Featured

The New Primitives of Agentic Software Engineering

June 24, 2026

The New Primitives of Agentic Software Engineering

Software engineering is starting to look less like “write code, commit, ship” and more like “define intent, constrain agents, verify outcomes, and preserve state across many parallel workers.” That sounds abstract until you look at what teams are actually building: agent-specific repo instructions, structured harnesses, semantic version control, and package managers for prompts, skills, and MCP servers. The center of gravity is moving away from Git and npm as the default primitives for the whole workflow, even if both remain part of the stack.

Git still matters. It just no longer answers the hardest questions.

Git was designed to record human intent after the fact. That is a poor fit for a world where agents can modify dozens of files at speed, create semantic conflicts without touching the same line, and generate change faster than a reviewer can metabolize it. Kunal Lall’s critique is blunt: “Git detects textual conflicts — two people editing the same line. But AI coding agents can modify deeply connected parts of a system across dozens of files without ever touching the same line, creating semantic conflicts that Git can’t see.” 1

That limitation is why newer systems are trying to move the unit of control earlier in the workflow. Richard Reukema’s framework argues that Git is “excellent at source control” but “is not an architect,” and the distinction matters because agentic systems need task scoping, file leasing, and pre-commit governance, not just merges and rollbacks. 2 Fedor Sheremetyev makes the same point from a different angle: human approvals can force agents to run at “my attention speed,” which defeats the point of automation. 3

The implication is not that Git disappears. It is that Git becomes one layer among several, rather than the place where coordination problems are solved.

The new repo primitives are about instructions, not just files

If Git is losing primacy as the control surface, what replaces it? One answer is the repository itself. The strongest recent pattern is to move machine-facing instructions into versioned, project-local files that agents can read before they act.

The SIGPLAN Blog’s framework is explicit: “source repositories are no longer just containers for human-authored code — they are containers and generators of knowledge supporting the interaction of humans with AI agents.” 4 That thesis is reinforced by AGENTS.md, which treats repository-level instructions as the shared contract for machines. Its authors argue: “Before you optimize how an agent thinks, you must standardize what it sees.” 5

This is a real shift in primitives. Instead of depending on a chat transcript or a human remembering to paste rules into a prompt, teams are codifying the environment in files such as AGENTS.md, hierarchical overrides, and conformance tests. In other words, the repository is becoming a machine-readable operating environment, not just a code bucket.

That same logic shows up in more specialized proposals. repository-harness argues, “Coding agents do not only need better prompts. They need better repositories.” 6 Its structure—AGENTS.md, FEATURE_INTAKE, TEST_MATRIX, tool registries—turns context into an explicit asset, not ephemeral prompt residue. The Agentic Engineering Standard takes the same fragmentation problem and tries to unify it: “Every agentic project reinvents the same structure: how to instruct the agent, define skills, track state, set permissions, enforce coding standards, and persist what the agent learns.” 7

That is what makes this moment different from old “prompt engineering” debates. The primitive is shifting from a single prompt to a repository-backed control plane.

"Modern agentic AI is not just a language model, but a layered stack of project-local rules, task-specific modules, and communication protocols."

— 1 Minute Signal coverage of IBM Technology 8

Git’s successor is not one tool, but a family of control layers

The most interesting systems do not try to replace Git with a single monolith. They split the problem into state, safety, concurrency, and auditability.

Flock, for example, is built around semantic awareness rather than line diffs. Its premise is that Git was built for humans, while multi-agent development needs AST-aware change tracking, policy enforcement at write time, and real-time awareness of what other agents are doing. 9, 10 Writ makes a related move by defining immutable “seals,” a convergence engine, and a structured context command that replaces a handful of Git commands with a single, agent-friendly view of project state. 11 Agit goes even further: “Every agent action is a commit — diffable, revertable, auditable.” 12

These tools are not interchangeable, but they share a diagnosis. AI agents do not mainly need a better branching metaphor. They need state that is branchable, blameable, reversible, and semantically rich enough to preserve intent.

