Twitter AI Coding - 2026-07-13¶
1. What People Are Talking About¶
1.1 Orchestration moved from agent talk to shipped control surfaces (🡕)¶
July 13's loudest cluster was about operating multiple agents instead of choosing one favorite model. Google pushed Antigravity's new Agent Teams, GitHub published quantified subagent reliability gains in Copilot CLI, and practitioners showed scheduled and remote-controlled runs as the next layer of work. The conversation sounded operational: how to keep agent runs alive, reviewable, and cheap enough to keep using.
@testingcatalog highlighted (129 likes, 8 replies, 10,229 views, 15 bookmarks) that Antigravity now supports /teamwork-preview, and the quoted official Antigravity post said the spawned team will plan, build, and verify complex tasks in parallel. The screenshot mattered because it showed this as a first-class command inside the product, not just a conceptual demo.

@github reported (125 likes, 29 replies, 24,700 views, 22 bookmarks) that smarter subagent delegation in Copilot CLI cut tool failures 23%, search failures 27%, and edit failures 18% with no quality regression. The accompanying table also claimed 5% lower P95 wait time, which made this one of the few public posts giving exact before/after harness metrics.

@iiiichigo_chan said (25 likes, 7 replies, 928 views, 17 bookmarks) GitHub Agentic Workflows lets Claude Code, Codex, or Copilot take a "night shift" by turning a markdown workflow into a standing GitHub Actions job for bug triage, flaky tests, release notes, or dependency updates. Later, @jfversluis showed (1 like, 1 reply, 248 views) Copilot CLI's --remote flow continuing from web and phone when approvals or branch-policy decisions are needed.

Discussion insight: The replies did not reject orchestration. They kept stressing operational constraints. @spboyer argued (10 likes, 549 views, 6 bookmarks) that every handoff adds coordination cost, more tool calls, and more chances to drift, while replies under the Antigravity and gh-aw posts focused on rate limits and durable state between scheduled runs.
Comparison to prior day: July 12 was mostly about portability layers and bridge plugins. July 13 was about control surfaces for actually running multi-agent work.
1.2 Trust boundaries became concrete incidents, not architecture slogans (🡕)¶
The strongest security discussion came from posts that named specific failure modes: concealed symlink targets, silent repo uploads, and vendor-controlled memory surfaces. The tone was more operational than theoretical. People were less interested in abstract safety claims than in what exactly gets written, uploaded, or retained.
@mardehaym argued (98 likes, 12 replies, 28,846 views, 101 bookmarks) that Satya Nadella's "pay for AI twice" essay correctly described institutional knowledge leakage but still pointed customers back at Microsoft's own stack as the answer. The sharpest reply in that thread said corrections should land in versioned files the team owns because "the model visits our memory. It doesn't keep it," which turned the trust-boundary argument into a concrete design rule.
@cloudsa summarized (5 likes, 2 replies, 386 views, 2 bookmarks) Wiz's GhostApproval disclosure, which said Amazon Q Developer, Claude Code, Augment, Cursor, Google Antigravity, and Windsurf could be tricked via symlinks into writing outside the workspace while the approval prompt hid the real target. Wiz said AWS, Cursor, and Google fixed the issue promptly, while the remaining vendor responses were weaker or incomplete.
@mardehaym warned (5 likes, 5 replies, 4,110 views) that Grok Build 0.2.93 uploaded full tracked repositories and git history to a Google Cloud bucket even when the user had disabled "Improve the model." cereblab's wire-level analysis documented POST /v1/storage, a grok-code-session-traces bucket path, and a 12 GB test repo that transferred 5.10 GiB while the prompt explicitly said not to read files.
Discussion insight: The common answer was not "avoid agents." It was "route them through something you control": versioned memory files, explicit approval tiers, and proxies that can confirm whether a privacy toggle or permission boundary is real.
Comparison to prior day: July 12's trust debate centered on who owns the memory layer. July 13 added public exploit and exfiltration evidence that made the boundary problem concrete.
1.3 Token burn is now being diagnosed at the harness layer (🡕)¶
The usage story stayed hot, but it got more specific. People were now comparing context caps, first-turn payload size, and harness-specific issue throughput instead of only complaining about vague limits. The conversation shifted from "I ran out" to "what exactly inside this harness burned the budget?"
