Coding Agents: Simon Willison
What happened
Veteran engineer Simon Willison shared practical patterns for using coding agents—things like red/green TDD, thin templates, and 'hoarding'—and warned that mid‑career software engineers may be most exposed to AI‑driven role shifts. He also noted the cognitive cost of managing multiple agents in parallel, a theme echoed in recent podcast clips about cognitive limits. (x.com)
Why it matters
Simon Willison has started a multi‑chapter guide called “Agentic Engineering Patterns” and published the first two chapters on Feb 23, 2026, with a stated cadence of roughly one to two new chapters per week; he also emphasized that the text is his own writing, not AI‑generated. (simonwillison.net) He appeared on Lenny Rachitsky’s podcast on April 2, 2026 and posted a highlights page summarizing the conversation, which includes a discussion of fully automated “dark factory” workflows (where models write and validate code without human reviewers) and a set of security and cognitive risks he flagged during the episode. (simonwillison.net) (youtube.com)) A coding agent, as Willison defines it, is software that can both generate code and execute that code in a loop so it can test and refine its output; that ability to run code is what separates these agents from plain code‑writing language models. (simonwillison.net) Writing automated tests before implementation — i.e., test‑first development where you run failing tests then implement until they pass — is one practical workflow he recommends because it gives the agent an explicit, machine‑verifiable objective to iterate against. (simonwillison.net) He advises keeping a personal library of reusable snippets, examples, and small utilities that agents can search and recombine — a practice that makes agent outputs easier to control and reuse — and he documents patterns for producing interactive explanations to reduce the mental overhead of agent‑produced code. (simonwillison.net) Willison also describes using “subagents” (smaller assistant agents) to work around a model’s context limit — the finite amount of text the model can hold in its short‑term working memory — and warns that juggling many subagents raises real cognitive load for the human supervisor. (simonwillison.net 1) (simonwillison.net 2) On the security front he points to a concrete attack surface he calls the “lethal trifecta”: when an agent has access to private data, is exposed to untrusted content, and can communicate externally, the combination creates a high risk of data exfiltration or worse; he’s been presenting this threat model publicly since mid‑2025. (simonwillison.net 1) (simonwillison.net 2)
Key numbers
- (simonwillison.net 1) (simonwillison.net 2)
Quick answers
What happened in Coding Agents: Simon Willison?
Veteran engineer Simon Willison shared practical patterns for using coding agents—things like red/green TDD, thin templates, and 'hoarding'—and warned that mid‑career software engineers may be most exposed to AI‑driven role shifts. He also noted the cognitive cost of managing multiple agents in parallel, a theme echoed in recent podcast clips about cognitive limits. (x.com)
Why does Coding Agents: Simon Willison matter?
Simon Willison has started a multi‑chapter guide called “Agentic Engineering Patterns” and published the first two chapters on Feb 23, 2026, with a stated cadence of roughly one to two new chapters per week; he also emphasized that the text is his own writing, not AI‑generated. (simonwillison.net) He appeared on Lenny Rachitsky’s podcast on April 2, 2026 and posted a highlights page summarizing the conversation, which includes a discussion of fully automated “dark factory” workflows (where models write and validate code without human reviewers) and a set of security and cognitive risks he flagged during the episode. (simonwillison.net) (youtube.com)) A coding agent, as Willison defines it, is software that can both generate code and execute that code in a loop so it can test and refine its output; that ability to run code is what separates these agents from plain code‑writing language models. (simonwillison.net) Writing automated tests before implementation — i.e., test‑first development where you run failing tests then implement until they pass — is one practical workflow he recommends because it gives the agent an explicit, machine‑verifiable objective to iterate against. (simonwillison.net) He advises keeping a personal library of reusable snippets, examples, and small utilities that agents can search and recombine — a practice that makes agent outputs easier to control and reuse — and he documents patterns for producing interactive explanations to reduce the mental overhead of agent‑produced code. (simonwillison.net) Willison also describes using “subagents” (smaller assistant agents) to work around a model’s context limit — the finite amount of text the model can hold in its short‑term working memory — and warns that juggling many subagents raises real cognitive load for the human supervisor. (simonwillison.net 1) (simonwillison.net 2) On the security front he points to a concrete attack surface he calls the “lethal trifecta”: when an agent has access to private data, is exposed to untrusted content, and can communicate externally, the combination creates a high risk of data exfiltration or worse; he’s been presenting this threat model publicly since mid‑2025. (simonwillison.net 1) (simonwillison.net 2)
