May 2026 · Note 12
Pattern
Pattern: Machine-verifiable completion contract
Define completion as a gate contract with fail-closed semantics so a task can only be
marked complete when implementation, validation, runtime checks, and evidence are all
green at the same time.
Use when: handoff trust is degrading because narrative status updates drift from observable runtime truth.
Avoid when: work is still exploratory and no stable gate vocabulary exists yet.
Pattern: shared completion gates, explicit evidence links per gate, and no complete state when any gate is red or unknown.
Read the full essay
May 2026 · Observation
Observation
Observation: policy-gated review routing creates stuck safety lanes
Teams sometimes apply execution policy checks to transitions that only route work into
human review. This can block escalation itself and produce ambiguous queue states during
exactly the moments where safety routing should remain deterministic.
Signal: items fail to reach review even when the intended safety action is to pause execution and request human confirmation.
See related essay
May 2026 · Learning
Learning
Learning: contract-tested envelopes reduce integration drift
API consistency governed by convention alone drifts over time. Shared schema checks for
status, payload, and error envelopes reduce interpretation overhead and improve routing
reliability across autonomous and human-operated flows.
Learning: contract-tested envelope grammar is cheaper than post-incident harmonization across multiple integration surfaces.
See related essay
May 2026 · Note 11
Pattern
Pattern: Ambiguity gate before irreversible actions
Add an ambiguity gate before irreversible actions so the system must either improve
context confidence, escalate, or refuse execution when uncertainty remains above
the action-tier threshold.
Use when: agents can trigger state changes that are expensive, hard to reverse, or externally visible.
Avoid when: all actions are fully reversible and isolated from sensitive systems.
Pattern: confidence threshold per action tier, mandatory escalation path, and fail-closed refusal for unresolved ambiguity.
Read the full essay
May 2026 · Note 10
Pattern
Pattern: Boundary-first action trust contract
Define trust as an action contract, not a role attribute: each action tier declares the
required context fields, policy checks, evidence outputs, and escalation owner before
execution is allowed.
Use when: teams are moving from broad role permissions toward safer autonomous decisions.
Avoid when: action classes and ownership are still undefined and cannot support enforceable contracts.
Pattern: action-tier trust contract with preconditions, tool boundary rules, and refusal semantics when evidence is missing.
Read the full essay
May 2026 · Observation
Observation
Observation: soft-pass governance hides hard-fail risk
Teams often add policy prompts and review language faster than they add hard runtime
refusal paths. The result is governance that appears stronger in documents while
operational risk still accumulates in production.
Signal: policy coverage metrics rise while exception handling and escalation evidence remain incomplete for high-impact actions.
See related essay
May 2026 · Learning
Learning
Learning: fail-closed boundaries reduce total operating drag
Teams often assume tighter action gates slow delivery. In practice, fail-closed boundaries
reduce churn by preventing low-confidence automation from creating expensive downstream
cleanup, incident analysis, and policy exceptions.
Learning: concentrate friction at high-impact boundaries and keep low-risk paths fast; this improves both security posture and throughput over time.
See related essay
April 2026 · Note 09
Pattern
Pattern: Cheap-first routing envelope
Route every AI task through a cheap-first decision envelope so the default path uses the
lowest-cost capable model, with explicit escalation to more expensive models only when
quality, risk, or security requirements justify it.
Use when: multiple model tiers exist and token cost is rising faster than confidence in business value.
Avoid when: workload classes, quality thresholds, and ownership metadata are still too vague to support responsible routing.
Pattern: cheap-first route, explicit escalation triggers, caching reuse, and security-aware boundary checks before higher-cost execution.
Read the full essay
April 2026 · Observation
Observation
Observation: showback stabilizes dashboards, not spend
Teams often gain better visibility into AI usage before they gain any real control over it.
Costs become easier to explain, but runtime behavior stays unchanged until routing,
caching, and escalation rules are actually applied.
Signal: reporting maturity improves while runtime cost shape remains volatile.
See related essay
April 2026 · Note 08
Pattern
Pattern: Security control profile by action tier
Define security control profiles by action tier so low-risk actions can run fast while
high-impact actions require stronger policy checks, explicit traceability, and escalation paths.
Use when: agentic systems are moving from pilot to production and action impact varies by domain, customer, or data sensitivity.
Avoid when: action classes and ownership boundaries are still undefined and teams cannot yet agree on minimum security controls.
Pattern: tiered control profiles with explicit policy gates, audit evidence requirements, and escalation triggers per action class.
Read the full essay
April 2026 · Observation
Observation
Observation: policy-only security without runtime evidence creates false confidence
Teams often publish stronger security policy language as autonomy expands, but execution evidence
trails stay incomplete. The gap creates a misleading sense of control: policy appears mature while
runtime enforceability and traceability remain partial.
Signal: compliance confidence rises in review documents while incident reconstruction still depends on manual interpretation.
