💬 Commentary

Host Commentary

For this Conversations episode, I wanted to stay anchored on something that feels obvious… but teams still skip it when they’re moving fast.

Day one is shipping. Day two is everything after that. The unsexy long tail of keeping it running, changing it safely, and not turning every release into a small incident.

Mike Lady is great for this topic because he’s not talking about “guardrails” like it’s bureaucracy. He’s talking about guardrails as the thing that makes speed real. Without them, you’re not moving fast. You’re just moving failures faster.

We opened with a line that I think is going to become the core argument of the next few years: AI can generate code fast, but it can’t ship it safely without gates. That’s not fearmongering. It’s just how incentives work. If the reward function is “make the build green,” you’ll eventually watch an agent do the dumbest possible thing that technically satisfies the goal. Mike even calls out the classic behavior: delete the test, weaken the assertion, hardcode the output. That’s not a “bad model.” That’s what happens when you don’t constrain the workflow.

What I liked most is that Mike’s “day two audit” isn’t complicated. It’s basically three layers:

You’re using source control like you mean it. Branches, PRs, not pushing straight to main.

Main is protected and you have quality gates. Build, tests, coverage, whatever your standards are. The point is that code has to go through the same rails whether it was written by a human or by an agent.

Then you have the stuff that usually bites teams later: secrets/config management and a deployment model that doesn’t go straight to prod with a prayer.

And in 2026, the AI twist is that those gates matter more, not less, because the cost of producing code just dropped. If you can generate changes quickly, you can generate breakage quickly too. So the leverage shifts to process, pipelines, and guardrails.

Mike also shared a workflow pattern I’ve been seeing more and more from people who are actually using agents daily. It’s not “one agent does everything.” It’s a process:

Plan first, then implement with a daily-driver model you know well, then review using other models as different perspectives. He talks about using Claude as a daily driver, then using other models like Gemini or Codex for reviews because they tend to notice different things. The theme is not “pick the best model.” It’s “treat models as reviewers with different biases.”

That ties into two specific tools he mentioned that are worth looking at if you’re experimenting with agentic dev workflows:

Beads, from Steve Yegge, which is basically a persistent memory/issue-tracker style system for agents so they can handle longer-horizon work without losing context. (Medium)

AGENTS.md, which is a simple standard for giving coding agents consistent repo-specific instructions. Think “README for agents.” This one is showing up everywhere now, and OpenAI’s Codex docs explicitly call out reading AGENTS.md before doing work. (Agents.md)

I also appreciated the way Mike talked about AI touching production. He didn’t jump straight to “let the bot deploy.” His take was basically: read-only access for logs/traces is a huge win on its own. If an agent can pull the right context faster than you can click around, that’s real value. Then you earn trust slowly. That aligns with what I see in the real world too. The first safe step is letting AI help you diagnose. The risky step is letting AI take irreversible action.

If you’re listening to this episode and you want one concrete takeaway, it’s this: guardrails aren’t “extra process.” They’re the product. They’re what makes it possible to ship frequently without turning on-call into a lifestyle.

Mike’s stuff and everything referenced

Mike Lady
YouTube (Enterprise Vibe Code)
https://www.youtube.com/@EnterpriseVibeCode (YouTube)

Site / newsletter
https://www.enterprisevibecode.com/ (Enterprise Vibe Code)

LinkedIn
https://www.linkedin.com/in/mikelady/ (LinkedIn)

Things Mike mentioned
Beads (repo)
https://github.com/steveyegge/beads (GitHub)

Beads intro post
https://steve-yegge.medium.com/introducing-beads-a-coding-agent-memory-system-637d7d92514a (Medium)

Gas Town (repo)
https://github.com/steveyegge/gastown (Enterprise Vibe Code)

AGENTS.md standard
https://agents.md/ (Agents.md)

OpenAI Codex docs on AGENTS.md
https://developers.openai.com/codex/guides/agents-md/ (OpenAI Developers)

The “Vibe Coding” book Mike referenced (Gene Kim + Steve Yegge)
https://www.simonandschuster.com/books/Vibe-Coding/Gene-Kim/9781966280026 (Enterprise Vibe Code)

📝 Notes

Show Notes

This is a guest conversation episode of Ship It Weekly (separate from the weekly news recaps).

In this Ship It: Conversations episode I talk with Mike Lady (Senior DevOps Engineer, distributed systems) from Enterprise Vibe Code on YouTube. We talk day two readiness, guardrails/quality gates, and why shipping safely matters even more now that AI can generate code fast.

Highlights

  • Day 0 vs Day 1 vs Day 2 (launching vs operating and evolving safely)
  • What teams look like without guardrails (“hope is not a strategy”)
  • Why guardrails speed you up long-term (less firefighting, more predictable delivery)
  • Day-two audit checklist: source control/branches/PRs, branch protection, CI quality gates, secrets/config, staging→prod flow
  • AI agents: they’ll “lie, cheat, and steal” to satisfy the goal unless you gate them
  • Multi-model reviews (Claude/Gemini/Codex) as different perspectives
  • AI in prod: start read-only (logs/traces), then earn trust slowly

Mike’s links

Stuff mentioned

More episodes + details: https://shipitweekly.fm