that closes it: harness engineering.