Tech Radar

Treat the context window as a scarce, deliberately designed surface rather than a place to dump everything you have. Curating the smallest set of high-signal tokens — and aggressively pruning the rest — keeps agents accurate and fights the 'context rot' that degrades long sessions. It is fast becoming the core craft of building reliable LLM systems.

Sources: Anthropic EngineeringX discussionYouTube talks

Build evaluation harnesses first and let them gate prompt, model, and agent changes the way unit tests gate code. Without measurable evals teams ship on vibes and regress silently as models or prompts shift underneath them. Treat datasets and scorers as production artifacts that grow with every incident.

Sources: Hamel HusainOpenAI EvalsReddit discussions

Constrain generations to a schema — JSON Schema, tool calls, or grammars — so model output becomes reliably parseable and composable. This removes brittle string-parsing glue and lets you wire models into deterministic pipelines. It is now a first-class feature in the major model APIs.

Sources: OpenAIJSON SchemaReddit discussions

Package reusable instructions and tools as composable 'skills', and check a repo-level AGENTS.md into source control so every agent shares the same conventions. This cuts prompt sprawl and keeps human and machine collaborators aligned on how the codebase works. The format is gaining adoption across competing agent tools.

Sources: AGENTS.mdX discussionGitHub examples

Splitting work across specialised agents under an orchestrator can parallelise research and large multi-step tasks. But coordination overhead, token cost, and the difficulty of evaluating emergent behaviour keep it experimental for most teams. Start with narrow, well-bounded fan-out patterns before trusting it broadly.

Sources: Anthropic EngineeringMicrosoft AutoGenYouTube discussions

Generating code by prompting and shipping it without reading, reviewing, or testing it accrues quiet, compounding risk. It is genuinely useful for prototypes and throwaways, but unreviewed AI output in production invites security holes and unmaintainable drift. Keep a human in the loop and tests in the path before code reaches users.

Sources: Simon WillisonReddit discussionsX discussion

Backstage-style portals and golden paths give engineers — and increasingly agents — a paved road to ship safely. A good IDP encodes standards as self-service rather than tickets, reducing cognitive load and review friction. It is now the default control plane for delivery at scale.

Sources: BackstageCNCF PlatformsBackstage GitHub

Deployment frequency, lead time, change-fail rate, and recovery time give an evidence-based read on delivery health. They are now table stakes for steering teams rather than a maturity badge to chase. Pair them with qualitative signals so they inform rather than get gamed.

Sources: DORAGoogle CloudReddit discussions

A mature, community-governed fork of Terraform under the Linux Foundation, with a drop-in compatible CLI. Following Terraform's license change many organisations are migrating in staged, low-risk rollouts. State and provider compatibility keep the switching cost low.

Sources: OpenTofuGitHub repoReddit discussions

Model infrastructure as Kubernetes APIs so humans and agents provision through the same declarative contracts. Composition lets platform teams publish opinionated, self-service abstractions over raw cloud primitives. It shines where you want a single API surface spanning multiple clouds.

Sources: CrossplaneGitHub repoYouTube talks

Give autonomous agents first-class identities with their own RBAC, quotas, audit trails, and spend budgets instead of borrowing a human's credentials. This contains blast radius and makes their actions attributable after the fact. Tooling for this persona is still nascent and worth tracking.

Sources: Thoughtworks RadarOpenAI AgentsX discussion

WebAssembly with WASI offers fast cold starts and strong sandboxing for edge functions and plugin runtimes. The component model is maturing, but the surrounding ecosystem — libraries, debugging, host APIs — is still filling in. Promising for portable, multi-tenant compute once the rough edges settle.

Sources: WASIBytecode AllianceGitHub WASI

OpenTelemetry's GenAI semantic conventions standardise traces for prompts, tool calls, tokens, and latency. Emitting them puts cost, performance, and security signals for agents in the same pane of glass as the rest of your stack. Vendor-neutral instrumentation avoids lock-in to a single observability product.

Sources: OpenTelemetryOTel GitHubReddit discussions

MCP is converging into the de-facto standard for connecting models to tools and data over a common interface. It decouples capability providers from clients much as the Language Server Protocol did for editors. Govern which servers you actually trust before wiring them into agents.

Sources: MCPMCP GitHubX discussion

An emerging product category bundling the harness, evals, orchestration, and observability needed to run coding agents in production. The space is crowded and definitions are still fluid, so capabilities vary widely between vendors. Watch closely and pilot before committing a workflow to one.

Sources: Thoughtworks RadarLangGraphReddit discussions

Use OCI registries to distribute not just containers but models, configs, and SBOMs, verified with identity-based (keyless) signatures. Tools like ORAS and Sigstore remove the burden of managing long-lived signing keys. Standardising on one artifact plane simplifies supply-chain controls.

Sources: ORASSigstoreORAS GitHub

A third-party MCP server can read data and invoke tools, so an unreviewed one is an untrusted dependency with broad reach. Prompt-injection and over-broad scopes make them a real supply-chain risk to agents. Review the code, pin versions, and constrain permissions before connecting one.

Sources: MCP SpecPrompt injectionOWASP GenAI

Generate build provenance to SLSA levels and sign artifacts with Sigstore's keyless flow tied to workload identity. Together they let consumers verify what was built, from what source, by which pipeline. This is now baseline supply-chain hygiene rather than an advanced practice.

Sources: SLSASigstoreSLSA GitHub

Replace long-lived secrets with OIDC federation and SPIFFE/SPIRE-issued short-lived credentials for services and CI. Tokens that expire in minutes shrink the window for credential theft and remove most secret-rotation toil. It is the modern default for machine-to-machine authentication.

Sources: SPIFFEGitHub OIDCSPIRE GitHub

Bake policy, traceability, model cards, and approvals into the delivery flow instead of bolting on a review committee afterwards. Frameworks like the NIST AI RMF and ISO/IEC 42001 give structure for operationalising it. Governance-as-code scales with usage where manual gates do not.

Sources: NIST AI RMFISO/IEC 42001OECD AI policy

Screen each proposed tool call against user intent and policy before it executes to blunt prompt injection and unintended actions. The OWASP work on LLM and agentic risks catalogues the failure modes worth defending against. Defence-in-depth beats trusting the model to behave on its own.

Sources: OWASP GenAINIST GenAI profileReddit discussions

Express security and compliance rules as code with OPA or Kyverno and enforce them at admission and deploy time. Policies become reviewable, testable, and versioned like any other artifact in the repo. This keeps guardrails consistent across teams instead of living in wiki pages.

Sources: Open Policy AgentKyvernoOPA GitHub

Long-lived, broadly scoped admin keys are a prime target and a frequent root cause in cloud breaches. Prefer just-in-time elevation with short-lived, narrowly scoped access and a full audit trail. Treat standing privilege as technical debt to actively pay down.

Sources: AWS IAM best practicesGoogle Cloud IAMAzure PIM