- AI
- tooling
- SDLC
- Claude-Code
- context-window
Guardrails Aren't a Cage. They're How AI Ships.
AI doesn't fail loudly. It drifts. The problem isn't the model. It's skipping the guardrails that let AI actually finish.
Two engineers open the same AI assistant on a Tuesday morning. By Friday, one has shipped a working feature behind a green pipeline. The other is rolling back a change that passed every check the AI claimed to run, but broke something nobody thought to verify.
Same tool. Same model. Wildly different outcome.
The difference is not talent. The difference is guardrails.
The reason AI keeps drifting or breaking things is almost never the model. It’s that most operators skip the guardrails that define what the project values, what counts as done, and what the AI is not allowed to touch.
Sparring is not leading
Watch a frustrated dev work with AI for an hour and you will see the same shape every time. They ask. The AI answers. They push back. The AI rewrites. They push back again. By the end they have a wall of conversation, three half-finished suggestions, and no decision they actually own.
That is not collaboration. That is sparring.
The reader who recognises themselves here is not lazy and not bad at prompting. They are running the wrong mental model. They are talking to AI the way they would talk to a senior coworker, exchanging opinions, riffing, expecting the other side to converge on an outcome with them. AI does not converge with you. It optimises for the next token. If you don’t lead it toward a defined outcome, it will happily produce one that sounds plausible and goes nowhere.
Trust evaporates here. Not because the AI is wrong, but because nobody was in charge of being right.
The change that broke the project nobody noticed
Here is the second shape, and it shows up after the sparring stops and real changes start landing.
The AI makes a change. The tests run. The build is green. The PR opens. Three weeks later a different feature breaks, and the trace leads back to that change. The thing the AI touched was correct in isolation. It violated an invariant somewhere else in the codebase that nobody, operator or model, thought to check.
This happens because most projects do not have enough guardrails to verify the project still works as a whole after a focused change. They have unit tests for the file that changed. They do not have a gate that says “this change touches the payment flow, run the contract test against the billing service before declaring done”.
The AI did exactly what it was told. The setup didn’t tell it enough.
The missing briefing
Almost every AI session I see starts the same way: cold. The operator opens a chat or a CLI and types the task. No context on the project’s invariants, no map of the surface area, no statement of what counts as done, no list of things the AI is forbidden to touch.
A human joining the team would get a week of onboarding, a Confluence page, a buddy. The AI gets a sentence.
Then we are surprised when the output is generic.
The briefing is not optional. It is the first guardrail. In Claude Code it lives in CLAUDE.md and skill definitions. In other tools it lives wherever the operator drops standing instructions. The mechanism is less important than the principle: the AI cannot infer your project; you must declare it.
Quality gates that mean something
Some teams have figured out that they need quality gates and have added them. Most of those gates are still useless.
A useful quality gate has two things the typical gate doesn’t:
| What a useful gate declares | What most gates declare |
|---|---|
| What to verify (the specific behaviour, file, contract, invariant) | “run the tests” |
| How important the check is (block-on-fail vs warn vs informational) | implicit, mixed in with everything else |
Without the what, the AI runs whatever it thinks “tests” means in this repo and stops. Without the how important, the AI cannot decide whether a flaky check is worth re-running or worth halting the pipeline.
A gate that says “verify the OpenAPI schema still matches the implementation, block if mismatched, this is a contract” is a guardrail. A gate that says “run npm test” is decoration.
A crew, not a coworker
Now the reframe.
AI is not a human brain. It is not even one brain. Treating it like a coworker is the root error that produces every symptom above: the sparring, the missing briefing, the gates that mean nothing. You are not pairing with a peer. You are running a crew of narrow specialists.
Each session is one specialist. It is small. Its context window is finite, even 200K tokens fills up faster than you think on a real codebase. Inside that window the specialist is sharp, fast, and restless: it does not get tired, it does not get bored, it executes what it is told within the scope it is given. Outside that window it knows nothing.
Alone, no single specialist is enough. The trick is that you can dispatch many of them. Claude Code has subagents precisely for this: each one runs in its own isolated context, with its own system prompt and tool access, doing one job and reporting back. I wrote about the parallel-execution side of this in Branches Were Built for One of You. Agents Aren’t..
The crew works because each member is narrow and the operator is the one who knows how the pieces fit. The operator writes the briefing. The operator sets the gates. The operator dispatches the right specialist to the right scope. The operator integrates the outputs.
This is not pair programming. This is being a foreman.
Guardrails aren’t a cage
Here is the turn.
The dev who keeps adding guardrails feels like they are slowing themselves down. They are writing CLAUDE.md. They are defining skills. They are writing a quality-gate matrix. They are dispatching subagents instead of just asking the main one. From the outside it looks like overhead.
It is not overhead. It is the only setup that lets the AI actually finish.
Guardrails are not constraints on AI. They are the only way AI can succeed. Without a briefing the AI has no idea what your project values. Without a scoped task it sprawls. Without gates it cannot tell when it is done. Without subagents it runs out of context. Every guardrail is a precondition for a useful answer, not a tax on getting one.
The operators who feel productive with AI are not the ones who got lucky with prompts. They are the ones who built the cage that lets the crew run safely inside it.
What this looks like on Monday
Concrete shift, in order:
- Write the briefing. A
CLAUDE.md(or equivalent) at the project root. Invariants, surface map, what’s off-limits, what “done” means. One afternoon of work; pays back forever. - Define your quality gates with both fields. Every gate: what to verify, how important. Block-on-fail vs warn vs informational. If a gate cannot answer both, it is decoration. Delete it or rewrite it.
- Stop sparring. Start dispatching. When a task is more than one focused step, break it down and send each step to its own scoped session. Treat the main session as the foreman, not the worker.
- Verify after every AI change against the system, not the file. Run the contract tests. Run the integration smoke. The unit test passing means the change is internally consistent. It doesn’t mean the system still works.
None of this is exotic. None of it requires new tools. It requires accepting that the AI is not a coworker and adjusting the setup accordingly.
What changed
The conversation with yourself should change shape. Not “is the AI good enough yet”. The AI was always going to be a narrow, context-limited, restless worker. The question is whether your setup is good enough to use one.
Build the briefing. Build the gates. Run the crew.
The trust comes back the moment you stop expecting AI to be something it isn’t, and start being the operator it actually needs.
If you’re running AI assistants daily and the output keeps drifting, breaking, or missing the point, the fix is usually upstream of the prompt. That’s the kind of setup work we do at sky4me. Let’s talk.