Skip Navigation

Scott Spence

Guardrails, Observability and Team Mode - June 2026

June was a guardrails month. Publicly, that meant one long post about stopping LLMs from drifting inside production codebases, a lot more my-pi work, and a few small updates across the usual tooling pile. Privately, it was more of the same theme: making AI-assisted work safer in real systems where a plausible shortcut can quietly become tomorrow’s architecture.

The bit that actually got me excited was getting agents to talk to each other. Same project, different project, whatever: separate Pi sessions can now discover each other, send messages, form groups, and coordinate work without me pretending one enormous prompt is a team.

The other bit I’m proud of is the harness maker. Instead of planning a risky task out in a pile of .md files and hoping the agent follows it, my-pi can now create the actual task harness for the feature: contract, allowed paths, forbidden commands, validation, status, logs, and outcome artefacts included.

Production Guardrails

The main post this month was:

That one came directly from client work. I’ve been using AI coding tools every day on large private production codebases, including a finance workflow processing more than $20m a month in capital. When a system has audit trails, permissions, generated documents, calculations, operational handoffs, and real users depending on it, “prompt harder” is not an engineering system.

The useful bit is putting pressure in the repo where the model has to hit it:

  • block bad writes before they land
  • turn repeated review comments into lint rules
  • enforce project boundaries with boring scripts
  • make source-of-truth docs searchable and citable
  • use skills as narrow playbooks, not motivational posters
  • make handoff checks stop fake “done” summaries

The post uses Svelte examples because that is where a lot of my work is, especially the old favourite of agents reaching for $effect when what they actually need is derived state, an event handler, an action, or lifecycle code. But the pattern is not Svelte-specific. Swap $effect for direct database imports, broad cache invalidation, generated file edits, unsafe server/client boundaries, or whatever keeps coming back in review.

The line I keep coming back to is this: when a review comment repeats three times, consider making it a rule.

Not every rule needs to block on day one. Some should start as warnings. Some should be advisories. Some will be annoying and need allowlists. That is fine. The point is to stop every new agent session from rediscovering the same boundary by breaking it.

my-pi

my-pi kept absorbing those lessons too. The repo moved a lot this month, and it is increasingly less “my local wrapper around Pi” and more “the actual workbench I want to live in”.

The biggest public bits were observability, team coordination, and a new harness runtime.

pi-observability got a proper web dashboard, then several rounds of refinement. It now gives me a local view of sessions, timelines, event drawers, payload summaries, trace details, active sessions, costs, token usage, and enough context to answer the only question that matters when an agent goes sideways: what happened, which tool caused it, and how did it recover?

This is one of those features that sounds like a toy until you are halfway through a messy run and need receipts. The terminal scrollback is not a system of record. A local SQLite-backed dashboard is much closer.

Team mode got the update that made me grin the most. The new peer session coordination work lets independently running Pi sessions discover each other, send mailbox messages, form groups, wait on replies, and work across sessions or even across projects. I made a quick video of that here: agents talking to each other in my-pi.

That is the direction I want for local agent orchestration: not one giant prompt pretending to be a team, but separate sessions with identities, tasks, messages, and traceable handoffs.

There is also a new pi-harness runtime. The idea is simple: for ambiguous or risky work, do not just make a plan in Markdown and hope for the best. Create the harness for the feature. Give it a machine-readable contract, validation commands, allowed paths, forbidden commands, logs, status, and outcome artefacts. The agent can work inside the harness, update status as it goes, and leave behind something reviewable instead of just saying “done”.

Very normal behaviour, obviously.

A few other my-pi bits shipped too:

  • built-in Umans provider support
  • configurable OpenRouter Fusion defaults
  • session naming fixes and kebab-case session names
  • package/module refactors to remove architecture boundary advisories
  • more observability dashboard polish
  • better team spawn model selection
  • peer coordination identity and database migrations
  • image optimisation and README/package preview tidy-up

I also added my-pi to the site portfolio because at this point it is not just an experiment. It is how I work.

Open Source Bits

A few smaller tools moved as well.

nopeek picked up a run command and shell output mode for child-process secret injection workflows. The persistence messaging is clearer now too, so it is less ambiguous when a loaded key is available to later commands and when a session cannot inject environment variables directly.

That project continues to exist because I do not want secrets in model context. The model can know $DATABASE_URL exists. It does not need to know the value. Still the whole pitch.

mcpick got an OpenCode config serialisation fix so local, remote, environment, and profile writes match the expected schema. It also had a bit of cleanup around dynamic imports and the usual version bump conveyor belt.

wiki0 had a smaller public month after the initial May burst. The useful updates were around configurable wiki content directories, web production build fixes, graph checks, and a note about the browser-first web app direction. Still early, still useful, still very much part of the same local-first project memory thread.

The skills repo had SvelteKit updates too, including recent config changes and the remote functions query.live pattern. That is another quiet-but-important bit of the whole setup: if the skill is stale, the agent is stale. The docs and playbooks need maintenance just like code.

There was also the usual dependency treadmill across the site and the tooling repos: SvelteKit, Svelte, pnpm, Vitest, Playwright, Tailwind, Node, and friends. Glamorous? No. Necessary? Unfortunately, yes.

Blog Posts

One post this month:

It is long, practical, and probably the clearest summary so far of how I think about AI coding in real codebases: not magic, not doom, just engineering pressure applied in the right places.

Fin

So yeah, June was less launch noise and more infrastructure for the way I actually want to work. Guardrails in production codebases, observability for agent sessions, peer coordination for multiple sessions, and a harness that makes risky work more reviewable.

The theme is pretty obvious: keep the useful speed, remove as much fake confidence as possible.

If you want to poke around, the repos and post are linked above, or come say hi on Bluesky. Thanks for reading!

Copyright © 2017 - 2026 - All rights reserved Scott Spence