ASH — Agent Safety Harness¶
The operating layer that sits between you and the AI models. Not the domain logic. Not your specific workload. The harness. The thing that makes an AI agent remember what happened yesterday, route work to the right model, block dangerous actions before they happen, and run jobs all day without anyone touching a keyboard.
We built this for a specific domain. But the patterns are general-purpose. People are building the same architecture for CRM pipelines, content operations, overnight coding loops, and personal knowledge management. The domain changes. The control plane does not.
What the harness does¶
Five jobs, running all day:
-
Remembers context. File-based memory that persists across sessions, models, and restarts. The agent picks up where it left off because the state lives in files, not inside a model's context window.
-
Routes work to the right model. Claude handles orchestration. Codex handles bounded code tasks. Grok handles live web research. A local model on the Mac handles cheap triage. Each model does what it does best. None of them do everything.
-
Enforces guardrails. Every tool call gets logged. Writes to production files get blocked. Dangerous shell commands get flagged. External content gets sanitized through a local model before it enters the system. The agent has hands, but some doors are locked.
-
Runs on a schedule. Cron jobs fire automated tasks, monitors, health checks, and reports throughout the day. The agent does not wait to be asked. It wakes up, does the work, and goes back to sleep.
-
Connects to outside systems. Execution APIs and external service APIs. External data feeds for domain signals. Telegram for alerts and remote control. YouTube and X for research inputs. Each integration follows the same pattern: fetch, validate, act, log.
What this section covers¶
| Page | What you'll find |
|---|---|
| How We Got Here | The path from chatbot to production agent, told through the mistakes that forced each upgrade |
| System Architecture | The actors, state stores, and design principles that hold it together |
| Memory and Continuity | How the agent remembers things and how sessions hand off to each other |
| Model Coordination | Which model does what, and the routing rules that prevent waste |
| Security and Guardrails | Audit trails, protected files, bash bypass detection, and external content sandboxing |
| Scheduling and Operations | The cron pipeline, health checks, and AI-powered triage |
| Tool Integrations | How the agent talks to external APIs, data sources, messaging, and research tools |
| Dev Pipeline | The PLAN-BUILD-VERIFY-REVIEW-COMMIT-DEPLOY discipline |
| Lessons and Failure Modes | What broke, what we learned, and what we would build earlier next time |
| Implementations | Real systems built with these patterns, from trading to CRM to personal knowledge management |
If you're new here¶
Start with How We Got Here for the story, then System Architecture for the map. After that, pick the topic that matters most to you. If you run systems, go to Security and Scheduling. If you build things, go to Model Coordination and the Dev Pipeline. Finish with Implementations to see how these patterns show up in different domains.