TNS
SUBSCRIBE
Join our community of software engineering leaders and aspirational developers. Always stay in-the-know by getting the most important news and exclusive content delivered fresh to your inbox to learn more about at-scale software development.
REQUIRED
 
It seems that you've previously unsubscribed from our newsletter in the past. Click the button below to open the re-subscribe form in a new tab. When you're done, simply close that tab and continue with this form to complete your subscription.
Welcome and thank you for joining The New Stack community!
Please answer a few simple questions to help us deliver the news and resources you are interested in.
REQUIRED
REQUIRED
REQUIRED
REQUIRED
REQUIRED
Great to meet you!
Tell us a bit about your job so we can cover the topics you find most relevant.
REQUIRED
REQUIRED
REQUIRED
REQUIRED
REQUIRED
 
Welcome!

We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.

What’s next?

Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.

Become a TNS follower on LinkedIn.

Check out the latest featured and trending stories while you wait for your first TNS newsletter.

PREV
of
NEXT
VOXPOP
As a JavaScript developer, what non-React tools do you use most often?
Angular
0%
Astro
0%
Svelte
0%
Vue.js
0%
Other
0%
I only use React
0%
I don't use JavaScript
0%
 
NEW! Try Stackie AI
Cloud Native Ecosystem Containers Databases Edge Computing Infrastructure as Code Linux Microservices Open Source Networking Storage
Why Kubernetes 1.35 is a game-changer for stateful workload scaling
Feb 21st 2026 8:00am, by Janakiram MSV
The developer as conductor: Leading an orchestra of AI agents with the feature flag baton
Feb 19th 2026 3:31pm, by TNS Staff
pg_lake comes to Snowflake Postgres: What it means for open standards
Feb 6th 2026 1:00am, by Jelani Harper
CNCF: Kubernetes is 'foundational' infrastructure for AI
Jan 23rd 2026 11:00am, by Steven J. Vaughan-Nichols
CTO Chris Aniszczyk on the CNCF push for AI interoperability
Jan 22nd 2026 1:00pm, by Loraine Lawson
Red Hat takes on Docker Desktop with its enterprise Podman Desktop build
Feb 20th 2026 1:00pm, by Steven J. Vaughan-Nichols
Want an easy way to manage Podman containers? Here it is.
Feb 19th 2026 3:00pm, by Jack Wallen
Simplify managing your Docker compose files with this handy tool
Feb 17th 2026 3:00pm, by Jack Wallen
Python virtual environments: isolation without the chaos
Feb 16th 2026 7:00am, by Jessica Wachtel
Bluefin Linux: ChromeOS simplicity meets Linux power
Feb 11th 2026 12:00pm, by Jack Wallen
What happens to a database when the user is an AI agent
Feb 25th 2026 5:00am, by Max Liu
Databases weren’t built for agent sprawl – SurrealDB wants to fix it
Feb 24th 2026 2:07pm, by Paul Sawers
Why the era of relying on dozens of "purpose-built" databases is finally coming to an end
Feb 20th 2026 5:00am, by Tim Rottach
How your LLM is silently hallucinating company revenue
Feb 19th 2026 1:06pm, by Alasdair Brown
The hidden reason database debt is ten times harder to fix than code
Feb 12th 2026 7:00am, by Wen Jie Teo
React Server Components Vulnerability Found
Dec 6th 2025 7:00am, by Loraine Lawson
Kubernetes at the Edge: Lessons From GE HealthCare’s Edge Strategy
Nov 24th 2025 10:00am, by Vicki Walker
Building a Cloud-to-Edge Architecture Across 40K Global Locations
Nov 20th 2025 10:00am, by Vicki Walker
The AI Inflection Point Isn't in the Cloud, It's at the Edge
Oct 26th 2025 8:00am, by Alex Williams
Right-Sizing AI for the Edge: Power, Models and Security
Oct 9th 2025 10:00am, by Chris J. Preimesberger
Why "automated" infrastructure might cost more than you think
Feb 24th 2026 4:00am, by Justyn Roberts
Why 40% of AI projects will be canceled by 2027 (and how to stay in the other 60%)
Feb 13th 2026 6:00am, by Alex Drag
Durable Execution: Build reliable software in an unreliable world
Feb 2nd 2026 3:23pm, by Charles Humble
Terraform challenger Formae expands to more clouds
Jan 28th 2026 6:00am, by Joab Jackson
IBM HashiCorp 'Sunsets' Terraform's External Language Support
