
TL;DR
A long-running coding agent is only useful if the environment around it can queue tasks, capture logs, checkpoint state, verify behavior, limit cost, and recover from failure.
The dream version of long-running agents is simple: describe the task, close the laptop, wake up to a clean pull request.
The real version is messier. The agent gets stuck on a missing environment variable. A test hangs. A package install fails. The browser never opens. The database seed is stale. The model retries the same command for 40 minutes. The final diff technically works but nobody wants to review it.
That is not only a model problem. It is a harness problem.
Last updated: June 24, 2026
Long-running agents need infrastructure around them: task queues, scoped workspaces, permissions, logs, checkpoints, cost limits, verification gates, and final receipts. Without that harness, a long run is just a chat session with more ways to fail.
For the reliability math, read the agent reliability cliff. For the review layer, pair this with agent swarms need receipts and parallel coding agents need merge discipline.
An agent harness is the system that wraps the model, workspace, tools, and review flow.
It answers operational questions:
This is why tools like Temporal, Inngest, LangGraph, Claude Code, Codex, and custom internal runners keep converging on the same primitives: durable execution, resumable state, observable traces, scoped tools, and reviewable outputs.
The model makes decisions. The harness makes those decisions inspectable, bounded, and recoverable.
For coding work, the minimum useful harness has eight parts.

1. A task contract. The task should include the goal, constraints, acceptance criteria, file boundaries, and verification commands. Vague tasks produce vague diffs.
2. A scoped workspace. The agent should work in a repo, branch, sandbox, or git worktree with clear boundaries.
3. Tool policy. The harness should define safe reads, safe writes, risky commands, denied commands, network access, and approval gates.
4. Persistent logs. Every command, tool call, browser action, test result, and final decision should be saved. If the run fails, you need the transcript.
5. Checkpoints. Long tasks should save state after meaningful milestones: plan accepted, implementation done, tests passing, review complete.
6. Verification gates. The harness should run the actual checks that prove the task is done: tests, lint, typecheck, browser smoke, API probe, screenshot, or deploy health route.
7. Cost and time budgets. The harness should stop work when retries, tokens, tool calls, or elapsed time exceed the budget.
8. A final receipt. The output should say what changed, what passed, what failed, what remains risky, and where to inspect the diff.
Anything less can still be useful for a demo. It is not enough for unattended work.
Newsletter
Get the weekly deep dive
Tutorials on Claude Code, AI agents, and dev tools, delivered free every week.
From the archive
May 2, 2026 • 8 min read
May 2, 2026 • 8 min read
May 2, 2026 • 8 min read
May 2, 2026 • 8 min read
Long-running agents fail because small probabilities compound.
If a workflow has 10 meaningful steps and each step has a 90 percent success rate, the whole run is not 90 percent reliable. It is about 35 percent reliable before retries and checkpoints. That is why a model that feels strong in a five-minute demo can look unreliable in an overnight run.
Checkpointing changes the shape. Instead of one 10-step chain, you get a series of smaller chains with durable handoffs. If step seven fails, the harness resumes from step six instead of asking the model to recreate the entire run from memory.
LangGraph's persistence docs are useful here because they make state explicit. Temporal and Inngest solve a related problem from the workflow-runtime side: durable execution, retries, and resumability are not optional once work spans minutes, hours, or external systems.
This is also why agent context reduction matters. Do not keep the entire run alive only inside a model context window. Store plans, artifacts, logs, and intermediate decisions outside the model.
Agents are very good at declaring victory.
That is why the harness should decide what done means. If the task says "fix the checkout bug," the final answer is not enough. The harness should require the checkout test, the API route probe, or a browser flow through the checkout UI.
For frontend work, that might mean:
pnpm typecheck
pnpm test checkout
open browser
complete checkout flow
capture screenshot
check console errors
For backend work:
run focused unit tests
run migration dry-run
hit health endpoint
inspect logs
verify no unexpected schema drift
The exact checks vary. The principle does not: long-running agents need external proof.
This is the core pattern behind agent eval receipts, debugging AI agent workflows, and terminal agents as portable runtime surfaces. The harness should produce evidence that survives the conversation.
Long-running agents often fail economically before they fail technically.
A stuck loop can burn tokens for an hour. A cloud sandbox can stay alive while making no progress. A browser session can capture screenshots and logs until the run becomes too expensive to justify.
The harness should track:
Then it should stop the run when the budget is exhausted or progress stalls.
This is not just FinOps. It is product reliability. A system that can silently spend unlimited time and money is not autonomous. It is uncontrolled.
For coding tools specifically, connect this to Claude Code token burn observability, Codex CLI resource budgets, and AI coding tools pricing. The cheapest fix is often a stop condition.
Tool access should change by phase.
Planning can be read-only. Implementation may write files inside a branch or worktree. Verification can run tests and browser checks. Deployment should require explicit approval. Production data should be locked behind stricter rules than local fixtures.
Claude Code's settings, hooks, and security docs are useful because they treat tool access as a first-class workflow concern. That does not make every run safe by default. It gives teams levers: allowlists, prompts, hooks, auditability, and repo-local policy.
For the broader security layer, read permissions, logs, and rollback for AI coding agents, agent identity as a security layer, and prompt injection in open-source repos.
The harness should not remove the human. It should move the human to the right point.

