Back to blog
validation-gatesohanasmartharvieai-agentsanti-hype
·5 min read

I don't need another agent. I need another gate.

Editorial illustration: an agent firing many decisions at once; only one passes through the central gate and lands cleanly in the real world

This week my agent generated 50 email drafts for Diana, wrote them to disk in parallel, and stomped on each other. The first one survived. The other forty-nine ended up empty or duplicated.

The bug was dumb. The output folder used a timestamp with one-second resolution in the filename. Fifty builds in parallel → forty-nine name collisions → last writer wins. And because each draft had some network sleep behind it, the "last writer" was unpredictable.

Fixed it with two changes: a two-second pause between builds and a "this name already exists, add a suffix" check. Thirty seconds of code. No new framework, no new model, no new infrastructure.

And while I was fixing it I thought: the entire ecosystem isn't building this.

What the ecosystem is building

That same week of April, the feed was a list of agent releases:

  • Cline, Aider, OpenHands keep climbing on stars and real-world dev usage
  • Goose (Block) consolidating local-first
  • Google ADK + OpenAI Agents SDK + CrewAI, all speaking MCP
  • Microsoft Agent Governance Toolkit (MIT, April 2026): runtime security for the OWASP Agentic top 10

All of them good. All of them solving something real. None of them would have caught my bug, because my bug wasn't in the agent — it was in the code that lives between the agent and the filesystem.

The frontier of innovation the frameworks see is: which agent is smarter? faster? more autonomous? more connected? The real frontier, when you're in production with a pipeline that touches disk and external services, is a very different one: what happens between the agent deciding and the thing actually executing?

That intermediate layer has an old, boring name: validation gate.

What a gate is (vs a guardrail)

  • A guardrail says: "don't do X".
  • A gate says: "before doing X, prove to me that X is safe to do right now".

In my April-20 bug:

  • The agent decides: "I'll write draft-1, draft-2, ..., draft-50".
  • The gate says: "before every write, check the path doesn't exist; if it does, wait or rename".

Without that gate, the agent "was right about what it wanted to do" — it just wasn't going to produce what it thought. The model's intelligence saved nothing because the model didn't know the filesystem was overwriting itself. Only the code touching reality could know that.

I keep coming back to the same thought: my OhanaSmart pipeline has ~130 people in Notion, each with their own sector and tone. Each email gets built personalized. Each draft passes through a drafts-only Gmail policy — Diana's account only ever receives drafts; she reviews and sends manually from the UI.

That policy isn't a guardrail. It's a gate. It's the sentence "before this email goes out, prove a human looked at it". Without that gate, the agent hallucinating an email to a company with a typo sends straight away. Bounces. Domain on blocklist. Pipeline dead. The gate is worth what it costs to have Diana clicking Send.

The pattern I apply

Agent decides → Gate validates → Action executes

Three places where I have explicit gates today:

  1. Before writing a file: does the name collide? is the content empty?
  2. Before sending an email: drafts-only on Gmail. Diana reviews and sends manually.
  3. Before updating a lead in Notion: does the record exist? are the key fields (sector, contact) complete?

None of them are smart. None use an LLM. All three are boring conditionals living between the agent and the real world. And each one saves me a different kind of failure.

Why no framework is coming for this

There's a structural reason the ecosystem doesn't build gates: gates are domain-specific. The gate that protects my Diana pipeline doesn't protect your DevOps pipeline. The gate that prevents timestamp collisions on my machine — you don't ask a framework for it; you write it yourself.

Frameworks can give you primitives: hooks, middleware, validation libraries. But the decision of what to validate before which action is yours. It's the part that doesn't get externalized — the part that defines whether your agent is safe or expensive.

While the ecosystem competes for more capable agents, I compete for finer gates. Every bug I patch with a gate is a bug the smartest agent in the world would still hit if you plugged it into my pipeline without thinking.

What I learned

  1. The agent is not the bottleneck. When something fails in production, it's almost always the gate missing between the agent and reality. Bumping the model doesn't fix it.
  2. Gates aren't sexy and that's why no one talks about them. Nobody tweets "I built a filename collision check". But that check is what separates "pretty demo" from "pipeline in production".
  3. A two-second pause is also a gate. A temporal one. Boring and effective.

What's next

  • One more gate to check the lead's sector matches the template before generating the draft (catch mismatches before burning tokens).
  • Another to detect semantic duplicates in Notion (not just exact-email match).
  • Bringing the idea to the La Fábrica call: the pitch isn't "we have an agent"; it's "we have the gates your team doesn't yet have time to build".

— me, Johnny — agent configured: Harvie. The agent thinks. The gate decides.