惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Recorded Future
Recorded Future
C
Cyber Attacks, Cyber Crime and Cyber Security
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Scott Helme
Scott Helme
Cyberwarzone
Cyberwarzone
C
CERT Recently Published Vulnerability Notes
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
P
Palo Alto Networks Blog
Google Online Security Blog
Google Online Security Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
WordPress大学
WordPress大学
博客园 - 聂微东
L
LINUX DO - 最新话题
月光博客
月光博客
小众软件
小众软件
T
Troy Hunt's Blog
A
Arctic Wolf
量子位
I
Intezer
大猫的无限游戏
大猫的无限游戏
T
Tailwind CSS Blog
S
Schneier on Security
Schneier on Security
Schneier on Security
NISL@THU
NISL@THU
T
Threat Research - Cisco Blogs
TaoSecurity Blog
TaoSecurity Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
博客园_首页
有赞技术团队
有赞技术团队
N
News and Events Feed by Topic
美团技术团队
The Cloudflare Blog
P
Privacy International News Feed
S
Security Affairs
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
G
GRAHAM CLULEY
N
News | PayPal Newsroom
Apple Machine Learning Research
Apple Machine Learning Research
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
L
LINUX DO - 热门话题
V
Vulnerabilities – Threatpost
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
C
CXSECURITY Database RSS Feed - CXSecurity.com
宝玉的分享
宝玉的分享
Application and Cybersecurity Blog
Application and Cybersecurity Blog
IT之家
IT之家
Hacker News: Ask HN
Hacker News: Ask HN
雷峰网
雷峰网

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
Your LLM Is Not an Agent. Your Framework Is Not Enough. You Need a Harness.
Seenivasa Ra · 2026-05-25 · via DEV Community

Introduction

Every team building with AI agents hits the same wall. The demo works beautifully. The agent answers questions, calls tools, produces results. Then you ship it and the cracks appear it loses track of what it was doing, burns through API calls in circles, ignores boundaries it should respect, forgets context from five minutes ago. Users lose trust. Engineers lose sleep.

This is not a model problem. The LLM is capable. It's an infrastructure problem. The agent has a brain but no operating environment no structured loop to run in, no memory to draw on, no rules to constrain it, no way to resume where it left off. You gave it intelligence without giving it a way to apply that intelligence reliably.

That operating environment is called a Harness. And it's what separates a demo agent from one you'd actually trust in production.

What breaks without a harness

🔁 Infinite loops or premature stops. The agent has no governing loop it either runs forever or halts before the task is done.

🧠 Context amnesia. Long tasks overflow the context window. The agent loses the thread and starts hallucinating or repeating itself.

💾 No memory between sessions. Every conversation starts from zero. Multi-step, multi-day workflows are impossible.

🔧 Tool failures cascade. One flaky API brings the whole agent down because there's no error handling layer.

🚨 No guardrails. The agent touches system it should not.

You're Already Using the Pieces. A Harness Is How You Make Them Work Together.

If you've been building AI agents for a while, you know the drill. You pick a framework CrewAI, LangGraph, Strands, Microsoft Agent Framework and you start wiring things up. You add memory so the agent remembers things. You register tools so it can take actions. You configure guardrails so it doesn't go off the rails. You set up a loop so it keeps working until the task is done.

And it works. Mostly. In development, in demos, in controlled tests.

Then you put it in front of real users, with real tasks, over real time and you start seeing the cracks. The agent forgets things it shouldn't. It handles a task perfectly on Monday and fumbles the same task on Thursday. Two similar agents behave inconsistently. A tool fails and the whole run degrades silently. You added all the right pieces but somehow the whole is less than the sum of its parts.

This is the problem a harness solves. And here's the key thing to understand.

The core idea

A harness doesn't replace your framework. You're not choosing between them. Your framework gives you the ingredients memory, tools, loops, guardrails. The harness is the recipe the deliberate architectural decisions about how those ingredients are assembled, coordinated, and governed so your agent behaves consistently every single time.

Think of it like building a house. The framework is lumber, concrete, wiring, plumbing everything you need. T*he harness is the blueprint* and the construction process which material goes where, in what order, connected how, inspected by whom. Without a blueprint, you might still end up with a structure. But it probably won't hold up when the weather turns.

The PM & Developer Analogy

Here's a mental model that makes this concrete. In a software team, a Product Manager writes a story. It has context, a clear task, acceptance criteria, and scope boundaries. A Developer picks it up and delivers it. But the developer doesn't just start typing they follow a process. They use version control, a build system, coding standards, and a defined way to ask for help or escalate a blocker. That process is what makes delivery reliable, not just the developer's raw talent.

Now replace the developer with an AI Agent. The PM's story is the task prompt. The agent is the developer. The harness is the process the structured operating environment that governs how the agent reads the story, uses its tools, manages its memory, escalates when stuck, and knows when it's truly done.

The framework puts the tools in the developer's hands. The harness defines how the developer uses them consistently, safely, and with the right behavior for each situation.

