~/VibeHandbook
$39
Read the BookReferencePhilosophyGet the PDFFAQ

Chapter 07 · 12

Harness Engineering

Habits are something you have to remember to do. The next rung in setting up your workspace is to make those checks something the AI can't skip. That's a harness.

Think of a harness as a security checkpoint that sits between the and the real world. At every dangerous step it does one of three things: record what happened, warn you, or block the action outright. Before a command runs, before a file is written, when a is submitted, on , on push — there's a gate. The agent can't walk around it, the way you might forget to run the tests at 2am.

Every dangerous action the agent takes passes through the harness first, where each gate can record it, warn you, or block it before it ever reaches the real world:

   ┌─────────┐                                   ┌──────────┐
   │  AGENT  │                                   │   REAL   │
   │ action  │                                   │  WORLD   │
   └────┬────┘                                   └──────────┘
        │                                              ▲
        ▼                                              │
   ╔═══════════════ HARNESS (gate) ═══════════════╗    │
   ║                                              ║    │
   ║   ┌────────┐    ┌────────┐    ┌────────┐     ║    │
   ║   │ RECORD │    │  WARN  │    │ BLOCK  │     ║────┘
   ║   │  log   │    │ alert  │    │  stop  │     ║  allowed
   ║   └────────┘    └────────┘    └───┬────┘     ║
   ║                                   │          ║
   ╚═══════════════════════════════════╪══════════╝
                                       ▼
                                  ┌─────────┐
                                  │ DENIED  │
                                  └─────────┘

Why make it mandatory? The whole bet of vibe coding is "let the AI sprint, you steer." That only pays off if the AI can't drive off a cliff while you blink. A harness moves your safety from vigilance (reading every diff, remembering every rule) to code (rules enforced automatically). For anything you'd put in front of a real user, that's not optional polish — it's what makes the autonomy safe.

A good harness follows a few principles worth knowing:

  • Success quiet, failure loud — it says nothing when things are fine, so a warning still means something.
  • Never auto-fix — it proposes, blocks, or warns; it doesn't silently "correct" the agent and hide the problem.
  • Retire dormant rules before adding new ones — keep it lean and trusted, not a growing pile of stale checks.
  • Config-driven — one engine, per-project settings, so it drops into any repo.
  • Append-only logs — a tamper-evident record of what the agent actually did.

You don't have to build this from scratch. There are ready-made, drop-in harnesses — dancinlab/harness is one project-agnostic engine you can wire to a coding agent's tool lifecycle. Honestly: a harness doesn't make the AI correct. It makes the AI's mistakes cheap to catch — which, when you're moving fast, is most of the battle.

Want it offline?

Get the PDF + EPUB + downloadable prompt library + version updates.

$ Get the PDF — $39