The Principal Engineer's Bible, Part 4: Standing Up the Agentic Engineering Army

The Principal Engineer's Agentic Coding Bible · Episode 04

The Principal Engineer's Bible, Part 4: Standing Up the Agentic Engineering Army

A six-part guide for the IT/Cyber/Cloud generalist now orchestrating AI agents. Part 4 is operationalizing the army: six core agent personas, model routing by phase, orchestration framework picks, default tool allowlists, UI standardization rules, and repository + CI/CD discipline.

Chris Watkins 12 min read

Listen in my voice · AI narration (ElevenLabs clone)

Loading audio player…

Watch the episode · AI-generated video

On this page

This is Part 4 of The Principal Engineer’s Agentic Coding Bible. Part 1 was the worldview shift. Part 2 was the toolchain. Part 3 was the security spine. Part 4 is operations. You have a worldview. You have tools. You have a security baseline. Now you need an organizational shape that lets agents actually do useful work without stepping on each other or producing chaos.

This is where the “principal engineer” role earns its money. You’re not building features. You’re running a small team of agents that build features.

The 6 Core Agent Personas

Every well-run agentic workflow has at least these six roles. Some collapse into one agent that wears multiple hats; some need to be different processes with different contexts and different tools. The roles do not change. The packaging does.

AgentRoleReal-world analogyDoes code?
OrchestratorPlans, delegates, tracks. The traffic cop.CTO / PMNo
ArchitectSystem design, data model, boundaries, ADRsStaff EngineerDiagrams only
ScaffoldRunnable skeleton fast. Gets the project from zero to “it boots”ShipFast BuilderYes
CoderMinimal diffs, correct code, testsSenior DevYes
ReviewerCorrectness, security, maintainability, performanceTech Lead + Security partnerNo (feedback only)
TesterTest plan, integration tests, edge casesSDETYes (tests only)

Notice three of the six roles don’t write production code. That’s the point. Most agentic systems fail because they hire all coders and no orchestrator and no reviewer. You get a fast crew that ships garbage and then can’t tell you why production is on fire at 2 AM.

A real principal engineer in 2026 makes sure every one of these roles is staffed by an agent (or a small group of agents), each with the right context, the right tools, and the right model for its job.

Model Routing by Phase

In 2025 the answer to “which model” was “Claude or GPT-4.” In 2026 the answer is: it depends on the phase, the budget, and how much capability you actually need for that specific role.

I use a two-phase model:

  • Phase 1: Exploit. Cheap-and-fast models. Drafting, scaffolding, exploratory work. You want a lot of iterations cheap.
  • Phase 2: Consolidate. Strong models. Final architecture decisions, careful review, production-grade output.

Here’s how I route as of late May 2026:

Agent rolePhase 1 (Exploit, cheap/fast)Phase 2 (Consolidate, strong)
OrchestratorGemini 3.5 Flash / Haiku 4.5Claude Sonnet 4.5
ArchitectGemini 3.5 FlashClaude Opus 4.5 / Gemini 3.1 Pro
ScaffoldHaiku 4.5 / Goose (local)Sonnet 4.5
CoderGPT-5-mini / OpenCodeCodex CLI / Claude Code (with Sonnet or Opus)
ReviewerHaiku 4.5Claude Opus 4.5 (stronger reviewer wins, no contest)
TesterGPT-5-miniCodex CLI

A few notes on this table for May 2026:

  • The Phase 2 reviewer should be your strongest model. A weak reviewer is worse than no reviewer because it makes you think you’ve checked.
  • The architect role on Phase 2 can flex between Opus 4.5 and Gemini 3.1 Pro depending on context size. Gemini 3.1 Pro has the long-context edge if you’re reasoning over an entire repo.
  • For pure agentic coding tasks, Codex CLI in Phase 2 with the current GPT model is genuinely the best plan writer I’ve used. Pair it with Claude Code for the build phase.
  • Skip GPT-4o-mini. It’s been superseded by GPT-5-mini for the same cost tier. The original v3 doc has it because the doc is from March; the world moved.

Two-phase routing saves you real money. The Phase 1 work happens fast and cheap so you can iterate. Phase 2 only kicks in when you’re consolidating, and you only pay the premium when it matters.

Orchestration Framework Picks

The framework you pick to run all this depends on your taste and your stack. Here’s the May 2026 landscape with honest tradeoffs.

