A visual journey through the new era of automation, platforms, agents, and developer compute.
Crushing Jira tickets with Copilot feels amazing. But writing code faster doesn't mean you ship 10x faster.
"The bottleneck was almost never your programming abilities or typing speed."
Writing code is maybe 20% of your day. The rest is...
Automation was valuable, but the ROI bar was high. It needed large scale and a long lifetime to justify the cost.
Too expensive to build
Manual processes calcify
"That's just how we do it"
The ROI bar has collapsed. AI can generate the workflow, write the action, and compose the pipeline.
"If a task can be automated, then choosing to automate it is almost always the better choice."
This is where it gets exponential, not linear.
Uses AI to build traditional tools: tests, linters, pipelines.
Runs thousands of times across dozens of repos automatically.
Keeps saving manual effort even when the AI is idle.
The question is no longer "is this worth automating?"
What should I automate first?
Look for highest frequency × highest toil tasks.
How do I make it trustworthy?
Implement proper testing, guardrails, and monitoring.
How do I scale across the org?
Build reusable workflows, templates, and innersource.
Stop using AI just to write features faster.
Start using AI to build the automation infrastructure that makes your entire team faster.
Actions is the execution layer — and it's purpose-built for the agentic era.
Read the full post →Things you use every day that are Actions under the hood.
Runs as a PR check via Actions. LLM + CodeQL analyze your PR.
Plans, codes, tests, opens PRs — all on GH-hosted runners.
Version updates, security alerts, auto-PRs — all via Actions.
Code scanning, secret scanning, security analysis — Actions workflows.
Dev environment prebuilds run on Actions for instant startup.
Site builds and deployments run as Actions workflows.
The same event triggers, runner infrastructure, and security model that powers GitHub's own features — all available to you.
"If you know how to write a workflow, you know how to orchestrate an AI agent."
One execution model
Workflows for CI/CD AND AI agents
One security model
Permissions, secrets, OIDC — same everywhere
One observability story
Logs, summaries, data streams — for CI and agents
Network effects
Every Actions improvement benefits CI AND AI automations
AI agents are non-deterministic. They generate different code each time. You need strong deterministic automation wrapped around them to catch what agents get wrong.
The better your CI/CD pipeline, the more autonomy you can give your agents.
Largest CI usage base = most training data. AI writes better Actions YAML than any other CI system.
Composable actions = black boxes with clear interfaces. Perfect for AI reasoning about inputs/outputs.
Call a pre-built action instead of inline script → save tokens AND reduce error surface. 20K+ marketplace blocks.
Per-repo permission model. Agents can experiment freely within safe boundaries. No global admin key.
AI agents run code they generate themselves. They install packages. They make API calls. They iterate.
On ephemeral GHRs, every agent run starts clean and ends clean. No persistence, no lateral movement.
Run AI agents triggered on any GitHub event. Safe, secure, and ephemeral.
Read the full post →From simple inference to full agent frameworks.
Single LLM call. Classify, summarize, label.
Assign issue → agent opens PR. Zero config.
Markdown-defined with built-in guardrails. The paved path.
Full autopilot with MCP tools. Any CI task.
Raw model APIs. Build your own agent framework.
GitHub Event
Issue labeled, PR opened, schedule fires
AI Agent
Plans, codes, tests on ephemeral runner
Pull Request
Code reviewed, tests pass, ready to merge
Human Review
No human in the loop until merge time
Auto-triage, label, assign, coordinate across projects.
Keep docs consistent, up-to-date, and auto-maintained.
Daily code simplification, refactoring, tech debt cleanup.
Daily reports, trend analysis, workflow health monitoring.
CI failure diagnosis, test improvements, flaky test detection.
Feature sync, cross-repo tracking, dependency coordination.
The prompt architecture that separates reliable agents from unreliable ones.
Read the full post →
"You don't have to build the engine.
You just have to build the guardrails."
You're not writing a traditional "prompt." You're writing a configuration file for an execution engine.
Define tools + finish line. Let the agent loop natively.
Use agent hooks to enforce with deterministic checks.
Write state to files. Crash-resistant. Context-window-safe.
Explicit tool whitelist. No rogue grep across workspace.
Define when to stop instead of bashing broken commands.
Prompts are suggestions. Hooks are enforcement.
The Stop hook fires when the agent tries to finish. Your script runs a deterministic check — does the file exist? Does it validate? If it fails, the agent gets told exactly what's missing.
The bridge between non-deterministic AI and deterministic automation.
{
"hooks": {
"Stop": [{
"type": "command",
"command": "./validate.sh"
}]
}
}
{
"decision": "block",
"reason": "output.md missing
enterprise_slug field"
}
When there's no human at the keyboard, everything changes.
Log + terminate. Never ask for input.
Check if work was already done first.
No browser SSO. Inject tokens before spin-up.
Max 10 tool calls. No $50 runaway loops at 3 AM.
JSON reasoning trail to audit.jsonl.
Your laptop is about to stop being where work happens.
Read the full post →Right now, you're running one agent in your IDE. But where this is going is many agents, working in parallel, each on a different task.
"What happens when you want 5 agents, each in its own isolated environment, each with scoped permissions?"
Each agent needs its own isolated workspace
Different agents need different permissions
Performance — local CPU/RAM can't scale
Security — LLM-generated code on your machine
Agents need fundamentally different compute.
| CI/CD Runners | Agent Compute | |
|---|---|---|
| Startup | ~10s+ VM provision | Sub-second |
| State | Stateless | Stateful, pause/resume |
| Execution | Fire-and-forget | Interactive, API-driven |
| Scale | Fewer, longer jobs | Swarms of short bursts |
| Cost | Per-minute VMs | MicroVMs, per-invocation |
Sub-second startup. Hardware-level isolation. Dramatically lower cost per invocation. OCI image support.
Save full state. Hand off to human for review. Resume exactly where it left off. The biggest gap in current CI.
Per-agent identity and access control. Agent A reads code. Agent B deploys staging. Agent C can't touch production.
Auditability, network controls, policy enforcement, cost limits, identity tied to spawning developer.
The modern dev platform needs all three.
Async, stateless, fire-and-forget. → GitHub Actions
Persistent, interactive, human-driven. → Codespaces
Stateful, sub-second, swarm-scale, pause/resume. → Coming soon
You don't have to wait for dedicated agent compute.
Run agents in CI today with Copilot CLI or gh aw.
Ephemeral, isolated, zero-maintenance. Ready for agents.
Design for headless execution now. Be ready when agent compute arrives.
Stronger tests/lint/scan = more autonomy for agents.
The future of compute is converging.
Actions is the foundation everything else builds on. Start there.