·

Delegating Implementation To AI Agents

Delegating Implementation To AI Agents

Knowing exactly where to draw the delegation boundary is what separates engineers who multiply their output with AI agents from those who spend hours cleaning up what the agent got wrong.

The Delegation Framework: Matching Task Type to Agent Capability

AI agents are not uniformly capable across all engineering tasks. They excel at work that is well-defined, structurally repetitive, and bounded — where correctness can be verified without deep domain context. They struggle with work that requires weighing tradeoffs, understanding cross-cutting business constraints, or anticipating failure modes that aren't visible in the immediate codebase.

A practical delegation framework splits tasks into four categories:

High-confidence delegation — Work the agent can handle end-to-end with minimal review. This includes: generating boilerplate (DTOs, interfaces, config files, test fixtures), implementing CRUD handlers against an existing schema, writing unit tests for pure functions, transforming data from one format to another (CSV to JSON, API v1 response to v2 shape), adding logging or instrumentation to existing methods, and scaffolding standard patterns like repository classes or middleware.

Supervised delegation — Work the agent can draft but that requires your review before merging. This includes: implementing a feature against a spec you've written, refactoring a module where you've identified the target shape, generating integration tests, writing database migration scripts. You delegate the implementation labor but you own the review gate.

Paired work — Work where you drive the decisions and the agent handles execution incrementally. This includes: designing a new API surface, selecting a caching strategy, handling authentication flows. You make the architectural call, then immediately delegate the implementation of that specific decision.

Do not delegate — Work where the agent cannot hold the full context required. This includes: selecting the persistence layer for a new service, deciding how to model a domain concept that spans multiple bounded contexts, establishing security boundaries between services, resolving conflicts between business rules that are implicit in stakeholder conversations you've had but haven't documented, and anything where the cost of getting it wrong is a data breach or a compliance violation.

The key insight is that this framework is about task shape, not task complexity. A complex CRUD handler (many fields, many validations) is still a high-confidence delegation. A simple-looking authentication check that touches a permission model is not.

Learning tip: Before delegating any task, ask yourself: "If the agent gets this subtly wrong, will my test suite catch it?" If the answer is "maybe not," you are in supervised delegation territory at minimum, and you need to write the test first, then delegate the implementation.

Writing Delegation Prompts That Set the Right Scope Boundaries

The most common failure mode in AI delegation is the under-specified prompt — one that states what to build but not what to leave alone. Agents are eager to help, and an eager agent that isn't given clear boundaries will make decisions you didn't ask it to make: restructuring files you didn't mention, adding abstractions that seem helpful, refactoring adjacent code because it noticed an inconsistency. Most of these changes will be fine. The ones that aren't are hard to spot in review.

A well-structured delegation prompt has four components:

  1. The task — What to implement, stated precisely.
  2. The interface contract — The exact inputs, outputs, and signatures the implementation must conform to. If it's a function, give the signature. If it's an endpoint, give the method, path, and expected request/response shape.
  3. The scope constraint — Which files and directories the agent is allowed to create or modify. Anything outside that boundary should require explicit confirmation.
  4. The acceptance condition — How you will know the task is done correctly. This might be "the existing test suite passes," "these specific tests pass," or "the function returns X given input Y."

Leaving out any of these four components creates ambiguity that the agent will fill in on its own. The scope constraint is the one engineers most often skip — and it's the one that produces the most surprising diffs.

Learning tip: Treat the scope constraint in your delegation prompt the way you'd treat a database transaction boundary. It isn't about distrust — it's about making the operation's footprint explicit and reviewable. An agent that knows exactly what it's allowed to touch will produce a diff that's faster to review.

Hands-On: Delegating a Feature Implementation with Boundaries

In this exercise you'll delegate the implementation of a paginated list endpoint to an AI agent, using a prompt structure that controls scope and sets clear acceptance conditions.

Scenario: You have an Express + TypeScript API. A UserRepository class already exists with a findAll() method that returns all users. You need a GET /users endpoint that accepts page and pageSize query parameters and returns paginated results.

Step 1 — Write the interface contract before opening the agent.

