Listen to this Post
Introduction:
The AI engineering landscape is undergoing a seismic shift. If 2023 was the year of the Prompt Engineer and 2025 belonged to Harness Engineering, 2026 is undeniably the era of Loop Engineering. The core idea, championed by industry figures like Boris Cherny (creator of Claude Code) and Peter Steinberger (founder of OpenClaw), is simple yet profound: stop prompting your AI agents manually and start designing loops that do the prompting for you. However, as David Matousek, an Agentic AI Security Leader, astutely points out, “A loop left to run is a loop making mistakes on its own, only faster.” The true challenge—and the essence of secure, enterprise-grade AI adoption—lies not in writing the loop, but in governing it. This article explores the paradigm of Loop Engineering, the critical importance of governance gates, and provides a practical, step-by-step guide to implementing a governed, agentic development lifecycle.
Learning Objectives:
- Understand the evolution from Prompt Engineering to Loop Engineering and the paradigm shift it represents.
- Learn the architecture of an agentic loop, including its core components and the critical distinction between loops and simple automation.
- Master the implementation of “Governance-in-the-Loop” using a triad-based sign-off model to ensure security, compliance, and accountability in AI-driven development.
- Gain hands-on knowledge of the Agentic-Oriented Development Kit (AOD-Kit) and its three-loop, one-triad framework.
- Acquire practical commands and configurations for implementing governed loops in your own projects.
You Should Know:
- What Is Loop Engineering, and Why Does It Matter?
Loop Engineering is the practice of designing autonomous, feedback-driven systems that direct AI agents to perform complex, multi-step tasks without constant human intervention. Instead of a developer crafting a prompt, waiting for a response, and then crafting another, they define a goal and a set of triggers. The agent then enters a loop: it acts, observes the result, evaluates its progress against the goal, and loops again until the goal is met or a stopping condition is triggered.
This is a fundamental shift in the division of labor. As Addy Osmani, a Google engineering lead, defines it, Loop Engineering is “replacing the person who prompts the AI with a system that does it for you”. The loop itself is composed of several key building blocks:
– Automation: Triggers like cron jobs, webhooks, or the `/goal` command that initiate the loop.
– Work Trees: Isolated workspaces that prevent conflicts when multiple agents are working on the same codebase.
– Skills: Reusable instruction sets that embed project-specific knowledge, standards, and past learnings into the loop.
– Connectors: MCP-based plugins that allow the agent to interact with real-world tools, databases, and issue trackers.
– Sub-Agents: Specialized agents, often using different models, that handle specific tasks like code review, ensuring quality and objectivity.
- The Governance Gap: Why Loops Are Dangerous Without Gates
The excitement around Loop Engineering often overlooks a critical risk: an ungoverned loop is an autonomous system that can make mistakes at machine speed. As Matousek notes, “Anyone can write a loop. Almost nobody governs one.” The core problem is that an automated process without oversight is not a solution; it is the entire problem.
This is where the concept of “Governance-in-the-Loop” (GITL) becomes essential. GITL moves beyond simple human-in-the-loop oversight to embed policy-driven checks, security controls, and compliance gates directly into the agentic workflow. The goal is not to slow down the loop but to ensure that every cycle produces a secure, compliant, and high-quality outcome. Matousek’s approach, born from a background in risk and compliance, uses a “Triad” of roles—Product Manager (PM), Architect, and Team-Lead—to sign off at every critical stage. This creates a system of checks and balances where the agent can propose, build, and test, but the authority to advance a feature to the next stage rests with a governed, reviewable, and revocable human decision.
- Implementing a Governed Loop: The AOD-Kit in Practice
The Agentic-Oriented Development Kit (AOD-Kit) is an open-source project that operationalizes the concept of governed loops. It implements a “Three Loops, One Triad” model, providing a practical template for integrating governance into every phase of the AI-assisted development lifecycle. Here’s how to get started.
Step 1: The Kickstart Loop (Run Once)
This loop locks in the project’s architecture and design identity before any feature work begins. It ensures that the foundational principles are established and agreed upon by the Triad.
– Command:
Clone the template repository git clone https://github.com/davidmatousek/agentic-oriented-development-kit.git my-project cd my-project Bootstrap the project, substituting your project name, stack, and dates make init
– What it does: The `make init` command personalizes templated files like the `README` and `CLAUDE.md` for your project.
– Next step: Run `/aod.foundation` to set up the product vision and design identity. This is the “gate” where the Triad approves the core architecture.
Step 2: The Blueprint Loop (Per Cycle)
This loop batches a dependency-ordered, ICE-scored planning increment of stories—a “program increment” in SAFe terminology. It bridges the gap between high-level strategy and granular feature execution.
– Command:
/aod.blueprint
– What it does: The command generates the next batch of stories from the consumer guide and pushes them to GitHub Issues.
– The Gate: PM and Architect review and sign off on the blueprint before any feature work begins, ensuring that the cycle aligns with business goals and technical strategy.
Step 3: The Sprint Loop (Per Feature)
This is the core, six-stage governed loop that takes a single feature from discovery to documentation. Each stage has its own command and requires Triad sign-off before proceeding.
