Harness Engineering: How OpenAI Ships Without Writing Code

OpenAI's five-month experiment built an internal software product with zero manually-written code. A team that grew from three to seven engineers produced approximately 1,500 pull requests and one million lines of code, at roughly one-tenth the normal timeline.

The fundamental shift: engineers stopped writing code and started designing the environment agents operate in. Early progress stalled not because Codex was incapable, but because the development environment lacked the tools and abstractions the agent needed. Engineers learned to ask a different question: "What capability is missing, and how do we make it legible for the agent?"

Codex eventually achieved full end-to-end autonomy, validating codebase state, reproducing bugs with video recording, implementing and validating fixes, opening pull requests with documentation, responding to feedback, detecting build failures, and self-merging. Humans escalated only when genuine judgment calls were required.

The most important enabler in the experiment was making the application's runtime state directly queryable by Codex. This had two parts. First, the application became bootable per Git worktree: Codex could spin up an isolated instance of the product for its own branch, interact with it, and validate changes visually before opening a PR. Chrome DevTools Protocol integration gave the agent access to DOM snapshots, screenshots, and navigation.

Second, the observability stack became locally queryable: logs, metrics, and traces were accessible within a running local instance. This let engineers write prompts like "ensure service startup completes in under 800ms" and have Codex validate the result directly. Some Codex runs lasted six hours on a single task.

Without legibility, without the agent being able to see and measure the effects of its own changes, the agent is flying blind.

Large instruction files are a dead end: they cause context overload and go stale quickly. OpenAI replaced them with AGENTS.md as a lean table of contents pointing to structured subdirectories: docs/design-docs/ for architectural decisions, docs/product-specs/ for product requirements, docs/exec-plans/ for execution and technical debt tracking, and docs/references/ for technical material. The agent reads only what it needs for a given task.

Stale docs were addressed mechanically: linters and CI jobs enforced that documentation stayed current, and recurring "doc-gardening" agents scanned the repository for outdated content and opened cleanup PRs.

The key insight is that documentation is not a soft cultural practice; it is part of the infrastructure. In an agent-first codebase, stale documentation is a bug, and bugs need automated detection and remediation.

The entire codebase was optimized for how Codex reasons, not for how humans prefer to read it. This meant favoring composable, "boring" technologies with stable APIs over cutting-edge libraries with opaque internals. When an external library's behavior was too unpredictable for the agent to reason about reliably, the team reimplemented it in-repository.

Architectural discipline was enforced through a strict layered dependency model: Types, Config, Repo, Service, Runtime, UI. Code could only flow forward; no backward imports, no skipped layers. Cross-cutting concerns entered through explicit Provider interfaces.

Custom linters enforced this mechanically: structural violations, naming conventions, file size limits, and platform reliability checks all produced actionable error messages with remediation instructions aimed directly at the agent. The key quote: "With coding agents, constraints are an early prerequisite; they're what allow speed without decay."

Conventional PR norms (comprehensive review, blocking on test flakes, waiting for full green CI) became bottlenecks when agents were opening dozens of PRs per day. OpenAI adopted minimal blocking merge gates, short-lived pull requests, and higher tolerance for quick post-merge corrections over perfect pre-merge validation. Test flakes triggered follow-up runs rather than blocking progress.

Agent-to-agent review replaced much of the human review burden; human review became optional rather than mandatory, triggered only for judgment calls.

This is a deliberate philosophical shift: the cost of a quick correction is low when the agent can implement it in minutes. The cost of blocking every merge on comprehensive upfront validation compounds across hundreds of concurrent tasks. Speed requires accepting a higher rate of small corrections and designing for fast recovery rather than perfect prevention.

Full agent autonomy created a new problem: pattern drift. When Codex implemented features by extending existing code, suboptimal patterns replicated throughout the codebase. Weekly manual cleanup sessions, called "Friday AI slop", were unsustainable at scale.

The solution was "golden principles": mechanical rules that defined canonical patterns for common constructs (structured logging format, naming conventions, component structure). These were enforced by linters, not treated as suggestions. Recurring background agents ran continuously, scanning for deviations from golden principles and opening auto-mergeable refactoring PRs.

Technical debt was treated as compound interest: small continuous increments are far cheaper than periodic large cleanups. The garbage collection metaphor is deliberate: entropy is not a special event requiring a cleanup sprint; it is a continuous background process that runs at low cost alongside normal development.