Dec 12th 2025 2:00pm, by Joab Jackson
Want an easy way to manage Podman containers? Here it is.
Feb 19th 2026 3:00pm, by Jack Wallen
Simplify managing your Docker compose files with this handy tool
Feb 17th 2026 3:00pm, by Jack Wallen
HackerOS is what a Linux enthusiast's OS should be
Feb 14th 2026 8:00am, by Jack Wallen
Bluefin Linux: ChromeOS simplicity meets Linux power
Feb 11th 2026 12:00pm, by Jack Wallen
The hunt for truly zero-CVE container images
Feb 10th 2026 11:30am, by Steven J. Vaughan-Nichols
OpenTelemetry roadmap: Sampling rates and collector improvements ahead
Feb 24th 2026 11:00am, by B. Cameron Gain
Merging To Test Is Killing Your Microservices Velocity
Dec 16th 2025 7:00am, by Arjun Iyer
IBM’s Confluent Acquisition Is About Event-Driven AI
Dec 11th 2025 6:00am, by Joab Jackson
Deploy Agentic AI Workflows With Kubernetes and Terraform
Nov 26th 2025 9:00am, by Oladimeji Sowole
How Dapr and WebAssembly Team Up for Microservices
Oct 2nd 2025 6:00am, by B. Cameron Gain
Databases weren’t built for agent sprawl – SurrealDB wants to fix it
Feb 24th 2026 2:07pm, by Paul Sawers
AWS creates a sandbox for its agent experiments
Feb 23rd 2026 11:51am, by Frederic Lardinois
Twilio's A2H is a new protocol that helps agents talk to humans
Feb 19th 2026 11:00am, by Frederic Lardinois
cURL’s Daniel Stenberg: AI slop is DDoSing open source
Feb 15th 2026 10:00am, by Steven J. Vaughan-Nichols
How to ground AI agents in accurate, context-rich data
Feb 13th 2026 5:00am, by Todd R. Weiss
How Homepage simplifies monitoring your self-hosted services
Feb 6th 2026 8:00am, by Jack Wallen
S3 is the new network: Rethinking data architecture for the cloud era
Feb 2nd 2026 4:00am, by Max Liu
Cisco is using eBPF to rethink firewalls, vulnerability mitigation
Jan 26th 2026 9:00am, by Joab Jackson
You Might Not Know This, but Your NAS Might Be a Good Docker Server
Jan 16th 2026 10:00am, by Jack Wallen
CNCF Dragonfly Speeds Container, Model Sharing with P2P
Jan 16th 2026 6:15am, by Joab Jackson
S3 is the new network: Rethinking data architecture for the cloud era
Feb 2nd 2026 4:00am, by Max Liu
Agoda’s secret to 50x scale: Getting the database basics right
Jan 28th 2026 7:00am, by Cynthia Dunlop
Chainguard EmeritOSS backs MinIO, other orphaned projects
Jan 27th 2026 6:15am, by Steven J. Vaughan-Nichols
You Might Not Know This, but Your NAS Might Be a Good Docker Server
Jan 16th 2026 10:00am, by Jack Wallen
Is Sloppy File Sharing Endangering Your Enterprise?
Jan 14th 2026 8:00am, by Vicki Walker
AI AI Engineering API Management Backend development Data Frontend Development Large Language Models Security Software Development WebAssembly
Anthropic accelerates its Cowork enterprise play
Feb 24th 2026 2:20pm, by
The Pentagon's Anthropic problem is every enterprise's AI problem
Feb 23rd 2026 3:00pm, by
AWS creates a sandbox for its agent experiments
Feb 23rd 2026 11:51am, by
Cloudflare's Markdown for Agents automatically make websites agent-ready
Feb 22nd 2026 7:00am, by
Claude Code comes to Roadmap, OpenClaw loses its head, and AI workslop
Feb 21st 2026 7:05am, by
AWS creates a sandbox for its agent experiments
Feb 23rd 2026 11:51am, by
This simple infrastructure gap is holding back AI productivity
Feb 22nd 2026 8:00am, by
Cloudflare's Markdown for Agents automatically make websites agent-ready
Feb 22nd 2026 7:00am, by
Beyond the vibe code: The steep mountain MCP must climb to reach production
Feb 21st 2026 6:00am, by
NanoClaw's answer to OpenClaw is minimal code, maximum isolation
Feb 20th 2026 11:00am, by
Your AI strategy is built on layers of API sediment
Feb 17th 2026 9:37am, by
Solving the Problems That Accompany API Sprawl With AI
Jan 15th 2026 1:00pm, by
4 Core Principles for Scaling Your API Engineering Practice
Jan 13th 2026 10:00am, by
Map Your API Landscape To Prevent Agentic AI Disaster
Jan 12th 2026 12:00pm, by
Postman Adds Open Source Documentation and SDK Products
Jan 10th 2026 5:00am, by
How To Get DNS Right: A Guide to Common Failure Modes