Framework vs. Harness: Ingredient vs. Recipe

Here's where most explanations go wrong they imply frameworks are incomplete or that you shouldn't use them. That's backwards. Frameworks are excellent. They just operate at a different layer than a harness.

You can have every framework primitive in place and still have an unreliable agent because nobody made the architectural decisions about how they work together. That's the gap the harness fills.

The Decisions a Harness Makes

Every harness whether you've named it that or not is making below architectural decisions. Here's what each one actually means, and why it's a decision rather than just a feature you turn on.

The Thinking Loop Not just running, but knowing when to stop

Every framework gives you a loop. The harness decides the rules of that loop what counts as "done," how many iterations are too many, how to detect when the agent is stuck in circles, and when to break out and surface an error. Without these rules, your loop either exits too early or runs until your API bill catches fire.

Framework gives you: the loop mechanism. Harness decides: the exit conditions, the stuck-detection logic, the iteration limits.

The Working Memory Not just storing, but knowing what to keep

Context management

A context window is finite. As a task runs across many turns, old information competes with new information for that space. The harness makes the call: what gets summarized, what gets evicted, what always stays, and in what priority order. Without this policy, long tasks gradually degrade as the agent's window fills with stale or low-priority content.

Framework gives you: the context window. Harness decides: what lives in it at each point in the task lifecycle.

The Toolbox Not just available, but governed

Skills & Tools

Registering a tool in your framework makes it available. The harness decides which tools this specific agent, running this specific task, is actually allowed to use and what happens when a tool fails. Retry? Fall back to a different tool? Surface an error? Carry on? Each of these is a deliberate decision, and making them ad hoc leads to inconsistent behavior.

Framework gives you: tool registration. Harness decides: tool authorization, retry logic, fallback strategy, failure handling.

The Team Not just spawning, but coordinating

Sub-agents

Multi-agent frameworks let you spawn sub-agents. The harness defines how work gets divided, which sub-agent gets what, how their outputs are validated, and how the results are stitched back together. Without this, you end up with agents doing overlapping work, producing conflicting results, or silently dropping pieces of the task.

Framework gives you: sub-agent communication primitives. Harness decides: delegation strategy, output validation, result merging logic.

The Standard Library Capabilities every agent gets for free

Built-in skills
Some capabilities file reads, HTTP calls, date parsing, writing to memory are so universal that every agent needs them, and no agent should be writing boilerplate to get them. The harness bakes these in as defaults. Every agent inherits them, they behave consistently, and they're tested once rather than reimplemented per agent.

Framework gives you: the ability to add tools. Harness decides: which tools are universal defaults across every agent you build.

The Long-Term Memory Not just remembering, but knowing what's worth remembering

Session persistence
Frameworks give you a persistent store. The harness defines the policy around it what gets written to long-term memory, when, in what format, and how it gets retrieved and surfaced in future sessions. A poorly designed persistence policy is almost worse than none: your agent retrieves irrelevant old context and lets it pollute fresh tasks.

Framework gives you: the storage layer. Harness decides: write policy, retrieval strategy, relevance scoring, session restoration logic.

The Briefing Assembling the right instructions at the right moment

System prompt assembly

Most developers write a system prompt once and leave it static. But a static prompt is a blunt instrument. The harness assembles it dynamically at runtime composing the base instructions, the current task, the available tools, the relevant memory, and any user or role-specific context into one coherent briefing. Same agent, different context, different briefing. This alone is one of the biggest levers on agent quality.

Framework gives you: a system prompt field. Harness decides: what goes in it, dynamically, based on task and state.

The Audit Trail Every action, logged and explainable

Lifecycle hooks

Lifecycle hooks exist in most frameworks as extension points. The harness is the thing that actually wires them up into a coherent observability strategy logging every tool call, tracking cost per run, catching errors before they cascade, and giving you an answer to "what exactly did this agent do and why" for any given task. Without this wiring, you're flying blind.

Framework gives you: hook attachment points. Harness decides: what gets logged, measured, alerted on, and how errors propagate.

The Guardrails Not just checking, but enforcing consistently

Permissions & Safety
Frameworks give you input and output guardrail hooks. The harness defines the actual safety policy: which actions require human approval, what the agent is never allowed to do regardless of instructions, how prompt injection attempts are handled, and what happens when a guardrail fires. Guardrail hooks without a coherent policy are checkboxes without consequences.

Framework gives you: the validation hooks. Harness decides: the safety rules, authorization boundaries, and human-in-the-loop triggers.

You're not choosing between a framework and a harness. You need both. The framework is your team's toolkit. The harness is how your team actually works the process, the standards, the rules of the road that make the toolkit produce consistent results.

The bottom line

Every team building production AI agents is making harness decisions whether they call it that or not. Some make them deliberately, document them, and enforce them consistently. Others make them ad hoc, per agent, per developer and wonder why their agents behave differently across tasks, sessions, and users. The harness is just the name for doing it deliberately.

Thanks
Sreeni Ramadorai