@hqmank said (67 likes, 3 replies, 6,034 views) OpenAI had confirmed that GPT-5.6 Sol's 372K context rollout caused higher-than-intended usage and had been rolled back to 272K. @kunchenguid turned that into a config tip (28 likes, 6 replies, 5,192 views, 17 bookmarks): if a non-Codex harness still sets GPT-5.6 to 372K, lower it to 272K to stop losing quota unnecessarily.
@TateBerenbaum shared (5 likes, 1 reply, 164 views, 2 bookmarks) a calibration chart for a 22-character task that estimated Claude Code's first-turn payload at roughly 32,800 tokens versus roughly 6,900 for OpenCode, with most of the gap attributed to system prompt, tool schemas, and first-message scaffolding.

@BradGroux said (2 likes, 3 replies, 547 views) GitHub Copilot App via Foundry was "like pulling teeth" on backlog issues compared with Codex /goal, and the screenshot he attached showed the app itself admitting excessive orchestration, duplicate sessions, and stale state. @Layton_Gott argued (3 likes, 3 replies, 109 views) that "zero-limit" agent setups still need six explicit caps: spend, time, retries, tool access, stop conditions, and escalation rules.
Discussion insight: The workaround pattern was concrete: change the context window, cap spend per session, approve plans instead of every safe read, and trim tool surfaces so the harness carries less fixed cost.
Comparison to prior day: July 12 focused on pooled usage and unexpected bills. July 13 added context rollback evidence, first-turn overhead charts, and explicit control policies.
1.4 Skills, specs, and prompt corpora are turning into reusable products (🡕)¶
Another cluster treated the workflow layer itself as the product. Instead of shipping yet another raw agent, builders shipped skill packs, spec kits, prompt corpora, and integration guides that make existing agents more repeatable. People increasingly sounded like operators curating process assets, not just choosing models.
@Granite0x pointed to (11 likes, 2 replies, 525 views, 12 bookmarks) Addy Osmani's agent-skills, whose repo and screenshot showed 24 production skills, 8 slash commands, and 77,991 GitHub stars around a define → plan → build → verify → review → ship lifecycle. @crptAtlas framed (9 likes, 4 replies, 2,049 views, 5 bookmarks) GitHub's spec-kit as an antidote to vibe-coded drift; at review time the repo had 120,694 stars and described specifications as executable artifacts rather than disposable scaffolding.

@Chinazhidx highlighted (14 likes, 2 replies, 681 views, 7 bookmarks) awesome-deepseek-agent, a 4,677-star guide pack for wiring DeepSeek into Claude Code, Codex, GitHub Copilot, GitHub Copilot CLI, and more. @Suryanshti777 said (14 likes, 4 replies, 1,118 views, 13 bookmarks) system_prompts_leaks had already crossed 57,000 stars by cataloguing the hidden instruction files behind GPT-5.6, Codex, Claude, Gemini, Copilot, Grok, and others.
Discussion insight: The tone here was less about model tribalism and more about reusable operating procedure. People wanted artifacts they could install, inspect, and carry forward.
Comparison to prior day: July 12 had bridges and marketplace-style guides. July 13 broadened that instinct into full skill suites, spec toolkits, and public prompt corpora.
2. What Frustrates People¶
Approval prompts, privacy toggles, and rollout defaults that do not tell the whole truth¶
Severity: High. The sharpest frustration was not bad code generation. It was loss of control over what the agent is really doing. @cloudsa pointed (5 likes, 2 replies, 386 views, 2 bookmarks) to Wiz's GhostApproval disclosure, where six coding assistants could be tricked into writing outside the workspace while the approval prompt hid the real file target. @mardehaym then amplified (5 likes, 5 replies, 4,110 views, 3 bookmarks) Grok Build's full-repo upload problem, and cereblab's public wire analysis documented the storage upload path and byte counts. Even outside explicit security incidents, @QuinnyPig complained (26 likes, 2,588 views, 4 bookmarks) that the GitHub Copilot app was being turned on by default across an organization with opt-out instructions buried deep in the vendor email. The coping pattern was consistent: route agents through a proxy you control, keep memory in versioned files you own, and separate harmless read approvals from anything that touches the outside world. This is worth building for because the need is security-critical and already backed by concrete public failures.