Dec 24th 2025 8:00am, by and
Combining Rust and Python for High-Performance AI Systems
Dec 3rd 2025 1:00pm, by
How MCP Uses Streamable HTTP for Real-Time AI Tool Interaction
Aug 18th 2025 10:34am, by
A Backend for Frontend: Watt for Node.js Simplifies Operations
Aug 14th 2025 6:00am, by
Human-on-the-Loop: The New AI Control Model That Actually Works
Aug 4th 2025 8:00am, by
Databases weren’t built for agent sprawl – SurrealDB wants to fix it
Feb 24th 2026 2:07pm, by
How to ground AI agents in accurate, context-rich data
Feb 13th 2026 5:00am, by
ShareChat hit a billion features per second, then it had to make it 10x cheaper
Feb 12th 2026 6:00am, by
Unlocking AI's full potential: Why context is everything
Feb 2nd 2026 2:31pm, by
Meet Gravitino, a geo-distributed, federated metadata lake
Jan 29th 2026 11:25am, by
The shift left hangover: Why modern platforms are shifting down to cure developer fatigue
Jan 30th 2026 6:22pm, by
Mastra empowers web devs to build AI agents in TypeScript
Jan 28th 2026 11:00am, by
Drupal turns 25: From simple to complex — then simple again
Jan 28th 2026 8:00am, by
Anthropic extends MCP with a UI framework
Jan 26th 2026 10:00am, by
Distributed apps platform Aspire supports JavaScript, Python
Jan 24th 2026 9:00am, by
Prompting vs. RAG vs. fine-tuning: Why it’s not a ladder
Jan 29th 2026 10:00am, by
LLMs create a new blind spot in observability
Jan 24th 2026 10:00am, by
Focus on ‘Don’ts’ to build systems that know when to say ‘No’
Jan 21st 2026 8:00am, by
A Developer’s Guide to Marshaling Data With JSON
Jan 17th 2026 5:00am, by
SLMs vs. LLMs: Why Smaller AI Models Win in Business
Jan 16th 2026 9:00am, by
Beyond the vibe code: The steep mountain MCP must climb to reach production
Feb 21st 2026 6:00am, by
AI agents are accelerating vulnerability discovery. Here's how AppSec teams must adapt.
Feb 19th 2026 1:31pm, by
Rising identity complexity: How CISOs can prevent it from becoming an attacker’s roadmap
Feb 19th 2026 12:47pm, by
cURL’s Daniel Stenberg: AI slop is DDoSing open source
Feb 15th 2026 10:00am, by
HackerOS is what a Linux enthusiast's OS should be
Feb 14th 2026 8:00am, by
In the driver’s seat: How Google Conductor AI actually stays under control
Feb 25th 2026 7:33am, by
This simple infrastructure gap is holding back AI productivity
Feb 22nd 2026 8:00am, by
96% of developers don't trust AI code: Here's a step toward the fix
Feb 20th 2026 10:05am, by
Twilio's A2H is a new protocol that helps agents talk to humans
Feb 19th 2026 11:00am, by
Python virtual environments: isolation without the chaos
Feb 16th 2026 7:00am, by
Wasm vs. JavaScript: Who wins at a million rows?
Feb 22nd 2026 6:00am, by
How WebAssembly and Web Workers prevent UI freezes
Feb 7th 2026 9:00am, by
WebAssembly vs. JavaScript: Testing Side-by-Side Performance
Jan 20th 2026 9:00am, by
Open Source Whamm: Use WebAssembly To Monitor and Fix Running Apps
Jan 14th 2026 1:00pm, by
WASI 1.0: You Won't Know When WebAssembly Is Everywhere in 2026
Jan 5th 2026 11:00am, by
AI Operations CI/CD Cloud Services DevOps Kubernetes Observability Operations Platform Engineering
In the driver’s seat: How Google Conductor AI actually stays under control
Feb 25th 2026 7:33am, by Adrian Bridgwater
Why "automated" infrastructure might cost more than you think
Feb 24th 2026 4:00am, by Justyn Roberts
Why Kubernetes 1.35 is a game-changer for stateful workload scaling
Feb 21st 2026 8:00am, by Janakiram MSV
Why the era of relying on dozens of "purpose-built" databases is finally coming to an end
Feb 20th 2026 5:00am, by Tim Rottach
The essential shift every ITOps leader must make to survive an unrelenting stream of incidents
Feb 19th 2026 1:46pm, by Ariel Russo
This simple infrastructure gap is holding back AI productivity
Feb 22nd 2026 8:00am, by Charlotte Fleming
Ramp’s Inspect shows closed-loop AI agents are software’s future
Jan 29th 2026 11:00am, by Arjun Iyer
QCon chat: Is agentic AI killing continuous integration?
Jan 27th 2026 6:00am, by Joab Jackson
Async Rust: Pinning demystified
