Part of the The Anatomy of Agentic Coding Systems series
The Harness Layer: Why the Wrapper Matters More Than the Model

The Harness Layer: Why the Wrapper Matters More Than the Model

By John Davenport · Published on March 31, 2026

Part 4 of "The Anatomy of Agentic Coding Systems," a series breaking down how AI coding tools actually work.

Three engineers. Five months. Zero manually written lines of source code. Roughly one million lines of production code shipped.

That's the headline from OpenAI's internal Codex experiment. But the interesting part isn't the output. It's what those engineers were actually doing. They weren't writing code. They weren't even reviewing most of it. They were building the harness, the constraints, verification loops, and architectural enforcement that allowed agents to produce reliable code at scale.

The team averaged 3.5 merged PRs per engineer per day. When they expanded to seven engineers, throughput increased. Not because they had more hands on keyboards, but because each new engineer added more constraints, better linting rules, tighter feedback loops. More harness meant more reliable output.

Most developers are optimizing the wrong layer.

The wrong layer

When AI coding tools produce bad output, the instinct is to blame the model. "Claude hallucinated." "GPT made a mistake." So you switch models. You upgrade. You wait for the next benchmark winner.

But the model is rarely the bottleneck. The same model that produces garbage in a bare chat window can produce reliable, architecturally consistent code when wrapped in the right harness. The difference isn't intelligence. It's structure.

Three evolutions

The industry figured this out in three phases, each building on the last:

Prompt engineering (2022-2024) taught us to communicate with models. Craft better instructions, get better output. But prompts are suggestions. The model can ignore them. There's no enforcement, just hope.

Context engineering (2025) taught us to inform models. Andrej Karpathy championed this: what the model sees matters more than how you ask. Instead of hoping it remembers your coding standards, inject them into context. Real step forward, but the model can still ignore what you show it.

Harness engineering (2026) teaches us to constrain models. A custom linter doesn't ask the model to follow the architecture, it rejects code that violates it. A test suite doesn't hope for correct logic, it verifies it. As OpenAI's Codex team put it: "Not documented. Enforced."

Each evolution subsumed the previous one. A good harness includes good context engineering, which includes good prompting. But the harness adds what prompting and context never could: deterministic enforcement.

Rules and constraints

Every major AI coding tool now supports project-level rules: CLAUDE.md for Claude Code, .cursor/rules/ for Cursor, AGENTS.md for GitHub Copilot. These files inject instructions into the model's context. But the best teams treat them as the starting point, not the whole harness.

OpenAI's Codex team went far beyond config files. They implemented a strict layered architecture with a directional dependency chain:

Types -> Config -> Repo -> Service -> Runtime -> UI

Code could only depend "forward." A Service could import from Repo, but Repo could never import from Service. And these constraints weren't documented in a README the agent might not read. They were enforced mechanically:

  • Custom linters (themselves generated by agents) that flagged violations
  • Structural tests validating dependency directions at build time
  • CI jobs blocking PRs that violated layer boundaries
  • Error messages with remediation guidance baked in

The agents couldn't violate the architecture even if they wanted to. That's the philosophical core of harness engineering: models are probabilistic, rules are deterministic. Use deterministic constraints to bound the probabilistic output.

Verification: the missing piece

When OpenAI published their harness engineering article, Birgitta Böckeler, writing on Martin Fowler's site, offered a pointed response. She praised the framing but identified something missing: the write-up focused on internal code quality and maintainability but lacked "verification of functionality and behaviour."

The code was architecturally clean, well-documented, structurally sound. But did it actually work?

This is the gap that matters most. An agent can produce beautifully structured code that compiles, passes linting, follows the dependency chain, and is completely wrong about what it's supposed to do.

Anthropic's research on long-running agents tackled this directly. They discovered that Claude would mark features as "complete" without verifying they actually worked, unless the harness explicitly required browser-based end-to-end testing. Once they added browser automation tools, "the agent was able to identify and fix bugs that weren't obvious from the code alone."

The key finding: agents take the path of least resistance. If your harness only requires unit tests, that's what you get. If it requires end-to-end browser verification, the agent actually opens a browser and checks. The verification standard you set is the verification standard you get.

