AI Native DevCon Day 1: Making AI Agents Ready for Enterprise

TL;DR

Day 1 of AI Native DevCon was a practical reality check for AI-native software development. IRL tickets were sold out, the room was packed with 650+ builders. Agents are moving beyond demos, and teams now need better skills, context, verification, security, and enablement to make them dependable.

Hey there! Welcome back. Rohan Sharma here 👋

The first day of DevCon felt less like a normal developer conference and more like the industry collectively agreeing on something important. Coding agents are powerful, but they do not become production-ready; production readiness is earned through reliability, testing, and governance, not just compelling demonstrations.

The common thread was reliability. How do we make AI-native development work for teams, not just polished demos?

Zoom

Simon Maple opened DevCon by setting the frame. The question is no longer whether AI changes software development. It is how teams, platforms, and engineering cultures adapt now that agents are part of the workflow.

Sessions that shaped Day 1

Skills are the new Code

Guy Podjarny’s keynote, “Skills are the new Code”, gave the day its strongest early thesis. The instructions, skills, and context we give agents are becoming a real unit of software.

Zoom

If a skill shapes agent behaviour, it needs intent, review, testing, versioning, and maintenance. Your SKILL.md file cannot be the chaotic group chat of your engineering process. It needs structure.

Teams are already relying on agent instructions. The missing piece is treating those instructions like production assets.

Platforms built for humans now need to work for agents

Dana Lawson from Netlify focused on a practical platform challenge. Most dev tools still assume a human is reading logs, checking previews, and interpreting CLI output.

Agents need something different. They need structured signals, machine-readable feedback, and clear next actions. Otherwise they guess, retry blindly, or break something with full confidence.

Giving agents human-only logs is often insufficient. The data may be available, but agents need structured, machine-readable context to use it effectively.

From solo skill hacks to organizational enablement

James Moss from Tessl took the skills conversation into team territory with “Using skills to pay the bills”. Solo agents are easy to experiment with. Team agents are where things get messy.

Every developer can end up with different instructions, different context, and slightly different agent behaviour. If that layer is not shared, reviewed, and versioned, the team does not have one AI workflow. It has ten confused ones wearing the same hoodie.

Patrick Debois expanded that idea in “Coding Agents Don’t Scale Themselves. Neither Do Your Teams.” Organizations cannot simply roll out agent tooling and expect consistent results. Adoption requires enablement, governance, platform thinking, shared practices, and ways to measure whether these systems are genuinely improving outcomes.

Taken together, both talks pointed to the same conclusion: successful agent adoption is less about the model and more about how teams operationalize it.

Skills are also a supply-chain risk

Liran Tal’s “Your AI Agent Installed Malware Because a SKILL.md Told It To” focused on an often-overlooked security challenge. If a skill can influence agent behaviour, it becomes part of your supply chain.

Teams need to audit skills, understand what they instruct agents to do, and avoid blindly installing context files because they look useful. Cute name, dangerous permissions. Classic.

Harness engineering makes agent-first development serious

Ryan Lopopolo from OpenAI discussed Harness Engineering, a useful phrase for what agent-first development needs. Agents need the right context, sensible tool access, clear boundaries, verification loops, and feedback when something goes wrong.

Zoom

One practical takeaway was that "giving the model the entire repository" is not a deployment strategy. Effective agents need carefully scoped context, access to the right tools, and clear boundaries around what they can and cannot do. More context is not always better context.

Ryan also emphasized the importance of verification and feedback loops. Agents can generate code quickly, but production use requires mechanisms to evaluate outputs, catch mistakes, and continuously improve performance. The goal is not autonomous agents operating without oversight. It is systems where agents can work independently while remaining observable and accountable.

The framing made agent-first engineering feel less vague. Agents can execute more, but humans still need to design the operating environment. Less typing every line, more steering the system.

