Context
During the AI Security consulting sessions, A Head of Security at an Org raised harness engineering as a prerequisite to implementing security controls:
"Before implementing security controls, we should embrace harness engineering practices, educate engineers on how to properly harness agents."
This came up in Session. The content landed well. The book currently has no chapter on this topic. The closest are Chapter 17 (The agent loop) and Chapter 30 (Structured outputs), but neither covers the full harness engineering practice.
What the chapter should cover
Four core patterns, each with a concrete example:
- Scoped task prompts — explicit file scope, explicit output format, explicit prohibitions. Contrast open-ended vs scoped prompt for the same task.
- Structured output contracts — define the schema before writing the prompt. If the agent returns something that doesn't parse, the task failed. Never pass unvalidated agent output to downstream systems.
- Checkpoints — long tasks need explicit human decision points. Not slower: catches mistakes before they compound. An agent that writes 500 lines of wrong code costs more to fix than one stopped at line 50.
- Minimal context — agents perform better and are safer with less context. What to include, what to exclude (
.claudeignore, .cursorignore). The neighbor file problem.
Bridge to security: a well-harnessed agent is predictable. A predictable agent is auditable. An auditable agent is securable. Security controls (OpenFGA, agent-strace) work much better on top of well-harnessed agents.
Suggested placement
Chapter 20 — first chapter of Part VII (Team practices), before "AI fatigue & sustainable adoption."
Current Part VII:
- Chapter 20: AI fatigue & sustainable adoption
- Chapter 21: The conductor model
- Chapter 22: Agent maturity model
Proposed Part VII:
- Chapter 20: Harness engineering (new)
- Chapter 21: AI fatigue & sustainable adoption (renumbered)
- Chapter 22: The conductor model (renumbered)
- Chapter 23: Agent maturity model (renumbered)
- ...all subsequent chapters shift by +1
Why Chapter 20 / Part VII
Part VI (Ch 17-19) covers orchestration internals: the agent loop, multi-agent systems, memory. Part VII is where the book shifts from "how agents work" to "how teams work with agents." Harness engineering is the bridge: it is the set of practices an individual engineer applies before the team-level concerns (fatigue, maturity, adoption) kick in.
Placing it at the start of Part VII means a reader who finishes Part VI (understands how agents work) immediately gets the practical "how to use them well" chapter before moving into team and org-level topics.
Cross-references to add
- Chapter 4 (Context windows): minimal context pattern
- Chapter 17 (The agent loop): scoped task prompts, checkpoints
- Chapter 24 (Security checklist): bridge from harnessing to security controls
- Chapter 30 (Structured outputs): structured output contracts
Context
During the AI Security consulting sessions, A Head of Security at an Org raised harness engineering as a prerequisite to implementing security controls:
This came up in Session. The content landed well. The book currently has no chapter on this topic. The closest are Chapter 17 (The agent loop) and Chapter 30 (Structured outputs), but neither covers the full harness engineering practice.
What the chapter should cover
Four core patterns, each with a concrete example:
.claudeignore,.cursorignore). The neighbor file problem.Bridge to security: a well-harnessed agent is predictable. A predictable agent is auditable. An auditable agent is securable. Security controls (OpenFGA, agent-strace) work much better on top of well-harnessed agents.
Suggested placement
Chapter 20 — first chapter of Part VII (Team practices), before "AI fatigue & sustainable adoption."
Current Part VII:
Proposed Part VII:
Why Chapter 20 / Part VII
Part VI (Ch 17-19) covers orchestration internals: the agent loop, multi-agent systems, memory. Part VII is where the book shifts from "how agents work" to "how teams work with agents." Harness engineering is the bridge: it is the set of practices an individual engineer applies before the team-level concerns (fatigue, maturity, adoption) kick in.
Placing it at the start of Part VII means a reader who finishes Part VI (understands how agents work) immediately gets the practical "how to use them well" chapter before moving into team and org-level topics.
Cross-references to add