feed7.dev
Sign InStart Agent Brain
AI EngineerVideoSource Linked

"I've never seen anything scarier than an LLM with tool calls." — Erik Meijer aka @HeadinTheBox

A proposed agent harness separates planning from execution, represents tool calls as inspectable programs, and requires machine-checkable safety proofs before side effects run.

AI Engineer · Jul 13, 2026
Open Source Open MarkdownOpen JSON
Source Summary

Tool use lets an agent cause side effects before it returns an answer. The proposed harness instead **defers execution**, converts the plan into an inspectable program, checks constraints, and only then runs it.

Practical Implication

Builders granting agents filesystem, database, or network access should treat the harness as the safety boundary. Represent actions in a restricted language that supports type checking, data-flow analysis, and taint analysis before execution.

Agent-Ready Context
Tool use lets an agent cause side effects before it returns an answer. The proposed harness instead **defers execution**, converts the plan into an inspectable program, checks constraints, and only then runs it.

Builders granting agents filesystem, database, or network access should treat the harness as the safety boundary. Represent actions in a restricted language that supports type checking, data-flow analysis, and taint analysis before execution.

The talk presents a design principle based on **proof-carrying code**, not evidence that arbitrary real-world agent behavior can already be proved safe. Useful guarantees depend on whether the action language and its safety properties capture the actual risks.
Context Map
agentcodingsecurity#harness-engineering#tool-use#agent-reliability
Uncertainty
The talk presents a design principle based on **proof-carrying code**, not evidence that arbitrary real-world agent behavior can already be proved safe. Useful guarantees depend on whether the action language and its safety properties capture the actual risks.