Capstone

Agent Anti-Patterns · ~8 min

The Diagnostic Table

Ten anti-patterns, one skill: read a symptom and name the failure behind it. Diagnosis first, fix second.

Why this, for you: in the wild you don't get told "this is objective drift." You get a symptom — an agent that "finished" the wrong thing, a session that's gone vague, a green check that hid a failure. This capstone is the lookup table that turns symptoms into named diagnoses with known fixes.

Every anti-pattern in this course presents as a symptom first. The diagnostic skill is the jump from "the agent is acting weird" to a named failure mode — because the name carries the fix.

1 Symptom → anti-pattern → fix

Symptom you observeAnti-patternFirst fix
Agent ignores instructions it followed at shorter length; "notices" unrelated workInfinite ContextSmallest high-signal set; load on-demand
Quality drops after a day of mixed tasks; anchors on a prior task's conventionsKitchen Sink SessionOne objective per session; new session, not /clear
Low compliance on the rule that applies, despite a "comprehensive" fileDistractor InterferenceLoad task-scoped; prune the inapplicable
Executes every request; never flags the broken convention or constraintYes-Man AgentPre-task / in-task / stop gates; separate reviewer
"Completes" a subtly different goal after a long, compacted sessionObjective DriftStructured session_intent; re-read before each action
Agent refuses ambitious work, stops early after a "be efficient" instructionToken-Preservation BackfireReframe as quality target ("be thorough")
Polished, cited output merged on sight; a subtle bug shipsTrust Without VerifyCheck external ground truth; automate; calibrate
Rising cost, drifting compliance; the AGENTS.md is long and staleConfig SmellsAudit the six; lint to linter, rare to skills
One safeguard added, "injection solved"; allowed page still leaksSingle-Layer DefenceThree layers: model, infra, product
AI reviewer reads PRs and holds repo-write tokens in one runtimeCI/CD TrifectaSplit reviewer/actor; the model is not the gate
The fix is in the name. Most agent failures present as a vague symptom — the leverage is having a named diagnosis with a known first move, not re-deriving the fix each time.

2 The two families

Notice the spine running through the table. Lessons 1–3 and 8 are all the same attention/budget pressure in different clothes — too much context, the wrong context, or always-on context. Lessons 4–7, 9–10 are missing boundaries — no verification gate, no intent anchor, no trust boundary, no runtime separation. Almost every fix is one of two moves: cut what doesn't earn its tokens, or add a boundary the model can't talk its way past.

Every fix has a "when it backfires"

None of these is unconditional. Session-splitting costs reloads; intent files are overhead on short tasks; over-pruning strips edge cases; over-verifying becomes theater; three security layers add complexity. The mature move is calibration — match the fix's cost to the stakes, not maximal hardening everywhere.

↪ Your win: diagnose, then treat

Mixed review — diagnose across all ten lessons

Question 1An agent "completes" a refactor but renamed a public method it was told not to touch. Diagnosis:

Question 2After "preserve tokens" was added, the agent stops early and refuses ambitious work. Fix:

Question 3A PR title makes a CI reviewer dump env to a public comment. The decisive fix is to…

Question 4A "comprehensive" instruction file lowers compliance on the rule that applies. This is…

Question 5Across the course, the two recurring fix moves are…

You've finished the course. Want to drill the diagnostic table the other direction — name only, recall the symptom and fix? Or pick any one anti-pattern and go deep on its "when it backfires" regime. Everything here is grounded in the corpus below.

Go deeper

✎ Feedback