Humans should review:
Humans should not babysit:
That is the division of labor that makes agents useful. The agent does the mechanical exploration and execution. The harness preserves receipts. The human reviews the decision points that matter.
Long-running agents do not become reliable because the model got smarter. They become reliable because the system around the model got more disciplined.
The harness is the product. It turns an impressive demo into a repeatable workflow.
If your agent cannot show the task contract, logs, checkpoints, verification, cost, permissions, and final receipt, it is not ready to run while you sleep.
An agent harness is the runtime around an AI agent: task intake, workspace setup, tool permissions, logs, checkpoints, verification, cost limits, and final review receipts. It makes long-running agent work bounded and inspectable.
They fail because small issues compound across many steps: missing environment variables, flaky tests, unclear task scope, repeated commands, stale context, unbounded tool access, and weak verification. Better models help, but durable state and checkpoints are what make long runs recoverable.
A minimum harness should include a task contract, scoped workspace, tool policy, persistent logs, checkpoints, verification gates, cost/time budgets, and a final receipt. For coding work, it should also preserve the diff and exact commands used to verify it.
No. Simple local coding loops can use scripts, files, git worktrees, and CI checks. Temporal and Inngest become useful when agent work needs durable execution, retries, queues, schedules, or production-grade orchestration.
Set explicit budgets for elapsed time, retries, repeated command patterns, tool calls, and model tokens. Stop or escalate when the run stalls. A stuck loop should produce a receipt and hand back control instead of continuing quietly.
Not without human approval and strong gates. Agents can prepare a deploy, run tests, update docs, and generate a review receipt. Production deploys, migrations, and permission changes should require explicit human approval unless the system is mature and narrowly scoped.
Read next
The math of agent pipelines is brutal. 85% reliability per step compounds to about 20% at 10 steps. Here is why long chains collapse in production, and the six patterns the field has converged on to fight the decay.
9 min readAI agents fail in ways traditional debugging cannot catch. Here are the tools and patterns for finding and fixing broken agent loops, tool failures, and context issues.
9 min readHow to spec agent tasks that run overnight and wake up to verified, reviewable code. The spec format, pipeline, and review workflow.
11 min readTechnical content at the intersection of AI and development. Building with AI agents, Claude Code, and modern dev tools - then showing you exactly how it works.
A hosted infinite canvas your headless AI agents drive over MCP. Any MCP-speaking agent - Claude Code, Codex, Cursor, or...
View ToolAnthropic's agentic coding CLI. Runs in your terminal, edits files autonomously, spawns sub-agents, and maintains memory...
View ToolGives AI agents access to 250+ external tools (GitHub, Slack, Gmail, databases) with managed OAuth. Handles the auth and...
View ToolLightweight Python framework for multi-agent systems. Agent handoffs, tool use, guardrails, tracing. Successor to the ex...
View ToolConfigure Claude Code for maximum productivity -- CLAUDE.md, sub-agents, MCP servers, and autonomous workflows.
AI AgentsDeep comparison of the top AI agent frameworks - LangGraph, CrewAI, Mastra, CopilotKit, AutoGen, and Claude Code.
AI AgentsBackground monitoring of logs, files, and long-running processes.
Claude Code
Build Anything with Vercel, the Agentic Infrastructure Stack Check out Vercel: https://vercel.plug.dev/cwBLgfW The video shows a behind-the-scenes walkthrough of how the creator rapidly builds and d

Leveraging Anthropic's Subagent for Claude Code: A Step-by-Step Guide In this video, we explore Anthropic's newly released subagent feature for Cloud Code, which allows developers to create...

Check out Trae here! https://tinyurl.com/2f8rw4vm In this video, we dive into @Trae_ai a newly launched AI IDE packed with innovative features. I provide a comprehensive demonstration...

The math of agent pipelines is brutal. 85% reliability per step compounds to about 20% at 10 steps. Here is why long cha...

AI agents fail in ways traditional debugging cannot catch. Here are the tools and patterns for finding and fixing broken...
How to spec agent tasks that run overnight and wake up to verified, reviewable code. The spec format, pipeline, and revi...

GitHub is filling with multi-agent frameworks, skills, and coding harnesses. The useful lesson is not that every team ne...

Manual approval prompts stop protecting users when coding agents ask too often. The better pattern is risk-aware autonom...

Efficient agents do not stuff every tool result into the model context. They keep intermediate state in code, files, and...

New tutorials, open-source projects, and deep dives on coding agents - delivered weekly.