Harness overhead and context settings still create bill shock¶
Severity: High. The usage pain did not disappear after OpenAI rolled GPT-5.6 Sol back from 372K to 272K context. @hqmank showed (67 likes, 3 replies, 6,034 views, 4 bookmarks) that people were still debugging context-window billing, while @kunchenguid turned it into a config fix (28 likes, 6 replies, 5,192 views, 17 bookmarks). @TateBerenbaum produced (5 likes, 1 reply, 164 views, 2 bookmarks) an overhead chart suggesting the harness itself can burn most of the first turn before the task even starts. @BradGroux described (2 likes, 3 replies, 547 views, 1 bookmark) Copilot App issue-backlog work as "pulling teeth," and @Layton_Gott argued (3 likes, 3 replies, 109 views, 2 bookmarks) that autonomous tasks need hard caps on spend, time, retries, tool access, stop conditions, and escalation. The workaround is to shrink context, trim tool surfaces, approve plans instead of every safe read, and enforce budget ceilings per task. This is worth building for because the pain is frequent, operational, and measurable.
Multi-agent setups still trade speed for state drift¶
Severity: Medium. The same people excited about agent teams were also quick to point out the coordination tax. @spboyer said (10 likes, 549 views, 6 bookmarks) subagents are not free because every handoff adds more tool calls and more drift risk, and a reply under @iiiichigo_chan highlighted (25 likes, 7 replies, 928 views, 17 bookmarks) that the hard part of scheduled runs is not the cron trigger but durable memory and a diff against the last run. @jfversluis showed (1 like, 1 reply, 248 views, 1 bookmark) why remote supervision helps: long-running runs still surface branch-policy, merge, and approval decisions that need a human. This is worth building for because orchestration is clearly useful, but users want state continuity and lower coordination cost, not just more agents.
Many teams still need help deciding not to use an agent¶
Severity: Medium. @AiswaryaVenkit1 paraphrased (27 likes, 5 replies, 300 views, 8 bookmarks) Microsoft's Cloud Adoption Framework into a blunt rule set: if the work is structured, predictable, or already solved by an existing copilot, skip custom agents and stay with simpler tooling; only move to multi-agent when security boundaries, multiple teams, or serious scale justify it. The strongest reply in that thread was even shorter: the correct answer is "no" more often than people want it to be. This is worth building for as decision support or architecture review, because the current market mostly sells how to add more agentic behavior, not how to refuse it.
3. What People Wish Existed¶
One auditable control plane for spend, permissions, and data egress¶
The clearest practical wish was one place to see what the agent can spend, what it can touch, and what it is actually sending out. @Layton_Gott explicitly listed (3 likes, 3 replies, 109 views, 2 bookmarks) the missing controls — max spend, max time, max retries, tool scope, stop conditions, and escalation rules — while @hqmank showed (67 likes, 3 replies, 6,034 views, 4 bookmarks), @kunchenguid showed (28 likes, 6 replies, 5,192 views, 17 bookmarks), and @TateBerenbaum showed (5 likes, 1 reply, 164 views, 2 bookmarks) how opaque settings and fixed overheads still translate into surprise burn. GhostApproval and the Grok Build upload incident sharpened the same need from the security side: people want a control plane that can confirm what files, prompts, and bundles actually crossed the boundary. Partial answers exist in spend caps, proxies, and per-tool approvals, but the demand is clearly broader than any one feature. Opportunity: Direct.
Workflow kits that survive engine switching and session resets¶
People repeatedly asked for the same thing in different forms: keep the workflow, swap the engine if needed. GitHub Agentic Workflows turns markdown into standing GitHub Actions jobs, agent-skills packages a reusable engineering lifecycle for 70+ agents, awesome-deepseek-agent ships setup guides across multiple hosts, and @sairahul1 described (11 likes, 1 reply, 1,862 views, 11 bookmarks) using the official Codex plugin for Claude Code to keep one interface while swapping the execution model underneath. The need is practical, not emotional: users do not want to rebuild their operating procedure every time the preferred agent changes. Opportunity: Competitive.