Jan 26th 2026 11:00am, by Anshul Gupta
A security checklist for your React and Next.js apps
Jan 26th 2026 7:00am, by Crystal Morin
Databases weren’t built for agent sprawl – SurrealDB wants to fix it
Feb 24th 2026 2:07pm, by Paul Sawers
Rising identity complexity: How CISOs can prevent it from becoming an attacker’s roadmap
Feb 19th 2026 12:47pm, by Jay Reddy
S3 is the new network: Rethinking data architecture for the cloud era
Feb 2nd 2026 4:00am, by Max Liu
How to secure Vertex AI pipelines with Google Cloud tools
Jan 27th 2026 9:00am, by Advait Patel
Cloudflare Acquires Team Behind Open Source Framework Astro
Jan 16th 2026 12:45pm, by Loraine Lawson
Most platform teams build products, but they don’t know it
Feb 24th 2026 9:00am, by Oleg Danilyuk
Why "automated" infrastructure might cost more than you think
Feb 24th 2026 4:00am, by Justyn Roberts
The essential shift every ITOps leader must make to survive an unrelenting stream of incidents
Feb 19th 2026 1:46pm, by Ariel Russo
Is your on-call rotation quietly burning out top talent?
Feb 18th 2026 8:54am, by Cristina Dias
The reason AI agents shouldn’t touch your source code — and what they should do instead
Feb 12th 2026 4:11pm, by Nick Lucchesi
Why Kubernetes 1.35 is a game-changer for stateful workload scaling
Feb 21st 2026 8:00am, by Janakiram MSV
Red Hat takes on Docker Desktop with its enterprise Podman Desktop build
Feb 20th 2026 1:00pm, by Steven J. Vaughan-Nichols
Want an easy way to manage Podman containers? Here it is.
Feb 19th 2026 3:00pm, by Jack Wallen
Prometheus and OpenTelemetry finally play nice
Feb 19th 2026 10:00am, by B. Cameron Gain
From notebooks to nodes: Architecting production-ready AI infrastructure
Feb 17th 2026 1:13pm, by Emmanuel Akita
OpenTelemetry roadmap: Sampling rates and collector improvements ahead
Feb 24th 2026 11:00am, by B. Cameron Gain
Prometheus and OpenTelemetry finally play nice
Feb 19th 2026 10:00am, by B. Cameron Gain
Why 40% of AI projects will be canceled by 2027 (and how to stay in the other 60%)
Feb 13th 2026 6:00am, by Alex Drag
The reason AI agents shouldn’t touch your source code — and what they should do instead
Feb 12th 2026 4:11pm, by Nick Lucchesi
Your infrastructure is evolving, but is your operational framework still stuck in the past?
Feb 11th 2026 9:00am, by Cristina Dias
OpenClaw is being called a security “Dumpster fire,” but there is a way to stay safe
Feb 15th 2026 7:00am, by David Eastman
Your RAG System is probably image-blind, but it doesn't have to be
Feb 12th 2026 12:00pm, by Tushar Madaan and Kiran Matty
How intelligent orchestration transforms software innovation
Feb 12th 2026 8:00am, by Manav Khurana
ShareChat hit a billion features per second, then it had to make it 10x cheaper
Feb 12th 2026 6:00am, by Cynthia Dunlop
Your infrastructure is evolving, but is your operational framework still stuck in the past?
Feb 11th 2026 9:00am, by Cristina Dias
Most platform teams build products, but they don’t know it
Feb 24th 2026 9:00am, by Oleg Danilyuk
Coding agents are only as good as the signals you feed them
Feb 23rd 2026 4:00am, by Arjun Iyer
The reason big tech is giving away AI agent frameworks
Feb 20th 2026 9:29am, by Janakiram MSV
Durable Execution: Build reliable software in an unreliable world
Feb 2nd 2026 3:23pm, by Charles Humble
The shift left hangover: Why modern platforms are shifting down to cure developer fatigue
Jan 30th 2026 6:22pm, by Steve Corndell
C++ Developer tools Go Java JavaScript Programming Languages Python Rust TypeScript
Open source USearch library jumpstarts ScyllaDB vector search
Feb 5th 2026 12:00pm, by Jelani Harper
AWS WAF vs. Google Cloud Armor: A Multicloud Security Showdown
Nov 25th 2025 10:00am, by Advait Patel
Goodbye Dashboards: Agents Deliver Answers, Not Just Reports
Nov 23rd 2025 9:00am, by Ketan Karkhanis
Rust vs. C++: a Modern Take on Performance and Safety
Oct 22nd 2025 2:00pm, by Zziwa Raymond Ian
Building a Real-Time System Monitor in Rust Terminal
Oct 15th 2025 7:05am, by Tinega Onchari
