Common mistakes and how to avoid them
We've covered permissions, sandboxing, and self-review before push. This lesson closes out the module with five mistakes that recur for anyone working with a coding agent — not because the agent is 'bad', but because each one hides exactly where it's easy to skip: a report that sounds convincing, a
Before takeoff, a pilot goes item by item through a checklist instead of trusting that the engine 'sounds fine' — every item gets its own check, because one general report can hide a small, dangerous fault.
- over-trusting agent output
- Accepting a natural-language report like "I changed it in all 14 places" as verified fact, without checking yourself that the description matches the actual diff everywhere.
- context gap
- When the agent is missing a relevant file or fact from the repo, it reasonably assumes based on what it did see — and that assumption can be wrong without anyone noticing.
- prompt injection from read content
- An instruction hidden inside external text the agent was only asked to summarize or read (a ticket, a webpage, a README) — risky because the agent may treat it as if it came from the user.
- a secret left in git history
- A key or password that entered a commit and became visible to anyone with repo access — deleting the line in a later commit does not remove it from git history, so the key itself must be rotated.
- risk-targeted diff review
- When a diff is too large to read line by line, you check the most sensitive files (security, auth, rate-limiting) individually first, instead of trusting that 'it's just a mechanical rename'.