Safer runtimes with truthful approvals and owned memory¶
The public evidence today made the safety wish unusually concrete. Wiz's GhostApproval disclosure described approval dialogs that concealed the real file target, while cereblab's Grok Build analysis documented whole-repo uploads that kept running even when a privacy toggle was disabled. In parallel, @mardehaym argued (98 likes, 12 replies, 28,846 views, 101 bookmarks) and replies in that thread argued that corrections, logs, and reusable memory should stay in versioned assets the team owns. That means the wish is not just for a more accurate model. It is for a runtime whose file boundaries, approval prompts, and memory ownership are inspectable and enforceable. Opportunity: Direct.
Lower-overhead harnesses and smarter model routing¶
The overhead comparison between Claude Code and OpenCode, the GPT-5.6 context rollback, and the interest in routing Claude Code through local proxies or running Codex on open models all pointed to the same need: users want the same workflow with less fixed cost and more flexible routing. @TateBerenbaum quantified (5 likes, 1 reply, 164 views, 2 bookmarks) prompt-and-tool overhead, @RedHat_AI showed (10 likes, 2 replies, 493 views, 2 bookmarks) interest in a vLLM Agentic API bridge for open models, and the OpenAI Codex Claude Code Proxy repo shows one way people are already trying to decouple interface from provider. This is partly a cost wish and partly a control wish. Opportunity: Competitive.
A pre-build check that tells teams when an agent is warranted at all¶
@AiswaryaVenkit1 surfaced (27 likes, 5 replies, 300 views, 8 bookmarks) a need that most agent tooling still ignores: an explicit step that tells teams when they should stay with a conventional SaaS tool, a script, or a simpler single-agent path. The current market spends much more energy on adding orchestration than on preventing overengineering. That makes this need practical for enterprise buyers and also emotional for teams tired of feeling behind if they choose a simpler architecture. Opportunity: Direct.
4. Tools and Methods in Use¶
| Tool | Category | Sentiment | Strengths | Limitations |
|---|---|---|---|---|
| Google Antigravity | Coding agent platform | (+/-) | New teamwork-preview team orchestration, strong product momentum, broad agent-platform framing |
Users still ask for higher rate limits and stronger model capability |
| GitHub Copilot CLI | CLI coding agent | (+) | Publicly measured reliability gains, remote-control workflow from web/mobile, growing ops surface | Users still ask for clearer adoption/limit data and careful budget controls |
| GitHub Copilot app | App / extension platform | (+/-) | Can host domain extensions like JVM Pulse and surface issue/PR work in-app | Some users say backlog issue work is "pulling teeth," and org-wide defaults can surprise admins |
| GitHub Agentic Workflows | Scheduled orchestration | (+/-) | Natural-language markdown workflows running in GitHub Actions across multiple engines | Billing bug forced release retirements, and state across runs remains a hard problem |
| Codex / GPT-5.6 Sol | Model / coding agent | (+/-) | Strong execution reputation, official usage optimizations, easy delegation through plugins | 372K context rollout overcharged users, so routing and caps still need manual care |
| Claude Code | Harness | (+/-) | Large skill/plugin ecosystem and convenient shell workflow | One public overhead chart attributed a very large first-turn payload to prompt and tool scaffolding |
| OpenCode | Open-source coding agent | (+) | Lower fixed overhead in one public comparison and already used in issue-triage loops | Public issue chatter still mentions compaction-loop bugs in OpenCode 2.0 |
| Spec Kit | Spec-driven method | (+) | Makes specifications executable, reduces vague prompting, very strong repo adoption | Adds upfront process and a larger command surface |
| agent-skills | Skill pack | (+) | Packs senior-engineer workflow into reusable skills and slash commands across 70+ agents | Still needs curation and depends on host-agent behavior |
| Awesome DeepSeek Agent | Integration guide pack | (+) | Fast setup across Claude Code, Codex, GitHub Copilot, and GitHub Copilot CLI | Proves easier integration, not better output quality on its own |
| JVM Pulse | Copilot extension | (+) | Turns Java GC/JFR artifacts into a dashboard and Copilot recommendations | Java-specific and still extremely early stage |
Overall, sentiment was mixed-positive toward orchestration and workflow packaging, and much more skeptical toward defaults, hidden costs, and trust boundaries. The strongest praise went to tools that made agent behavior more visible or repeatable: delegation metrics, scheduled jobs, spec workflows, skill packs, and guide sets.