In the driver’s seat: How Google Conductor AI actually stays under control
Feb 25th 2026 7:33am, by Adrian Bridgwater
Databases weren’t built for agent sprawl – SurrealDB wants to fix it
Feb 24th 2026 2:07pm, by Paul Sawers
Red Hat takes on Docker Desktop with its enterprise Podman Desktop build
Feb 20th 2026 1:00pm, by Steven J. Vaughan-Nichols
Anthropic: You can still use your Claude accounts to run OpenClaw, NanoClaw and Co.
Feb 18th 2026 3:53pm, by Frederic Lardinois
Anthropic's new Claude Sonnet 4.6 promises Opus-level coding at Sonnet pricing
Feb 17th 2026 10:00am, by Frederic Lardinois
Go Experts: 'I Don't Want to Maintain AI-Generated Code'
Sep 28th 2025 6:00am, by David Cassel
How To Run Kubernetes Commands in Go: Steps and Best Practices 
Jun 27th 2025 8:00am, by Sunny Yadav
Prepare Your Mac for Go Development
Apr 12th 2025 7:00am, by Damon M. Garn
Pagoda: A Web Development Starter Kit for Go Programmers
Mar 19th 2025 6:10am, by Loraine Lawson
Microsoft TypeScript Devs Explain Why They Chose Go Over Rust, C#
Mar 18th 2025 7:00am, by David Cassel
62% of enterprises now use Java to power AI apps
Feb 10th 2026 12:58pm, by Darryl K. Taft
BellSoft bets Java expertise can beat hardened container wave
Jan 26th 2026 3:00pm, by Darryl K. Taft
Java Developers Get Multiple Paths To Building AI Agents
Dec 26th 2025 7:02am, by Darryl K. Taft
Your Enterprise AI Strategy Must Start With Java, Not Python
Dec 22nd 2025 1:00pm, by Michael Coté
Why Bloomberg Chose Vendor-Neutral Java Over Big Tech
Oct 2nd 2025 5:00pm, by Darryl K. Taft
Wasm vs. JavaScript: Who wins at a million rows?
Feb 22nd 2026 6:00am, by Jessica Wachtel
Arcjet reaches v1.0, promises stable security for JavaScript apps
Feb 14th 2026 7:00am, by Darryl K. Taft
How WebAssembly and Web Workers prevent UI freezes
Feb 7th 2026 9:00am, by Jessica Wachtel
Mastra empowers web devs to build AI agents in TypeScript
Jan 28th 2026 11:00am, by Loraine Lawson
A security checklist for your React and Next.js apps
Jan 26th 2026 7:00am, by Crystal Morin
Statistical language R is making a comeback against Python
Feb 12th 2026 2:57pm, by Darryl K. Taft
62% of enterprises now use Java to power AI apps
Feb 10th 2026 12:58pm, by Darryl K. Taft
Memory-Safe Jule language emerges as C/C++ alternative
Feb 7th 2026 8:00am, by Darryl K. Taft
The 'weird' things that happened when Clickhouse replaced C++ with Rust
Feb 4th 2026 7:26am, by B. Cameron Gain
Async Rust: Pinning demystified
Jan 26th 2026 11:00am, by Anshul Gupta
Python virtual environments: isolation without the chaos
Feb 16th 2026 7:00am, by Jessica Wachtel
Statistical language R is making a comeback against Python
Feb 12th 2026 2:57pm, by Darryl K. Taft
Arcjet's Python SDK Embeds Security in Code
Jan 16th 2026 2:00pm, by Darryl K. Taft
2025: The Year of the Return of the Ada Programming Language?
Jan 14th 2026 4:00pm, by Darryl K. Taft
Experts Hail Anthropic's $1.5M Python Security Commitment
Jan 14th 2026 3:00pm, by Darryl K. Taft
Wasm vs. JavaScript: Who wins at a million rows?
Feb 22nd 2026 6:00am, by Jessica Wachtel
Open source USearch library jumpstarts ScyllaDB vector search
Feb 5th 2026 12:00pm, by Jelani Harper
The 'weird' things that happened when Clickhouse replaced C++ with Rust
Feb 4th 2026 7:26am, by B. Cameron Gain
Async Rust: Pinning demystified
Jan 26th 2026 11:00am, by Anshul Gupta
Distributed apps platform Aspire supports JavaScript, Python
Jan 24th 2026 9:00am, by Loraine Lawson
Mastra empowers web devs to build AI agents in TypeScript
Jan 28th 2026 11:00am, by Loraine Lawson
Inferno Vet Creates Frontend Framework Built With AI in Mind
Dec 10th 2025 11:00am, by Loraine Lawson
JavaScript Utility Library Lodash Changing Governance Model
Nov 1st 2025 7:00am, by Loraine Lawson
Microsoft TypeScript Devs Explain Why They Chose Go Over Rust, C#
Mar 18th 2025 7:00am, by David Cassel
Go Power: Microsoft's Bold Bet on Faster TypeScript Tools
Mar 12th 2025 1:00pm, by Darryl K. Taft and Loraine Lawson
AI Operations / Developer tools / Software Development

