Loading page.
Writing / Ai / Agentic Coding / 4 min read
AI agents can accelerate software delivery, but they should not replace engineering judgment. This is a practical workflow for building with AI while protecting correctness, security, and maintainability.
By Jerine S. Acebes
AI can make software development feel faster than ever. A good coding agent can draft components, write tests, explain errors, refactor files, inspect logs, and help move an idea toward a working product in a short amount of time. That speed is useful, but it also creates a new risk: it becomes easy to confuse generated code with finished engineering.
That is why I prefer to think in terms of human-in-the-loop agentic coding. The agent can help plan, draft, modify, and debug across multiple steps, but the human still owns the system. The developer is responsible for the product decision, architecture, data model, security boundary, user experience, and final judgment of whether the work is safe to ship.
The most important rule is simple: delegate execution steps, not accountability. AI can produce a first draft, but it cannot be the person who explains the tradeoff, defends the security model, or answers for a broken workflow in production. If I cannot run it, inspect it, test it, and explain it, I do not treat it as mine yet.
I start with a small written spec before asking an agent to build anything. It does not need to be long. I want the user, the goal, the success state, the constraints, and the things that must not happen. This gives the agent a boundary, but it also forces me to think clearly before speed takes over.
From there, I ask for the smallest working slice. One screen. One endpoint. One database change. One test. Agentic coding works best when the feedback loop is short enough that I can run the app, see the behavior, and correct the direction quickly. Large prompts that ask for an entire system usually produce code that is harder to review and easier to misunderstand.
Treat agent-generated code as a draft until it passes a verification loop. I run the app, click the main path, check the console, inspect the diff, and test edge cases. Empty inputs, invalid formats, missing permissions, slow responses, duplicate submissions, and failed API calls matter because real users will eventually find those paths.
The human-in-the-loop part becomes most important around system boundaries. Authentication, authorization, file uploads, payments, database rules, secrets, and user-generated content should never be accepted casually. I can ask AI to identify risks, but I still need to verify the implementation myself. Security is not a prompt result. It is a responsibility.
Good agentic coding also depends on acceptance criteria. Before I accept the change, I ask whether the feature does what it was supposed to do, whether the behavior is testable, whether the failure states are handled, and whether the implementation fits the existing codebase. If the answer is unclear, the work is not done.
I use AI heavily for the parts where it is strong: scaffolding, boilerplate, test ideas, debugging hypotheses, documentation drafts, refactoring options, and explaining unfamiliar code. I am more careful when the decision requires product judgment, domain context, user trust, or long-term architecture. AI is useful, but it does not know the full responsibility behind the product unless I give it that context and verify the result.
As a project grows, I move from broad generation to reviewable diffs. Early in a prototype, speed matters. Later, structure matters more. I want smaller changes, clearer commits, stable folder conventions, typed data contracts, validation at boundaries, and tests around the behavior that would hurt if it broke.
This is also how AI becomes a learning tool instead of a shortcut. If an agent writes code I do not understand, I ask it to explain the flow, the assumptions, and the failure modes. Then I check that explanation against the actual code. The goal is not only to finish faster. The goal is to become sharper while using better tools.
My practical checklist is: write the spec, define acceptance criteria, build the smallest slice, run it quickly, inspect the diff, test the main flow, test failure cases, check security boundaries, and make sure I can explain the architecture. When that loop is working, AI becomes a serious engineering multiplier instead of a risky shortcut.
Agentic coding is not about removing the engineer from the process. It is about changing the engineer's role. The work becomes less about typing every line manually and more about directing the system, constraining the agent, verifying the behavior, and staying accountable for what gets shipped.