The workarounds were compositional. Keep the interface you like, then swap the execution layer or add control surfaces around it: use the Codex plugin for Claude Code for delegated work, route Claude Code through a local proxy when billing source matters, or follow @RedHat_AI for the vLLM Agentic API bridge demo (10 likes, 2 replies, 493 views, 2 bookmarks) when open models are the priority. Users also kept trimming context, tool lists, and approval scope to stop the harness itself from becoming the biggest source of friction.
Competitive dynamics looked combinatorial rather than winner-take-all. The same day produced team-orchestration features, remote-control features, guide packs, skill packs, spec kits, app extensions, open-model bridges, and scheduled workflow runners. That is a market where the workflow layer is still very much up for grabs.
5. What People Are Building¶
| Project | Who built it | What it does | Problem it solves | Stack | Stage | Links |
|---|---|---|---|---|---|---|
| GitHub Agentic Workflows | GitHub | Runs natural-language markdown workflows on schedule in GitHub Actions | Repeating the same repo chores and restating context every run | Go, GitHub Actions, markdown workflows, multi-engine support | Shipped | repo, post |
| agent-skills | Addy Osmani | Production-grade skill pack with 24 skills and 8 slash commands for AI coding agents | Teams need repeatable engineering process instead of ad-hoc prompting | JavaScript repo, markdown skills, slash-command configs, Claude Code plugin | Shipped | repo, post |
| Spec Kit | GitHub | Spec-driven toolkit that turns specifications into executable implementation workflows | Vague requests and unpredictable vibe-coded edits | Python, Specify CLI, agent integrations, executable specs | Shipped | repo, post |
| Codex plugin for Claude Code | OpenAI | Adds /codex:review, /codex:rescue, and background-job management inside Claude Code |
Using Codex reviews or execution without leaving Claude Code | JavaScript, Node.js, Claude Code plugin, Codex app server | Shipped | repo, post |
| Awesome DeepSeek Agent | DeepSeek AI | Guide pack for wiring DeepSeek into many assistants | Provider-switching setup friction | Markdown docs, DeepSeek-V4-Pro/V4-Flash configs, multi-client guides | Shipped | repo, post |
| JVM Pulse | brunoborges | Copilot canvas extension that profiles GC + JFR and recommends JVM tuning | Java performance analysis usually lives outside the coding agent workflow | JavaScript canvas extension, GCToolkit, JDK jfr CLI, jbang |
Alpha | repo, post |
| System Prompts Leaks | asgeirtj | Public corpus of system prompts across major assistants | Builders want to inspect why assistants behave the way they do | JavaScript repo, CC0 docs corpus | Shipped | repo, post |
| OpenAI Codex Claude Code Proxy | MikeChongCan | Local proxy launchers that let Claude Code talk to GPT models through OpenAI/Codex OAuth or Azure OpenAI | Keep the Claude Code workflow while changing model provider and billing source | Python, CLIProxyAPI, local Anthropic-compatible proxy, GPT-5.6 routing | Alpha | repo, post |
The strongest build pattern was workflow packaging. GitHub Agentic Workflows, agent-skills, Spec Kit, codex-plugin-cc, and awesome-deepseek-agent all assume the workflow will outlive the current favorite model or host. One turns recurring work into scheduled markdown jobs, another codifies senior-engineer habits, another makes specifications executable, another keeps Codex inside Claude Code, and another lowers provider-switching friction.

A second pattern was operator-facing extensions and routing layers. JVM Pulse uses GitHub Copilot to launch a Java workload, collect GC and JFR artifacts, and then summarize throughput, pause, allocation, and heap behavior inside a dashboard. The OpenAI Codex Claude Code Proxy takes the opposite angle: keep the Claude Code interface, but route it to GPT-5.6 Sol through a localhost proxy and choose whether billing lands on OpenAI/Codex OAuth or Azure OpenAI.

Other builder signals focused on making agent behavior inspectable. System Prompts Leaks treats system instructions as a public reference surface, while @thdxr showed (66 likes, 10 replies, 3,600 views) an issue channel where OpenCode pulls in good GitHub issues and tries to reproduce and fix them. @RedHat_AI highlighted (10 likes, 2 replies, 493 views) a vLLM Agentic API demo that keeps Codex-style web search and multi-turn state on open models, which suggests routing and observability may become a product category of their own.

6. New and Notable¶
A major coding-agent vendor published actual before-and-after harness metrics¶
@github did something unusual (125 likes, 29 replies, 24,700 views, 22 bookmarks): it published exact failure and wait-time deltas for Copilot CLI after changing subagent delegation logic. In a market that usually talks in demos and vibes, a table with 23% fewer tool failures, 27% fewer search failures, 18% fewer edit failures, and no quality regression was a real signal.
GhostApproval gave the approval-UX problem a name¶
Wiz's GhostApproval writeup turned a fuzzy fear into a specific vulnerability pattern: symlink following plus UI misrepresentation inside agent approval prompts. @cloudsa pulled that into the AI-coding feed (5 likes, 2 replies, 386 views), which mattered because it showed security research is now targeting the approval model itself, not only the model output.
Copilot-native extensions are getting domain-specific fast¶
@brunoborges introduced (9 likes, 3 replies, 501 views) JVM Pulse, a Copilot canvas extension that profiles Java GC and JFR telemetry and then asks Copilot to recommend optimizations. That is notable because it uses the coding agent as an interface for artifacts and tuning advice, not just as a code generator.
System prompts are turning into a public reference layer¶
@Suryanshti777 said (14 likes, 4 replies, 1,118 views, 13 bookmarks) that system_prompts_leaks had already crossed 57,000 stars, and the repository screenshot showed recent prompt entries for GPT-5.6, Codex, Claude, and GitHub Copilot for macOS. That is notable because the community increasingly treats hidden instructions as inspectable infrastructure, not vendor magic.
7. Where the Opportunities Are¶
[+++] Auditable agent governance planes — Evidence came from GhostApproval, the Grok Build upload incident, the 372K→272K rollback, the OpenCode-vs-Claude-Code overhead chart, and explicit calls for spend caps, tool scope, and escalation rules. This is strong because the pain spans security, cost, and operator control at the same time.
[+++] Workflow portability kits and orchestration layers — GitHub Agentic Workflows, agent-skills, Spec Kit, the Codex plugin for Claude Code, and awesome-deepseek-agent all solve the same problem: teams want workflows that survive engine changes, session resets, and host switching. This is strong because the signal spans official vendor projects, independent builders, and guide packs.
[++] Lower-overhead routing and model-switching infrastructure — TateBerenbaum's fixed-overhead chart, the Codex Claude Code Proxy repo, and the vLLM Agentic API bridge demo all point toward a layer that separates interface from provider while shrinking fixed cost. This is moderate because the need is clear, but the winning product shape is still emerging.
[++] Domain-specific agent extensions — JVM Pulse shows what happens when a coding agent becomes the front door for telemetry, analysis, and recommendations instead of pure code generation. This is moderate because the pattern is promising, but the public evidence is still early and niche.
[+] Agent/no-agent architecture advisors — The Microsoft decision-tree thread shows real appetite for tools that tell teams when not to add more agentic behavior. This is emerging because the need is credible, but few products market restraint as their primary feature.
8. Takeaways¶
- Orchestration is becoming a first-class product surface. Antigravity's
/teamwork-preview, Copilot CLI's delegation metrics, gh-aw's standing jobs, and Copilot CLI remote control all point to a layer above single-agent prompting. (source) - Trust-boundary concerns are now backed by concrete public failures. The day produced named approval-UX vulnerabilities, whole-repo upload evidence, and repeated calls for proxies and owned memory. (source)
- Usage pain is turning into harness engineering. The 372K rollback, the 272K workaround advice, and the fixed-overhead chart all focused on how the shell is configured, not just on model quality. (source)
- The workflow layer is now a product category of its own. Skill packs, spec kits, integration guides, and public system-prompt corpora are being treated as reusable infrastructure. (source)
- Builder energy is going into wrappers, extensions, and routing layers around agents. JVM Pulse, the Codex plugin for Claude Code, the Claude-Code-to-GPT proxy, and the vLLM bridge demo all extend or redirect existing agents rather than replacing them outright. (source)
- Mature teams are reintroducing architecture judgment before they scale automation. The strongest governance advice today was to test whether a task should be an agent at all, keep single-agent paths where possible, and approve plans at the right boundary. (source)