In the driver’s seat: How Google Conductor AI actually stays under control

Google adds automated reviews to Conductor AI, enhancing context-driven development. Learn how this toolkit ensures code quality, security, and developer control.
Feb 25th, 2026 7:33am by
Featued image for: In the driver’s seat: How Google Conductor AI actually stays under control
Sara Oliveira for Unsplash+

Google wants to give developers a comprehensive, functional AI software development toolkit. As such, this month the company has added a new automated review feature to its Google Conductor AI extension.

A context-driven development extension currently available in preview for Gemini CLI, Conductor helps create formal specifications alongside a developer’s code in the form of persistent version-controlled markdown files, the lightweight, portable text format much beloved of programmers.

According to Google, Conductor allows developers to plan before they build, review plans before code is written, and keep the human developer firmly in the driver’s seat.

The new automated review extension for Conductor has been designed to understand and interpret a codebase’s specifications and guidelines, and subsequently generate post-implementation code quality and compliance reports.

“The philosophy behind Conductor is simple: control your code.”

Why is Google doing this? Because in a world where even non-technical businesspeople are becoming aware of AI-driven code and its potential to automate decisions without human oversight, Google needs to ram home its central message, which is put plainly in the blog post about the update: “The philosophy behind Conductor is simple: control your code.”

Sharper, but safer

With Anthropic also implementing automated review capabilities for Cloud Code to oversee security, logic, and integration, how does the programming community view these new, supposedly sharper but also safer tools in terms of real-world practicality?

Nigel Douglas, head of developer relations at Cloudsmith, explains it with a colorful analogy about a chainsaw.

“An AI coding CLI without automated reviews is like a chainsaw without an ‘off’ button, but, unfortunately, these changes focus only on the code that’s been generated, i.e., completely skipping the upstream components it’s pulling in. If an AI coding assistant suggests a package that doesn’t exist or has already been infected with malware, a developer will end up shipping vulnerabilities far faster than anyone can catch them,” Douglas tells The New Stack.

“An AI coding CLI without automated reviews is like a chainsaw without an ‘off’ button…”

Douglas reminds us that peer reviews can’t work the way they’ve always worked when LLMs can generate thousands of lines of functional code in minutes. It’s a computational process that far outstrips human reading ability. He insists that the current state of AI development tools means automated reviews are just one step; as such, he calls for a human in the loop at the pull request stage, to move contributions back from ‘trusted output’ to ‘proposed draft requiring expert verification’.

A (mere) meaningful milestone

“Google’s continued investment in improving the quality and reliability of AI-generated code is an important step for the industry. The conversation is shifting from whether AI can generate code to whether it can be trusted to evaluate and improve it… so automated review is a meaningful milestone in that progression,” said Chris du Toit, CMO of Tabnine.

What du Toit says his team is seeing across enterprises is that trust ultimately comes from context, understanding how code fits into real systems, real dependencies, and real operational constraints.

“As AI moves from assisting developers to performing real engineering work, organizations will increasingly need an organizational intelligence layer that gives AI a structured understanding of their environment, enabling automated reviews to operate safely and consistently at scale,” offered du Toit, in response to the new features.

Brownfield dirty work

While Tabnine analyzes the context of an entire codebase (not just a single line of code) and can suggest actions related to everything from a single variable name to entire functions and test cases, Google Conductor is not without capabilities at this level. Conductor’s context-driven development approach has been put in place to ensure AI services understand a project’s architecture, rules, and history.

Google also makes it clear that Conductor can be applied to brownfield projects already in motion through its workspace-wide scan capability. The cloud giant confirms that Conductor’s scan enables it to identify programming languages, folder structures, and existing patterns to seed Markdown files. This, says the company, allows it to “respect your specific coding style” once applied, even in a massive codebase.

Conor Sherman, CISO in residence at Sysdig, is equally upbeat and cautious about code assistants. He says that one concrete risk of the agentic coding system space is the specter of phantom dependencies, also sometimes known as “slopsquatting” by some.

Slopsquatting shoddiness

“This is where a coding agent invents a believable package or component name that does not exist. A threat actor can then publish a malicious package under that exact hallucinated name. If the agent — or a developer trusting the agent — installs it, you have just pulled attacker code into your build pipeline. From there, it can go into production,” explained Sherman.

Sysdig recommends treating AI agents like highly privileged insiders. This means giving each agent a strongly scoped identity, least-privilege permissions, and hardened boundaries around what it can install, fetch, or execute. Then make the audit trail non-negotiable: if you cannot answer what the agent did, when it did it, and under whose authority, you do not have control of that system.

Separately, Sherman points to Anthropic’s safety report (last November), which has shown that more capable models can be pushed toward harmful, high-agency behavior in certain evaluation settings. That matters because the same general capability that speeds up benign work can also compress offensive timelines at scale.

Instruction adherence as a metric

Mohith Shrivastava, principal developer advocate at Salesforce, thinks that the question of whether an agentic service like Google’s Conductor is working effectively will now shift from an assessment of its output, onward to a more defined and measurable analysis of ‘instruction adherence’… and that this will become the industry’s new key reliability metric for AI governance.

“Enterprises will demand probabilistic adherence scores — categorized as high, low, or uncertain — to enable developers to refine their instructions accordingly and gain the confidence of CIOs in their agents’ reliability and trustworthiness. This focus on a quantitative measure of compliance will be essential for scaling enterprise agents and avoiding costly errors, setting a new benchmark for safe and reliable AI,” said Shrivastava.

Google’s final words (for now) in this space are belief in context-driven development and treating developer documentation as the source of truth, as a route to higher-quality outcomes for complex projects. Industry-wide, there is consensus on what we need to do next: it’s not about optimizing code generation per se; it’s about doing so in an architecturally compliant, resource-efficient, and secure way.

TRENDING STORIES
Group Created with Sketch.
Adrian Bridgwater is a technology journalist with three decades of press experience. He has an extensive background in communications, starting in print media, newspapers and also television. Primarily working as an analysis writer dedicated to a software application development ‘beat’,...
Read more from Adrian Bridgwater
SHARE THIS STORY
TRENDING STORIES
TNS owner Insight Partners is an investor in: Sysdig, Anthropic, Cloudsmith.
TRENDING STORIES
TNS DAILY NEWSLETTER Receive a free roundup of the most recent TNS articles in your inbox each day.