- Stage 1: Discover
- Command: `/aod.discover`
– What it does: Captures the raw idea and ICE-scores it (Impact, Confidence, Ease). - Stage 2: Define
- Command: `/aod.define`
– What it does: Drafts a Product Requirements Document (PRD) for Triad review. - Stage 3: Plan
- Command: `/aod.plan`
– What it does: Generates the detailed technical spec, plan, and tasks, requiring sign-off from the PM and Architect. - Stage 4: Build
- Command: `/aod.build`
– What it does: Executes the task waves with Architect checkpoints built into the process. - Stage 5: Deliver
- Command: `/aod.deliver`
– What it does: Validates the Definition of Done and runs a retrospective. - Stage 6: Document
- Command: `/aod.document`
– What it does: Simplifies code, updates the CHANGELOG, and writes API documentation.
4. Embedding Security and Compliance in the Loop
A governed loop is a secure loop. By embedding policy-driven checks at each gate, you transform security from a final hurdle into an integrated part of the development process. This aligns with emerging frameworks that classify AI development into phases like AI-Assisted, AI Native, and Agentic, each requiring distinct risk and governance controls.
To further harden your agentic workflows, consider implementing these security measures:
- Deterministic Guardrails: Implement a dual-gate security architecture, such as the Asimov Safety Architecture (ASA), which combines a deterministic pattern denylist with a stateless allowlist to block malicious actions at the infrastructure layer.
- Identity and Access Management (IAM): Enforce strict identity controls for all agents. Agents should have the minimum necessary permissions to perform their tasks, and all actions should be logged for auditability.
- API Security: Secure all connectors and APIs used by the agent. This includes using API gateways, enforcing rate limiting, and validating all inputs and outputs to prevent injection attacks.
- Continuous Monitoring: Log every decision made within the loop, including which gate approved it, who owned it, and what evidence was used to pass it. This creates a feedback loop for both the governance model and the agent’s behavior.
5. Practical Commands for Loop Governance
Here are some practical commands and configurations to help you implement governed loops.
Linux/Unix (Cron for Automation):
To trigger a loop on a schedule, use cron. For example, to run a daily security scan at 2 AM:
Edit your crontab crontab -e Add the following line to run a security scan every day at 2:00 AM 0 2 /path/to/your/agentic-security-scan.sh
Windows (Task Scheduler for Automation):
To create a scheduled task that triggers a loop:
Create a scheduled task to run a loop every hour $Action = New-ScheduledTaskAction -Execute "powershell.exe" -Argument "-File C:\path\to\your\loop-trigger.ps1" $Trigger = New-ScheduledTaskTrigger -Daily -At 2am Register-ScheduledTask -Action $Action -Trigger $Trigger -TaskName "AgenticLoopTrigger" -Description "Triggers the agentic loop for security checks"
Git (Using Hooks for Gates):
You can use Git hooks to enforce gates before code is merged. For example, a pre-commit hook can run a security linter:
.git/hooks/pre-commit !/bin/sh Run a security linter before allowing a commit if ! bandit -r .; then echo "Security linter failed. Commit blocked." exit 1 fi
Docker (Isolating Agent Environments):
Use containers to isolate agent execution environments and enforce resource limits:
Dockerfile for a secure agent runtime FROM python:3.11-slim Set non-root user for security RUN useradd -m -u 1000 agentuser USER agentuser WORKDIR /home/agentuser/app Copy and install dependencies COPY --chown=agentuser:agentuser requirements.txt . RUN pip install --1o-cache-dir -r requirements.txt Run the agent loop CMD ["python", "agent_loop.py"]
What Undercode Say:
- Speed Without Accountability Is a Liability: Loop Engineering offers immense potential for accelerating development, but an ungoverned loop is a recipe for disaster. The speed of AI amplifies mistakes, making governance not a bottleneck but a critical success factor.
- Governance Must Be Built In, Not Bolted On: Effective governance cannot be an afterthought. It must be embedded into the very architecture of the loop. The Triad model (PM, Architect, Team-Lead) provides a practical, role-based framework for embedding human accountability at every stage of the automated workflow. This ensures that decisions are not just fast, but also reviewable, traceable, and aligned with business and security objectives.
Prediction:
- +1 The adoption of governed Loop Engineering will become a key differentiator for high-performing engineering organizations. Companies that successfully implement “Governance-in-the-Loop” will achieve faster, more secure, and more compliant software delivery, outpacing competitors who treat AI agents as ungoverned productivity tools.
- +1 We will see the emergence of standardized “Governance as Code” frameworks and open-source tools like the AOD-Kit become essential components of the enterprise CI/CD pipeline, similar to how static analysis and SAST tools are today.
- -1 Organizations that fail to implement governance gates for their AI agents will face significant risks, including data breaches, compliance violations, and the accumulation of “technical debt” at an unprecedented scale. The cost of cleaning up after an ungoverned AI agent will far outweigh the initial productivity gains.
▶️ Related Video (76% Match):
🎯Let’s Practice For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
IT/Security Reporter URL:
Reported By: Davidmatousek Loop – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅
