• Category: Agentic coding
  • Status: discussion
  • Sources: okTurtles blog, HN discussion
  • Summary: Greg Slepak (okTurtles) describes a short-leash method for using coding agents on security-critical software: break work into tracked steps, require a permission prompt that shows each diff before it applies, review and approve or deny every change, commit after each subtask, and record which models assisted in a mandatory pull-request AI-disclosure section. The post is a practitioner opinion drawn from maintaining the Group Income codebase, with no measured results or reproducible benchmark.
  • Why it matters: It is a concrete counter-model to autonomous agent workflows and reinforces the day's maintainer-review theme, positioning human diff review as the control that keeps AI-authored code accountable.

Send feedback on this story