Before writing your prompt, decide exactly what the endpoint should look like. Write it down as a comment or a short spec in your editor:

GET /users?page=1&pageSize=20
Response: { data: User[], total: number, page: number, pageSize: number }
Errors: 400 if page < 1 or pageSize > 100

This step happens outside the agent. You are making the design decision.

Step 2 — Identify the scope boundary.

The agent should touch: src/routes/users.ts, src/handlers/getUsers.ts (new file), src/handlers/__tests__/getUsers.test.ts (new file). It should not touch UserRepository, the database layer, or the authentication middleware.

Step 3 — Write and submit the delegation prompt.

Implement a paginated GET /users endpoint in an Express + TypeScript API.

Task:
Create a handler function `getUsers` in `src/handlers/getUsers.ts` and wire it to the router in `src/routes/users.ts`.

Interface contract:
- Route: GET /users
- Query params: page (integer, default 1), pageSize (integer, default 20)
- Response shape: { data: User[], total: number, page: number, pageSize: number }
- Error: return HTTP 400 with { error: string } if page < 1 or pageSize > 100
- Use the existing `UserRepository.findAll()` method to fetch all users, then apply pagination in the handler layer (do not modify UserRepository)

Scope constraint:
- Create or modify ONLY these files: src/handlers/getUsers.ts, src/routes/users.ts
- Do not modify UserRepository, database files, middleware, or any other existing file
- If you believe a change outside this scope is necessary, stop and ask me first

Acceptance condition:
- A test file at src/handlers/__tests__/getUsers.test.ts should pass with cases for: valid pagination, page < 1, pageSize > 100, and default parameter values
- Write the tests as part of this task

Step 4 — Review the file list before reviewing the code.

When the agent returns its output, look at the list of files it created or modified first. If it touched anything outside src/handlers/getUsers.ts, src/routes/users.ts, and the test file, that is your first signal to investigate why — before reading the implementation.

Step 5 — Run the tests immediately.

Don't review the implementation line by line first. Run the tests the agent wrote. If they pass, the acceptance condition is met. Then read the implementation to verify it's clean and maintainable.

Step 6 — Check the edge case handling explicitly.

Look at the 400 error path. Verify that the agent returned the error before attempting to call UserRepository.findAll() — not after. Agents occasionally produce logically correct but operationally inefficient error handling.

Expected result: A working paginated endpoint, confined to the files you specified, with tests that document the expected behavior. Total review time should be under 10 minutes because the scope was constrained upfront.

Learning tip: After completing a delegation, note whether the agent stayed within the scope boundary. If it drifted — even if the drift was harmless — tighten the scope constraint wording in your next prompt. Over a few iterations you'll develop a prompt template that reliably produces bounded diffs.

Monitoring an Agent Mid-Task and Knowing When to Interrupt

Delegation does not mean disappearing. When an agent is working on a non-trivial task, your job shifts from writing code to monitoring and steering. The two most important monitoring practices are checkpoint reviews and partial output reads.

Checkpoint reviews happen when the agent pauses to report progress or ask a question. Treat these as you would a pull request from a junior engineer: read the summary, look at the files touched so far, and check whether the direction matches your intent before approving continuation. If the agent is summarizing its plan before executing it, that summary is your cheapest intervention point — it costs nothing to redirect here compared to redirecting after 200 lines of code have been written.

Partial output reads are relevant in agentic tools that stream their work in real time (Claude Code, Cursor, and similar). If you see the agent heading in a direction that contradicts your intent — creating a file you didn't expect, adding a dependency you don't want, choosing an abstraction that will create maintenance burden — interrupt immediately. The cost of interruption is low; the cost of untangling an hour of agent work is not.

When to interrupt:

  • The agent is touching files outside the stated scope boundary.
  • The agent is proposing to add a new dependency or library.
  • The agent has written a function signature that differs from the contract you specified.
  • The agent is asking a clarifying question about a business rule — this is a signal that the task required domain context the agent didn't have, and you need to either provide that context explicitly or take that part of the task back.
  • The agent has been running for significantly longer than you expected. Time is a proxy for scope creep.