FrameworkPhilosophyBest forLearning curve
OpenAI Agents SDKProductized, opinionated, handoff-basedFast shipping, OpenAI-first stacksLow
Claude Agent SDK (@anthropic-ai/claude-agent-sdk)Developer control, hooks + subagents, single agent extraordinarily capableComplex workflows, deep OS accessMedium
Vercel AI SDK v6 + @ai-sdk/mcpProvider-agnostic, TypeScript-native, MCP-firstMulti-model routing, TS stacksLow
LangGraphExplicit multi-agent coordination, graph-shaped state machinesComplex stateful workflowsHigh
CrewAIRole-based agent teams, collaborative-by-designFast prototyping of multi-agent workflowsMedium
Hermes Agent (Nous Research)Self-improving, persistent cross-session memory, skills auto-generatedLong-running autonomous projectsLow to Medium
Antigravity SDK (Google)Agent-first platform, multi-model out of the boxBuilding on Google’s stack, AI Pro includedMedium
Cursor SDK (@cursor/sdk 1.0.13)Programmatic Cursor runtime, MCP + Skills + Hooks inheritedProductionizing what works inside the Cursor IDEMedium

My defaults right now: Vercel AI SDK as the orchestration backbone (model-agnostic, MCP-native, TypeScript-first), with Claude Agent SDK as the heavy-lifter for deep workflows that need OS access, and Cursor SDK for content-repo work that’s already wired to my Cursor MCP setup.

I do not run LangGraph day-to-day. I respect what it does for state-machine work, but the learning curve does not pay off until you’re at a scale of multi-agent coordination that solo operators rarely hit.

Default Agent Tools (Allowlist by Default)

The single biggest harness mistake people make is letting agents call arbitrary tools. The fix is an allowlist with explicit risk tiers.

Here’s the minimum bar for a production agent’s tool surface:

ToolPurposeRisk levelNotes
searchDocs()Query internal documentationLowRead-only, no PII exposure
queryDbReadOnly()Database queries, read-onlyLowRLS-enforced where applicable
createTicket()Linear / Jira ticket creationLowWorst case: noisy backlog
summarizeDiff()Safe diff summariesLowStatic analysis, no side effects
runChecks()Fetch CI statusLowRead-only
openPullRequest()GitHub PR creationMediumReviewed before merge; no auto-merge
commentOnIssue()Post commentsMediumUse for human-in-loop notification
triggerWorkflow()Manual workflow dispatchMediumApproval-gated where possible

Never in production. Period.

  • Arbitrary shell commands
  • Write access to databases without explicit approval
  • Direct file system access outside the agent’s working dir
  • Network requests to arbitrary URLs
  • Production secret read by agents during development
  • Self-modifying skills without a review gate

The “Never” list is non-negotiable. Every one of those is how an agent eventually deletes your production database or exfiltrates your customer data. The Replit incident from 2025 (covered in Part 3) lives right at the intersection of three of these. Don’t give the agent the rope.

UI Standardization: Escape “AI Same-App Syndrome”

This one’s underweighted in most agentic playbooks and it’s a real problem.

AI models default to whatever UI patterns they’ve seen the most. Without constraints, every AI-built app looks like the same shadcn dashboard. Your apps should look like your brand, not the model’s defaults. Otherwise you’re spending months building something whose interface is indistinguishable from every other product shipped this quarter.

SaaS (Next.js + TypeScript): pick ONE per app

PackBest forStyle
Tailwind Plus: CatalystPremium admin / dashboardsClean “Stripe-ish”
shadcn/uiFast MVP, flexibleNeutral, customizable
Next.js SaaS StarterConsistent app skeletonLayer with Catalyst or shadcn for visual style

Mobile (Expo + React Native + TypeScript): pick ONE per app

PackBest forStyle
IgniteProduction RN appsBattle-tested structure, opinionated
Expo Router tabsFast MVPClean, minimal
Tamagui starterWeb/mobile parityDesign system across platforms

The non-negotiable UI rules

  • Pick ONE UI pack per app. No mixing. If you mix, the agent will keep mixing forever.
  • Lock design tokens. Colors, spacing, type scale, radius scale. Apply them everywhere. No magic numbers in components.
  • No random UI libs. Agent suggests react-some-table-thing-2026? Reject the PR. New dependency = explicit justification.
  • Approval required for any new UI dependency. Doesn’t matter how popular it is on Twitter this week.