They also had to add "strongly-worded instructions" like "It is unacceptable to remove or edit tests" to prevent agents from weakening the test suite to make their code pass. Without this, agents would modify tests to match buggy implementations rather than fixing the implementation.

In practice, this means tools like Claude Code's hooks system matter a lot. Hooks fire at lifecycle points (before tool use, after tool use, on stop) and can run linters, test suites, security scans, even spawn sub-agents for verification, all automatically, before the agent moves on.

Lifecycle: working across sessions

Every AI coding tool has a context window limit. When a task exceeds it, information is lost. The harness is what survives these transitions.

Anthropic formalized this with a two-agent architecture. An initializer agent sets up the project: environment scripts, progress tracking files, a comprehensive feature list (200+ features, all initially marked "failing"). Then a coding agent runs in subsequent sessions, reading the progress file and git history to understand current state, picking up the next feature, implementing it, testing it, and updating the progress file before exiting.

The inspiration was the "shift handoff" model from engineering teams. Each new session arrives to organized, well-documented code rather than chaos.

Git serves double duty here: version control for the code and checkpoint/recovery for the agent. Agents commit when a step succeeds, not when a feature is complete. The harness uses git as an undo mechanism. Progress files, feature lists, and architecture docs create a layer of state that sits alongside the code but serves the agent. As LangChain puts it, the filesystem is "arguably the most foundational harness primitive" because it lets agents maintain state that outlasts a single session.

Harnesses are fractal

Here's the insight that ties everything together: harnesses compose. They stack.

Level 0: Claude (the raw model)

   Stateless. No tools. No memory. Pure text generation.



Level 1: Claude Code wraps Claude

   Adds agent loop, tool use, context management.



Level 2: CLAUDE.md + hooks + MCP servers wrap Claude Code

   Adds project rules, verification, external integrations.



Level 3: A platform wraps the configured agent

   Adds specs, lifecycle orchestration, multi-phase verification.



Level 4: CI/CD wraps the platform

   Adds deployment gates, integration tests, production monitoring.

Each level adds constraints and verification. A developer using Claude Code with no CLAUDE.md is operating at Level 1. A team with a complete harness stack is at Level 3 or 4. Both are "using Claude," but they're using fundamentally different systems.

The legacy codebase problem

Böckeler raised an important caveat: everything OpenAI described was greenfield. The constraints were there from day one. What about a ten-year-old codebase with no architectural rules, inconsistent testing, and patchy docs? She compared it to running a static analysis tool on a codebase that's never had one, and drowning in alerts.

This is real. But the approach is incremental: start with what you have (pre-commit hooks, existing linters, whatever CI checks already run). Pick one boundary that matters and enforce it. Use the agent to build the harness, the meta-move of generating linters and structural tests that will constrain the agent in future sessions. And accept that it's iterative. OpenAI spent five months building their harness.

Why this layer matters most

HumanLayer put it simply: "Agents aren't hard; the harness is hard." The model intelligence is a commodity. The harness is the differentiator. It's the difference between a demo that impresses and a system that ships.

If you're using an AI coding tool today and you haven't configured its rules file, set up verification hooks, or structured your project for agent-friendly navigation, you're operating at Level 1 in a world where Level 3 is available. The model isn't your bottleneck. The harness is.

This is Part 4 of "The Anatomy of Agentic Coding Systems." Part 3 covered the Agent Layer - the execution loop, tool use, and context management. Part 5 covers the Environment Layer - where AI code actually runs.

Sources

  1. Harness Engineering - OpenAI
  2. Unlocking the Codex Harness - OpenAI
  3. Effective Harnesses for Long-Running Agents - Anthropic
  4. Harness Design for Long-Running Application Development - Anthropic
  5. Harness Engineering - Birgitta Böckeler, Martin Fowler's site
  6. The Anatomy of an Agent Harness - LangChain
  7. Skill Issue: Harness Engineering for Coding Agents - HumanLayer
  8. The Third Evolution - Epsilla
  9. OpenAI's Agent-First Codebase Learnings - Alex Lavaee
  10. Hooks Reference - Claude Code
  11. Rules - Cursor
  12. Context Engineering - Simon Willison (on Karpathy)
Next The Environment Layer: Where AI Code Actually Runs