What kept coming up across the day

1. Context is becoming infrastructure

Across Guy Podjarny’s keynote, James Moss’ team workflow talk, Mozilla.ai’s cq, and Robert Overweg’s shared-brain session, there was a clear thread running through the discussions.
Context is not background information anymore. It is infrastructure.

The teams that get real value from agents will not be the ones with the longest prompts. They will be the ones with reusable, maintained, structured context that both humans and agents can trust. Your agent context should not look like your Downloads folder. We all know what that looks like. 😅

2. Verification is the new bottleneck

Shachar Azriel, Simon Martinelli, May Walter, and Dave Farley all circled the same problem from different angles. Generating code is getting easier. Knowing whether that code is correct, safe, aligned with intent, and maintainable is the hard part.

Zoom

If an AI workflow only optimizes for output speed, it becomes a very fast confusion machine.

3. AI-native development is a team-design problem

The organizational talks made the discussion feel more mature than the usual “everyone becomes 10x” stuff. AI changes review processes, team boundaries, product workflows, release safety, and how work moves from idea to production.

The better advice was boring in the best way. Train people properly, revisit workflows often, keep humans focused on judgment and architecture, and measure outcomes instead of tool adoption.

4. Security cannot be bolted on later

Joseph Katsioloudes from GitHub and Liran Tal from Snyk made security feel immediate. AI can help scale security knowledge, but it also creates new failure modes such as unsafe generated code, malicious skills, supply-chain exposure, prompt injection, and leaky context.

In other words, your agent may be smart, but please do not hand it the production keys and a Red Bull.

A few talks we'd recommend watching

For teams trying to move from experimentation to real AI-native practice, these sessions are worth shortlisting:

• Guy Podjarny, Tessl - Skills are the new Code
• Dana Lawson, Netlify - Built for Humans. Now Agents Are Here.
• James Moss, Tessl - Using skills to pay the bills
• Liran Tal, Snyk - Your AI Agent Installed Malware Because a SKILL.md Told It To
• Ryan Lopopolo, OpenAI - Harness Engineering
• Patrick Debois, Tessl - The Rise of Agent Enablement
• Shachar Azriel, Baz - Executable Specs
• May Walter, Hud - Runtime Intelligence for Continuous Agentic Performance Optimization
• Dave Farley - Vibe Coding - Is this really the best we can do?

That mix gives a strong picture of the day: context, skills, harnesses, verification, runtime feedback, security, and team enablement.

The party bit

After a full day of agent talk, context talk, and slightly scary security talk, the evening party was a good reset. People got to continue the hallway conversations, meet speakers, and process the day.

Zoom

Honestly, conferences need this part. Some of the best ideas do not happen in the session room. They happen when someone says, “wait, we had the same problem,” and a conversation turns into a new idea, solution, or connection. 😄

A small look at Day 2

Day 2 continues the same themes, with more hands-on sessions and a few focused talks worth tracking through notes or recordings:

• Harness engineering beyond code - product & design constraints for agents by Marc Sloan, Tessl
• Benchmarking the Agent Era: Measuring Performance Beyond the LLM by Amit Kushwaha, NVIDIA
• Connecting Context - Exploring Future Transports by Shaun Smith, Hugging Face
• You’re absolutely right, it was your home directory! by Oleg Šelajev, Docker
• Don’t Write Prompts, Write Software by Baruch Sadogursky and Macey Baker, Tessl

Day 1 gave the frame. Day 2 goes deeper into harnesses, skills, benchmarking, context, and agent safety.

We'll be sharing more highlights, key takeaways, and session content from Day 2 over the coming weeks.

If you'd like to follow along and get the latest updates as they're released, sign up for the newsletter.

The main takeaway

Day 1 made one thing clear. AI-native development is growing up.

The strongest talks were not about replacing developers or chasing the latest model release. They were about the engineering work around agents: skills, context, harnesses, verification, security, and team enablement.

And yes, your coding agent still has commitment issues. But after Day 1, at least the industry has a better couples therapy plan.

Thank you for joining AI Native DevCon, whether you were in the room or following along virtually.