These rules exist because agents drift toward visual sameness. The fix is structural constraint, not vibes. The rules above are how you keep your product looking like your product.

Repository Standards

Here’s the SaaS repo layout I default to (Next.js App Router):

src/
├── app/                  # Routes + server actions
├── components/           # UI from your chosen pack
├── lib/
│   ├── config.ts         # Env parsing + validation (zod)
│   ├── validators/       # Request + response schemas
│   ├── ai/               # AI provider clients
│   └── agents/           # Agent orchestration
├── server/               # Server-only code
specs/                    # Feature specifications (SDD artifacts)
tests/                    # Unit, integration, e2e

The shape matters for the agents as much as for the humans. agents/ and specs/ being top-level means an agent doing context selection (Part 1, Pillar 2) finds them immediately.

Mandatory documentation files

If these aren’t in your repo, the next agent (or the next human) will reinvent your decisions wrong.

FilePurposeUpdate frequency
README.mdSetup, running, deployingEvery release
ARCH_NOTES.mdSystem design decisions, ADRsWhen architecture changes
TODO_DEBT.mdKnown technical debtWeekly
.env.exampleRequired environment variables (no values)When env changes
CONTRIBUTING.mdHow to contributeQuarterly
SECURITY.mdSecurity policy, reporting channelAnnually
specs/ (directory)Feature specifications, SDD artifactsEvery feature
agents.md or CLAUDE.mdAgent context and rulesIteratively, as you discover gaps

I take agents.md / CLAUDE.md particularly seriously. That file IS the harness for any agent operating in the repo. Treat it as production code.

Pre-commit and CI/CD Gates (from Part 3, operationalized)

Part 3 introduced the three-gate model. Part 4 is the implementation.

Pre-commit baseline (web / Next.js)

ToolWhat it doesWhy
prettierFormat codeRemoves style debates from PRs
eslintLint codeCatches obvious bugs and bad patterns
tsc --noEmitTypeScript typecheckCatches the hallucinated imports Part 3 warned about
Unit tests (fast subset)Run on staged filesFast feedback
gitleaksScan for committed secretsLast line before secrets hit git

Wire these through husky + lint-staged. If pre-commit fails, the commit does not exist.

CI/CD gates (GitHub Actions)

StageWhat it does
Install dependenciesClean install, lockfile verified
LintFull lint pass across the codebase
Typechecktsc --noEmit over the whole tree
Unit testsAll of them
Integration smoke testVerifies the system actually composes
BuildBuild artifacts produced
Dependency auditnpm audit (or pnpm audit / pip-audit)
SAST scanSemgrep or equivalent

If CI fails, the PR does not exist. I will say this in every part of this series because every team I’ve watched fail at this failed by overriding the gates “just this once.”

The one-screen summary

If you’re skimming for the takeaways:

ConcernAnswerWhere it lives
Who’s doing the work?6 personas (Orchestrator, Architect, Scaffold, Coder, Reviewer, Tester)Section 1
Which model?Two-phase routing: cheap for Exploit, strong for ConsolidateSection 2
What framework?Vercel AI SDK + Claude Agent SDK + Cursor SDK as my defaultsSection 3
What tools can agents call?Allowlist by default, never the “Never” listSection 4
How do apps not all look the same?One UI pack per app, lock tokens, reject random libsSection 5
How do agents find what they need?Repo layout, mandatory docs, agents.md / CLAUDE.mdSection 6
How do bad changes get blocked?Three-gate model: local, pre-commit, CI/CDSection 7

What’s next

Part 5 is production architecture. The Vercel + GCP split, mobile development (Expo + RN), the database layer (Supabase + Postgres + RLS), the SDLC runbook by stage from ideation to V1 hardening.

Part 6 is the operating system you actually run day-to-day. Vibe coding failure case studies (the receipts), compliance and governance, the Notion workspace template, feature spec templates, launch checklists, daily and weekly loops.

Subscribe to AI in Living Color below if you want each part dropped into your inbox as it ships.


This is Part 4 of “The Principal Engineer’s Agentic Coding Bible,” v3.0, originally drafted March 2026, now publishing in pieces through 2026 in my actual voice. Built in public.