Back to Research

Governance beats speed in agentic coding

Agentic coding governance for engineering teams: rules, skills, MCP boundaries, and review guardrails.

Editorial illustration for Governance beats speed in agentic coding. I believed the opposite.
Rogier MullerMay 15, 20266 min read

The situation

Counter-thesis: the fastest team is not the one that lets the model do more; it is the one that makes the model easier to govern.

I believed the opposite. I tried more autonomy, more prompts, more “smart” defaults, and fewer interruptions. The tool got faster, but the team got less clear about what it could touch, what it had learned, and what a reviewer should trust.

Diagnosis: this is the automation without governance trap. In practice, it looks like Conway’s Law meeting context drift: the system mirrors org ambiguity, then amplifies it.

Thesis: governance beats speed in agentic coding.

That thesis holds across Cursor, Claude Code, and Codex. The names differ, but the question stays the same: what should the agent know, what may it do, and what must a human verify before merge? That is the core of our methodology in the Review step, and it is the same problem an AI coding workshop should teach through AI coding governance.

Walkthrough

Failure mode: one giant instruction file. If you have shipped AI code, you have hit this in Cursor, Claude Code, and Codex: the team writes one sprawling rule blob, then wonders why the agent ignores half of it. The problem is scope collapse. Cursor’s rule model, Claude’s CLAUDE.md plus scoped rules, and Codex’s AGENTS.md chain all point the same way: local instructions beat one flat manifesto.

Named fix: the Scoped Memory Split. Put durable team rules in the smallest file that matches the work. In Cursor, move from a monolithic .cursorrules mindset to scoped .cursor/rules/*.mdc files. In Claude Code, keep CLAUDE.md concise and push file-type or directory rules into scoped memory. In Codex, use nested AGENTS.md files and override files when a subtree needs a different policy.

# .cursor/rules/api-tests.mdc
---
description: API test rules for backend changes
globs:
  - src/api/**
  - tests/api/**
alwaysApply: false
---
- Prefer table-driven tests.
- Do not change production retries without updating failure cases.
- Ask for review if auth, billing, or data retention changes.

After this split, the agent stops carrying irrelevant rules into every task, and reviewers can tell which policy applied. Governance beats speed because the rules become legible.

That is tip one.

Failure mode: permissions are implied instead of declared. If you have shipped AI code, you have hit this too: the agent can read a lot, but nobody has written down what it may connect to. That is how MCP turns from a useful boundary into an accidental data hose.

Named fix: the Connector Gate. Treat MCP as a reviewed integration layer, not a convenience toggle. Claude Code docs frame MCP as a connector boundary and pair it with permission modes; Cursor and Codex benefit from the same discipline. Before enabling a connector, ask what system it reaches, what data leaves the repo, and what the fallback is when it fails.

A practical team rule is simple: no MCP server ships without an owner, a scope note, and a rollback path. That shifts review from “does it work?” to “is it allowed?” Governance beats speed when the boundary is explicit.

That is tip two.

Failure mode: the model learns habits nobody can audit. If you have shipped AI code, you have hit this when the assistant keeps repeating a correction, but nobody knows whether that correction lives in chat history, memory, or a hidden preference. Claude Code’s docs are explicit here: CLAUDE.md and auto memory are both context, not enforced configuration.

Named fix: the Memory Ledger. Write the rule once, in the right place, and keep the file short enough that a teammate can inspect it. Use CLAUDE.md for durable project guidance, auto memory for learnings Claude accumulates, and a review checklist for anything that must not drift silently. In Cursor, mirror that with team rules plus AGENTS.md; in Codex, keep the instruction chain visible and testable.

The operational result is simple: when memory is legible, teams stop re-litigating the same corrections in every session. Governance beats speed because the team can see what changed.

That is tip three.

Failure mode: review happens after trust has already been granted. If you have shipped AI code, you have hit this when a polished diff arrives and the reviewer scans style, not behavior. The issue is not model quality; it is missing verification loops.

Named fix: the Verification Loop. Make the tool prove the change before the human approves it. Codex’s codex exec is built for headless automation and verification loops; Claude Code supports command execution and review workflows; Cursor’s agent mode and background agents work best when paired with explicit PR policy and checks.

Use a compact review rubric:

  • Did the agent follow the right scoped instructions?
  • Did it touch only the intended files?
  • Did it run the expected tests or checks?
  • Did any connector or MCP call expand the blast radius?
  • Can a reviewer reproduce the result from the diff alone?

When teams adopt that loop, they stop treating agent output as finished work and start treating it as a candidate change. That is the practical meaning of governance beats speed.

That is tip four.

Failure mode: training is ad hoc, so governance never sticks. If you have shipped AI code, you have hit this when one senior engineer knows the rules and everyone else learns by accident. The result is policy debt.

Named fix: the Workshop Pack. Package the operating model as reusable artifacts: a scoped rule file, a CLAUDE.md fragment, an AGENTS.md convention, a skill description, and a review checklist. Anthropic’s Skills docs describe skills as folders of instructions, scripts, and resources that load dynamically through progressive disclosure. That same pattern works as a team training asset: small, named, and task-specific.

For a shared product map, teach it this way: Cursor gets the scoped .mdc rule and team AGENTS.md; Claude Code gets CLAUDE.md, skills, hooks, and MCP review; Codex gets nested AGENTS.md, codex exec, and a verification loop. The thesis stays the same: governance beats speed.

That is tip five.

One image: treat agentic coding like a workshop bench with three drawers. One drawer holds instructions, one holds connectors, and one holds proof. If any drawer is unlabeled, the whole bench gets slower.

Tradeoffs and limits

Governance adds friction, and that is the point. A team that wants zero review overhead is usually asking for hidden risk, not speed.

The limit is that no file system pattern can replace judgment.

Further reading

Where to go next

Use the related training topic to turn this into one reviewable team exercise, then compare the result against our methodology.

Related training topics

Related research

Editorial illustration for Agentic coding guardrails for teams. I believed “just give it the repo” would speed everything up.

Agentic coding guardrails for teams

Practical governance for agentic coding teams: rules, skills, MCP boundaries, and review checks.

Editorial illustration for Cloud agents need workspace rules. I used to think the win was raw model quality.

Cloud agents need workspace rules

Agentic coding governance starts when cloud agents inherit workspace rules, credentials, and review guardrails.

Editorial illustration for Fast mode is not the default. Counter-thesis: the fastest agentic coding setup is usually not the best default for engineering teams.

Fast mode is not the default

Practical ai coding governance for engineering teams: speed, review guardrails, and training across tools.

Continue through the research archive

Earlier research

Agentic coding guardrails for teams

Practical governance for agentic coding teams: rules, skills, MCP boundaries, and review checks.

Ready to start?

Transform how your team builds software.

Get in touch