Skip to content
Tezbyte
← All insights

How we use AI coding agents without sacrificing code review

"AI-accelerated development" is on every agency's homepage now, including ours. The difference worth asking about is what the workflow actually looks like — because the same tools that make a senior team 3x faster make an unsupervised team 3x faster at shipping bugs.

Here's ours, concretely.

The tools

We use Claude Code for agentic work — multi-file changes, migrations, test generation, refactors — and Cursor for in-editor iteration. Both, not one: agent-driven work suits well-specified tasks; editor-level assistance suits exploratory ones. We've taught these tools to thousands of students, which forced us to develop opinions about where they fail.

The workflow, step by step

1. Humans write the spec, not the prompt

Every task starts as a written spec: the data model change, the API contract, the acceptance criteria, the edge cases we already know about. This existed before AI — the change is that a good spec is now directly executable. A vague spec used to produce a slow bad outcome; now it produces a fast bad outcome. The spec is where the engineering happens.

2. Agents work inside guardrails

Each repo carries an agent configuration file: architectural conventions, forbidden patterns, how errors and auth are handled, which modules are load-bearing. The agent reads it before writing code. This is the difference between an agent that produces code in your codebase's style and one that produces plausible-looking code from nowhere in particular.

3. Small, reviewable increments

The single biggest failure mode with coding agents is the 4,000-line pull request that "works." Nobody reviews 4,000 lines; they skim them. We cap agent tasks at what fits in one honest review — typically a few hundred lines. If a task can't be decomposed that small, that's a design problem, and a human solves it first.

4. Every line gets a human review — the same review

AI-written code goes through exactly the pipeline human-written code does: pull request, CI (types, lint, tests), and a senior engineer reading the diff. Not "AI review of AI code." A person, accountable by name in the git history, approves every merge.

We also know where agent-written code tends to fail, so review effort concentrates there: silently swallowed errors, plausible-but-wrong edge-case handling, subtle N+1 queries, tests that assert the code does what the code does rather than what it should do.

5. Tests are written adversarially

We use agents to generate test suites — they're excellent at coverage grunt work. But acceptance tests come from the spec, written before the implementation, so the tests check the requirement, not the implementation. Letting the same agent write both the code and its definition of correctness defeats the point.

What stays human, permanently

  • Architecture and data modeling. The schema decisions that are expensive to reverse. An agent will happily build on a wrong foundation faster than ever.
  • Security-sensitive surfaces. Auth flows, payment handling, anything touching tenant isolation, secrets, permissions. Agent drafts allowed; human line-by-line ownership required.
  • API contracts and third-party integration design. These outlive the code that implements them.
  • Saying no. The most valuable engineering act is still cutting scope, and no agent volunteers for it.

What this means for you as a client

Honest numbers: this workflow roughly cuts our build time in half or better on well-specified work — it's why our fixed prices are what they are. It does not mean fewer senior engineers touched your code; it means their hours moved from typing to specifying and reviewing, which is where they were always most valuable.

When you're evaluating any agency that claims AI acceleration, ask one question: "Show me a pull request." The team with real discipline can show you a small, spec-linked, human-reviewed diff in thirty seconds. The team without one will show you a slide.


If you're scoping something like this, book a 30-minute call — we'll walk you through the workflow on real code and give you a straight answer.