Interrupting is not failure. It is the control mechanism working as designed. An interrupted task that gets corrected and re-run produces better output than an uninterrupted task that produces a diff you have to partially revert.

Learning tip: Set a mental time budget for every delegated task before you hand it off. If a task should take the agent 3 minutes and it's still running at 8 minutes, check in. You don't need a formal timeout — just a rough expectation so you notice when something is taking longer than it should.

Hands-On: Interrupting and Recovering an Over-Delegated Task

Scenario: You delegated the implementation of a password reset flow and the agent has started modifying the authentication middleware, the session store configuration, and the email template system — none of which were in scope.

Step 1 — Stop the agent.

Use the stop/interrupt control in your agentic tool. Do not let it finish. An agent that has already modified files outside scope has potentially created an inconsistent state.

Step 2 — Assess what was changed.

Run git diff --stat to see exactly which files were touched. Separate the changes into two categories: within-scope changes that look correct, and out-of-scope changes that need to be reverted.

Step 3 — Revert the out-of-scope changes.

I need to reset the changes you made outside the intended scope.

Please revert all changes to these files to their state before this session:
- src/middleware/auth.ts
- src/config/session.ts
- src/templates/email/

Keep the changes in:
- src/handlers/passwordReset.ts
- src/routes/auth.ts

Show me the git diff after reverting so I can confirm the state before we continue.

Step 4 — Diagnose why the agent went out of scope.

Read the work it did in the out-of-scope files. Most likely one of two things happened: (a) your original prompt described the feature at a level that implied those files were in scope, or (b) the agent encountered something in the password reset handler that it couldn't implement without touching downstream dependencies.

Step 5 — Reframe the prompt with explicit decisions made.

Continue implementing the password reset handler. I have already reviewed the scope issue.

Here are the decisions for the pieces you flagged:
- Email delivery: call the existing `EmailService.send()` method in src/services/email.ts — do not modify EmailService itself
- Token storage: store the reset token in the existing Redis client at src/lib/redis.ts using key pattern "pwd_reset:{userId}" with a 15-minute TTL — do not modify the Redis client configuration
- Session invalidation: do not invalidate existing sessions on password reset — that is handled separately and is out of scope for this task

Scope constraint (repeated for clarity):
- Modify ONLY: src/handlers/passwordReset.ts, src/routes/auth.ts
- Do not touch middleware, session config, email templates, or service implementations

Resume implementation from where you left off in the handler.

Step 6 — Review the resumed output more closely.

After an interruption and reframe, read the implementation more carefully than you normally would. Interruptions sometimes cause the agent to lose context about decisions it made earlier in the session. Check that the resumed work is consistent with the valid work that was already done.

Expected result: A password reset handler that uses existing infrastructure without modifying it, implemented within the stated scope, with the out-of-scope tangents cleanly reverted.

Learning tip: When you catch an out-of-scope drift, the fix is almost always to make an explicit decision about the thing the agent was trying to handle autonomously. Scope drift is usually the agent solving a real problem — just not the way you want it solved. Give it the answer, and constrain where it can implement that answer.

Key Takeaways

  • Delegate tasks by shape, not by complexity. Boilerplate, CRUD, tests, and data transformations are high-confidence delegation targets regardless of size. Architecture decisions, security boundaries, and implicit business logic are not — regardless of how simple they look.
  • A delegation prompt requires four components to work reliably: the task, the interface contract, the scope constraint, and the acceptance condition. Missing any one of them gives the agent permission to fill in the gap on its own.
  • Monitoring during a delegated task is not optional. Your role shifts from writing code to checkpoint reviews and partial output reads. Interruption is the control mechanism — use it early.
  • Scope drift is usually the agent solving a real problem autonomously. The recovery pattern is: revert the out-of-scope changes, identify the decision the agent was trying to make, make that decision explicitly yourself, then re-delegate with the decision written into the prompt.
  • The quality of your delegation improves with each iteration. Track whether the agent stayed in scope, and tighten your prompt template based on where it drifted. Within a few sessions, you will have a delegation style that produces consistently bounded, reviewable diffs.
Next Staged Implementation