That is also why newer systems often preserve the best of Git while changing the layer above it. Flock, for instance, explicitly says it preserves Git’s “brilliant foundations” while rethinking everything else for multi-agent work. 10 AgentStateGraph goes one step further and describes itself as “a content-addressed, branchable, blameable state primitive” for agents. 13 In those systems, the commit graph is no longer only about source code history; it becomes a substrate for reasoning, audit, and mechanical accountability.

"The scarce skill is no longer syntax production. It’s systems governance — defining safe task boundaries for agents, managing change propagation across services, preserving invariants under high velocity, and designing coordination protocols between parallel actors that don’t naturally communicate."

— Kunal Lall 1

npm is also getting pulled apart

The package-manager side of the stack is changing for the same reason. Agentic workflows are broadening what counts as a dependency. It is no longer only code libraries; it is skills, prompts, instructions, MCP servers, and workflow definitions.

That is why tools like pakx exist: they manage “skills, MCP servers, subagents, prompts, commands, and hooks” as federated dependencies. 14 AgentCoven takes a different route and uses Git as the distribution mechanism for these building blocks, arguing that teams can share agent definitions and rules without centralized registries. 15 snpm pushes in a more conventional package-manager direction, but even there the design includes a built-in Node.js version manager, blocked lifecycle scripts, and a skill folder specifically for teaching AI agents how to use the tool. 16

The deeper point is that npm-style package resolution is no longer sufficient if a project’s effective dependencies include agent policies, registry metadata, and execution permissions. That is why governance tools are appearing alongside package managers. Vibe Dependency Guard blocks package installs unless they clear validation, justification, and policy review. 17 In agentic development, dependency management is becoming a security and governance problem as much as a build problem.

The real bottleneck is not generation. It is coordination.

The recurring theme across the source set is that code generation got cheaper faster than integration, review, and trust.

Lenny’s Podcast coverage puts it neatly: “Passive coding assistants have been superseded by autonomous agents that can write, run, and debug their own work.” 18 But that does not mean review disappears. Fedor Sheremetyev warns that “AI made code cheaper to generate. It did not make review, integration, judgment, or shipping confidence cheap.” 3 Jellyfish’s research makes the same broader point in data terms: the top of the market is not just adopting agents, it is compounding on them, while the median falls behind. 19

This is where the cultural risk emerges. Meta’s reported reassignment of roughly 5,000 developers into labeling work, plus morale issues and security incidents linked by observers to AI-driven code production, shows that speed without governance can erode trust inside the organization itself. 20 Amazon’s requirement for senior human review after outages, and Uber’s monthly AI budget cap per engineer, are both signs that companies are trying to reintroduce friction where autonomy has outrun control. 20

So the question is not whether agents will be used. It is what kinds of guardrails will survive contact with real workloads.

"The question is not: How many agents can we run? The question is: How many agents can we control?"

— Richard Reukema 2

What leaders should notice

The most durable signal here is not any one tool. It is the convergence of five patterns:

  1. Repository-local instructions are becoming first-class. AGENTS.md, spec hierarchies, and machine-facing documentation are replacing ad hoc prompting. 4, 5
  2. State is becoming agent-native. Systems like Agit, AgentStateGraph, and Writ treat agent actions, reasoning, and context as versioned objects. 11, 12, 13
  3. Semantic coordination matters more than line diffs. Git cannot see the conflicts that arise when multiple agents reshape a system at once. 1, 9
  4. Non-code dependencies now matter. Skills, prompts, MCP servers, and policies are increasingly managed like package dependencies. 14, 17
  5. Governance is the scarce resource. Budget caps, human review, file leasing, proxy-based push controls, and policy engines are all attempts to keep speed from becoming chaos. 2, 17, 21

That points to a practical conclusion: the next generation of engineering primitives will be judged less by how elegantly they track code and more by how well they preserve intent, constrain autonomy, and make agent behavior auditable.

What to do next

For teams experimenting with agentic workflows, the immediate priority is not choosing a shiny new VCS or package manager. It is defining the control plane around the agents you already use.

Start by standardizing repository instructions, making scope explicit, and deciding where state lives when no human is watching the session. Then add policy layers for dependency installation, file access, and merge approval. If you cannot explain how an agent knows what it may change, what it must verify, and where its actions are recorded, you do not yet have an agentic workflow. You have a faster way to create risk.

Share this

Tags