Review

A review paper published May 29, 2026 by researchers at Meta, Stanford and the University of Illinois Urbana — Champaign argues that whether a language model behaves as a reliable autonomous agent depends less on model capabilities and more on the surrounding runtime software, which the authors call the 'harness.' This framing matters because it shifts engineering focus from marginal model improvements to the systems that make outputs executable, traceable and resumable — changing what builders must invest in to deploy multi‑step, long‑running agents.

The authors define the harness as a set of engineering components that wrap a model and make its outputs actionable: tool interfaces, sandboxed execution environments, memory systems, permission boundaries, testing frameworks, execution loops and feedback channels. They stress that model — produced text must be converted into executable code and persistent state so workflows can log progress, resume across steps and be audited.

To analyze agent behavior the paper breaks long‑running systems into three interacting parts: the model’s internal reasoning, the deployment infrastructure that provides runtime guarantees, and the on‑the‑fly code the agent generates — ranging from one‑off helper scripts to reusable skills. The review cites approaches where computation is shifted into executable programs rather than pure natural‑language descriptions, naming Program‑of‑Thoughts, Chain‑of‑Code and Code‑as‑Policies as representative methods.

The review surveys existing research and commercial implementations that follow the harness principle. Examples include Claude Code and OpenAI’s Codex, and multi‑agent frameworks such as ChatDev and MetaGPT. The paper notes live features — like Claude delegating parallel pull‑request reviews to agent teams — as evidence that harnessed agents are already shipping, and it reports that a company called Deepseek is assembling a dedicated 'Harness' team in Beijing under the formula 'model + harness = AI agent.'

On safety and reliability the authors warn that current software tests are often incomplete and that opaque verification steps can hide systemic risks, making external assessment difficult. To deliver dependable, long‑running behavior they argue for explicit plan‑execute‑verify cycles, regulated state transitions, sandboxed permissions and richer execution logs that expose intermediate calculations and outcomes for inspection and debugging.

Practically, the paper urges builders and researchers to rebalance effort away from incremental model tuning toward harness engineering: invest in sandboxes, permission models, verifiable execution loops, reproducible test suites and persistent logs for agent‑authored code. It also calls for more research on self‑generated artifacts — tests, helper tools and workflows produced by agents — and for transparent evaluation mechanisms that surface risks current tests may miss.