Agents stop being experiments and become the thing we build around. Harness engineering: leveraging Codex in an agent-first world shows engineers redirecting effort from hand-written code to agent-ready environments and feedback loops — a textbook move to Principle 07 — Build the Island. Paired with Z.ai launches GLM-5, which ships an open-weight model optimized for long-horizon agentic tasks, the signal is clear: models and platforms are reaching an inflection point where teams must design habitats, not just APIs.

That momentum lives beside a governance pressure cooker. OpenAI to Provide US Military Access to ChatGPT via GenAI.mil surfaces the policy and trust debates that follow every capability step. Internally, To catch leakers, OpenAI security staff use a custom ChatGPT reveals how the same tooling that powers product also becomes a surveillance layer — a classic tension between Principle 10 — The Law and Principle 14 — The Immune System. Practitioners should expect capability rollouts to trigger governance reviews and insider-control programs; those reviews will shape what agents are allowed to do as much as technical limits do.

Operational practice sits between those poles: make agent work legible, restrict the gates, and instrument the immune system. The OpenAI harness story teaches a concrete tactic — move humans into feedback-loop roles and require artifacts that prove outcomes — which maps to Principle 06 — Legible Landscapes and Principle 08 — Ship the Artifacts. Z.ai’s decision to publish an open-weight, agentic model shifts risk and opportunity to implementers: anyone can run long-horizon agents, so teams must deploy Principle 15 — The Gate controls and Principle 16 — Audit the Outcomes pipelines to keep behavior auditable.

Build islands that generate verifiable artifacts, not black-box feature flags. Design gates that are policy-driven and auditable. And treat your security tooling as part of the product’s immune system, not a separate admin detail. Watch how the harness patterns, GenAI.mil access, internal surveillance, and open-weight releases evolve — they will determine whether agent-first engineering becomes a productivity revolution or a governance liability.