Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Agentic coding in design systems: are your controls keeping up?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 9079
Topic starter  

TL;DR: Well-specified workflows can produce workable PRs only after explicit skills, MCP-backed context, and human ticket qualification are added, while cold-start agents guessed conventions and created downstream rework, according to 1Password. The real issue is that agent identity control depends on scoped context and short-lived access, not just better code generation.

NHIMG editorial — based on content published by 1Password: agentic coding in design systems and what the team learned

Questions worth separating out

Q: How should teams govern agentic coding in structured engineering workflows?

A: Start by constraining the workflow, not by trusting the model.

Q: Why do design systems expose identity control gaps for agents?

A: Design systems expose control gaps because they depend on tacit conventions that experienced humans usually carry in their heads.

Q: What breaks when agent credentials are left standing too long?

A: Standing agent credentials turn a bounded workflow into a persistent access path.

Practitioner guidance

What's in the full article

1Password's full analysis covers the operational detail this post intentionally leaves for the source:

  • The exact workflow skills used for scaffolding components, writing stories, and opening merge requests
  • The MCP-backed context model for letting agents query component and token guidance at runtime
  • The ticket-label trigger and reviewer qualification flow used before agent execution starts
  • The prototype playground approach for designer-led interactive builds using real design system components

👉 Read 1Password's analysis of agentic coding in design systems →

Agentic coding in design systems: are your controls keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 8508
 

Agentic coding only becomes governable when tacit design knowledge is made executable. The article shows that a general-purpose agent could read the ticket but still guessed token tiers, primitives, and PR conventions. That failure mode is not about code generation quality alone. It is the result of governance knowledge living outside the system, which means the real control boundary is the context layer, not the editor.

A few things that frame the scale:

  • 64% of valid secrets leaked in 2022 are still valid and exploitable today, according to The State of Secrets Sprawl 2026.
  • AI-related credential leaks surged 81.5% year-over-year in 2025, with the surrounding AI infrastructure leaking 5x faster than core LLM providers.

A question worth separating out:

Q: Who should decide whether a ticket is ready for an agent?

A: A human should decide whether the ticket is specific enough, because readiness is a governance judgment, not a model output. The reviewer should confirm that scope, expected outcome, and conventions are clear before the agent starts. If the ticket still requires interpretation, it is not yet an agent-ready task.

👉 Read our full editorial: Agentic coding in design systems exposes new identity control gaps



   
ReplyQuote
Share: