Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Harness (Agentic)

Pattern

A reusable solution you can apply to your work.

Understand This First

  • Model – the harness wraps a model.
  • Tool – the harness manages tool access.

Context

At the agentic level, a harness is the software layer that wraps a model and turns it into a usable agent. The model provides intelligence; the harness provides the loop, the tools, the context engineering, the approval policies, and the interface. Without a harness, a model is a function that takes text and returns text. With a harness, it’s an agent that can read files, run commands, and iterate toward outcomes.

Examples of agentic harnesses include Claude Code, Cursor, Windsurf, Aider, and custom applications built with agent SDKs. Each harness makes different choices about tool exposure, autonomy levels, and user interface, but they all serve the same purpose: making the model practically useful for real work.

Problem

How do you bridge the gap between a model’s raw capability and the practical requirements of getting work done?

A model alone can’t read your codebase, run your tests, or modify your files. It can’t remember what it did in the last session or enforce your project’s conventions automatically. It doesn’t know when to ask for permission and when to act. All of these capabilities must be provided by something outside the model.

Forces

  • Models are stateless. They need external systems to persist state, manage conversations, and carry context.
  • Tool access must be carefully managed. Too few tools and the agent is helpless; too many and it becomes confused or dangerous.
  • Safety boundaries must be enforced externally. The model doesn’t inherently know what it should and shouldn’t do.
  • User experience matters. The interface determines whether using an agent feels productive or frustrating.

Solution

A harness provides several capabilities:

The agent loop. The harness orchestrates the cycle of prompt, response, tool call, observation, and next step. It manages the back-and-forth between the model and the tools until the task is complete or the agent needs human input.

Tool management. The harness decides which tools the agent can access and how they’re invoked. It might expose file reading, file writing, shell commands, web search, and MCP servers, each with its own permissions and constraints.

Context assembly. The harness loads instruction files, includes memory entries, manages conversation history, and handles compaction when the context window fills. Good harnesses do this transparently so you can focus on the task rather than on context management.

Approval and safety. The harness enforces approval policies: which actions the agent can take autonomously and which require human confirmation. This is the primary safety mechanism in agentic workflows.

User interface. Whether it’s a terminal, an IDE integration, or a web interface, the harness presents the agent’s work in a way that supports human review and direction.

Tip

Choose a harness that matches your workflow. If you work in a terminal, a CLI-based harness keeps you in your environment. If you work in an IDE, an integrated harness reduces context switching. The best harness is the one you actually use consistently.

How It Plays Out

A developer uses a CLI-based harness to work on a Python project. The harness reads the project’s CLAUDE.md file on startup, loading coding conventions and architectural decisions into the context. When the developer asks for a new feature, the harness lets the agent read relevant files, write new code, and run the test suite, pausing for approval before any destructive operation. The developer works at a higher level of abstraction, directing rather than typing.

A team builds a custom harness using an agent SDK. Their harness integrates with their CI/CD pipeline: when a pull request is opened, the harness spins up an agent that reads the diff, runs the tests, checks for convention violations, and posts a review. The model provides the intelligence; the harness provides the integration with their specific tools and workflows.

Example Prompt

“I’m starting a new Python project. Set up your harness to load the project’s CLAUDE.md, use pytest for testing, and pause for approval before any destructive shell command.”

Consequences

A good harness makes agentic coding feel natural and productive. It handles the mechanics of tool invocation, context management, and approval flow so that the human can focus on direction and review.

The cost is dependency on the harness. Different harnesses make different tradeoffs about autonomy, tool exposure, and context management. Switching harnesses may require adjusting your workflow. The harness itself is software that can have bugs, limitations, and opinions that affect your work. Understanding what your harness does behind the scenes (especially around context management and approval policies) helps you work with it more effectively.

  • Depends on: Model — the harness wraps a model.
  • Depends on: Tool — the harness manages tool access.
  • Enables: Agent — the harness is what makes an agent possible.
  • Uses: Approval Policy — the harness enforces approval rules.
  • Uses: Context Engineering — the harness performs much of the context assembly.
  • Uses: Instruction File — the harness loads instruction files automatically.