See related essay
April 2026 · Note 07
Pattern
Pattern: Agent trace sink
Emit a structured trace event per agent decision cycle — capturing context envelope snapshot,
tool calls made, policy evaluation result, confidence signal, and escalation disposition —
into a dedicated trace sink that governance and operations teams can inspect.
Use when: multiple agents are making decisions in production and you need audit trails, behavioral baselines, and debugging capability.
Avoid when: only a single experimental agent is running in a sandboxed setting with no governance requirements.
Pattern: canonical trace record per decision cycle with shared trace identifier flowing across all agent tiers.
Read the full essay
April 2026 · Observation
Observation
Observation: Agentic failures are soft — no exceptions, just wrong outcomes
Unlike deterministic systems that fail loudly with errors and stack traces, agentic systems
fail quietly. A wrong decision delivered with confidence produces no observable signal until
an outcome surfaces that shouldn't have happened.
Signal: production incidents increase but error rates stay flat — the failure is in the reasoning, not the infrastructure.
See related essay
April 2026 · Learning
Learning
Learning: observability designed in is cheaper than observability retrofitted
In every agentic pilot that reached production without structured trace output, the cost of
adding reliable observability later was significantly higher than designing it in from the first
prototype. The trace identifier has to be a first-class concern, not an afterthought.
Learning: treat the agent trace sink as a stated architecture dependency from prototype, not a production-readiness gate.
See related essay
March 2026 · Note 06
Pattern
Pattern: Decision context envelope
Build a shared context envelope so agents, workflows, and human reviewers operate on
the same bounded decision context before action is taken.
Use when: multiple teams are introducing autonomous flows and outcomes must stay consistent.
Avoid when: the process is still fully deterministic and can be modeled as simple workflow automation.
Pattern: context envelope with shared contracts, policy gateway, and escalation evidence.
Read the full essay
February 2026 · Observation
Observation
Observation: MCP server sprawl creates hidden context debt
Teams can move fast with ad hoc MCP endpoints, but context quality drifts quickly when
contracts are not shared and versioned. The velocity gain is real, the coordination debt is also real.
Signal: integration speed rises while decision reliability falls.
See related essay
March 2026 · Note 05
Pattern
Pattern: Runtime governance control plane
Turn governance from documentation into executable runtime behavior by introducing a
control plane that routes decisions and applies policy profiles by domain.
Use when: agent behavior differs by domain risk and needs enforceable runtime boundaries.
Avoid when: teams cannot yet agree on common policy primitives or ownership boundaries.
Pattern: central control plane with policy profiles, tool boundaries, and escalation hooks.
Read the full essay
February 2026 · Learning
Learning
Learning: escalation ownership fails silently before policy fails loudly
In every failed pilot reviewed, escalation ownership was ambiguous long before policy wording became the issue.
Clarity of ownership should be treated as a first-class architecture artifact.
Learning: assign escalation ownership before expanding agent autonomy.
See related essay
February 2026 · Note 01
Pattern
Pattern: Context contracts for MCP servers
Define explicit context contracts for MCP server interactions so agent behavior remains
predictable across teams and tools.
Use when: AI pilots are increasing but delivery is blocked by ownership and handoff confusion.
Avoid when: core domain boundaries are still unstable and team topology is actively changing.
Pattern: contract-first MCP layer with bounded context fields and ownership rules.
Read the full essay
March 2026 · Note 02
Pattern
Pattern: Policy gateway for agent tool calls
Place a policy gateway between agents and tools so permissions, risk levels, and logging
requirements are enforced consistently at runtime.
Use when: different teams are creating agents with inconsistent behavior and unclear risk posture.
Avoid when: there is no agreed enterprise policy vocabulary for decisions, data, and escalation.
Pattern: policy gateway that governs tool use, confidence thresholds, and human handoff rules.
Read the full essay
March 2026 · Observation
Observation
Observation: control-plane adoption works best when it starts with one risky workflow
Enterprise teams adopt governance patterns faster when one high-risk workflow is stabilized first,
then reused as the reference implementation across domains.
Signal: policy adoption increases after one inspectable success case exists.
See related essay
February 2026 · Note 03
Pattern
Pattern: Signal-first incubation loop
Keep incubation loops intentionally small and inspectable until the signal is repeatable.
Scale only after a clear user-value pattern is visible.
Use when: a new product idea has momentum but uncertain repeatability.
Avoid when: regulated delivery already requires production-grade controls and broad platform integration.
Pattern: compressed loop with one user signal, one problem slice, and one measurable learning cycle.
Read the full essay
February 2026 · Note 04
Pattern
Pattern: Change-absorption architecture baseline
Define and maintain a baseline architecture profile that can absorb new AI capabilities
without multiplying complexity or hidden dependencies.
Use when: new AI tooling is arriving faster than teams can integrate it safely.
Avoid when: architecture cleanup is treated as a side project without product and platform sponsorship.
Pattern: durability baseline with explicit boundaries, governed interfaces, and change-absorption checks.
Read the full essay