Remember this Quora comment (which has also become a meme)?
(Source: QuoraJeez
In the pre-large language model (LLM) stackoverflow era, the challenge was sensible which one To efficiently adapt and adapt code snippets. Now, while developing code has become relatively easy, the deeper challenge lies in reliably identifying and integrating high-quality, enterprise-grade code into production environments.
This article will examine the practical pitfalls and limitations observed when engineers use advanced coding agents for real enterprise work, and address more complex issues around integration, scalability, accessibility, evolving security practices, data privacy, and maintainability in live operational settings. We hope to balance the hype and provide a more technical perspective on the capabilities of AI coding agents.
Limited domain understanding and service limitations
AI agents struggle significantly with designing scalable systems due to the sheer explosion of choices and the critical lack of enterprise-specific context. To describe the problem in broad strokes, large enterprise codebases and monographs are often too vast for agents to learn directly, and critical knowledge can often be fragmented in internal documentation and individual expertise.
In particular, many popular coding agents face service limitations that hinder their effectiveness in large-scale environments. Indexing features may fail or reduce quality for repositories larger than 2500 files, or due to memory constraints. Additionally, files larger than 500 KB are often excluded from indexing/searching, affecting decades-old, established products with large code files (although newer projects admittedly experience this less frequently).
For complex tasks involving extensive file context or refactoring, developers are expected to provide relevant files and clearly describe the refactoring procedure and surrounding build/command sequence to validate the implementation without introducing feature regressions.
Lack of hardware context and usage
AI agents have shown a severe lack of awareness of OS machine, command line and environmental installations (conda/winv). This shortcoming can lead to frustrating experiences, such as the agent trying to execute Linux commands on PowerShell, which can consistently result in ‘unrecognized command’ errors. Additionally, agents exhibit inconsistent ‘wait tolerance’ about reading command results, and declare failure to read results before the command finishes (and either proceed to retry/skip), especially on slow machines.
It’s not just about Nitpicking features; Rather, the devil is in these practical details. These experience differences manifest as real points of friction and require constant human supervision to monitor agent activity in real time. Otherwise, the agent may ignore the initial tool call information and either stop prematurely, or proceed with a half-baked solution that requires undoing some/all changes, re-triggering the indicator and discarding the token. Submitting a tip on Friday evening and expecting code updates when you check on Monday morning is not a guarantee.
The deception is over repeated actions
Working with AI coding agents often presents a long-standing challenge of deception, or incorrect or incomplete pieces of information (such as small code snippets) within a large set of anomalies being fixed by a developer with minimal effort. However, what is particularly troubling is when misbehavior occurs repeated Within a single thread, forcing users to either start a new thread and provide all context again, or manually intervene to “unblock” the agent.
For example, during a Python function code setup, an agent tasked with implementing complex production-ready changes encountered a file (See below) contains special characters (parenthesis, period, asterisk). These roles are very common in computer science Software version.
(Manually generated image with boilerplate code. Source: Learn Microsoft And Editing the application hosts file (HOST.JSON) in the Azure portalJeez
The agent incorrectly flagged it as an unsafe or harmful value, stopping the entire generation process. This misidentification of an adversary attack occurred repeatedly 4 to 5 times despite different indications. This version format is actually boilerplate, contained in a Python HTTP-Trigger code template. The only successful task involves instructing the agent No Read the file, and instead request him to provide the required configuration and assure him that the developer will manually add it to the file, confirm and ask him to continue with the rest of the code changes.
Being unable to repeatedly exit the bad agent output loop in the same thread highlights a practical limitation that significantly wastes development time. In essence, developers now spend time debugging/refining code rather than stack overflow code snippets or their own stack.
Lack of enterprise-grade coding practices
Security Best Practices: Coding agents often default to less secure authentication methods such as key-based authentication (client secret) rather than modern identity-based solutions (such as ENTRA ID or federated credentials). This oversight can introduce significant risks and increase maintenance overhead, as critical administration and rotation are complex tasks that are increasingly limited in enterprise environments.
Deprecated SDKs and reinventing the wheel: Agents cannot consistently take advantage of the SDK’s state-of-the-art methods instead of implementing mostly verbose and rigidly maintained implementations. Azure Functions on Piggybacking For example, agents output code using the pre-existing V1 SDK for read/write operations, rather than the cleaner and more maintainable V2 SDK code. Developers must research the latest methods online to have a mental map of dependencies and expected implementations that ensure long-term maintainability and reduce future tech migration efforts.
Limited Intent Recognition and Repetitive Codes: Even for small, modular tasks (which are typically as motivated as minimizing hallucinations or debugging downtime) like extending the definition of an existing function, agents can follow the directive. Verbatim and develop a logic that turns out to be closely reproducible, without anticipation of the future, Unmoved Developer requirements. That is, in these modular tasks the agent cannot automatically identify and refactor similar logic into shared functions or optimize class definitions, which can lead to tech debt and difficult-to-manage codebases, especially with vib coding or lazy developers.
Simply put, those viral YouTube reels that showcase rapid zero-to-one app development with one-sentence prompts simply fail to capture the pressing challenges of production-grade software, where security, scalability, maintainability and future-proof design architecture are critical.
Confirmation bias alignment
Confirmation bias is an important concern, as LLMs often confirm the user’s premises even when the user expresses doubt and asks the agent to refine their understanding or suggest alternative theories. This tendency, where models go straight with what they want to hear, tends to reduce the quality of the overall output, especially for more objective/technical tasks like coding.
There is A lot of literature To suggest that if a model says “You’re right!” As the assertion begins by outputting, the rest of the output tokens justify the assertion.
Constant need to babysit
Despite the allure of autonomous coding, the reality of AI agents in enterprise development often demands human supervision. Events such as an agent attempting to execute Linux commands on PowerShell, false positive security flags, or introducing errors for domain-specific reasons. Developers cannot back down easily. Rather, they must constantly monitor the reasoning process and understand multi-file code additions to avoid wasting time with subpar responses.
The worst possible experience with agents is a developer who accepts bug-riddled multi-file code updates, then wastes time debugging what the code apparently looks like. It can even give birth to it Misconception of sunk costs Hopefully the code will work after just a few tweaks, especially when the updates are in multiple files with connections to multiple independent services.
It’s like collaborating with a 10-year-old prod who has memorized a lot of knowledge and even solved every part of the user intent, but prefers that knowledge reflects the knowledge to solve the actual problem, and lacks the foresight needed to succeed in real-world use cases.
This "Babysitting" By necessity, combined with the frustrating repetition of deception, this means that the time spent debugging AI-infused code can eclipse the time savings expected from using an agent. Needless to say, developers at large companies need to be very deliberate and strategic in navigating modern agent tools and use cases.
The result
There’s no doubt that AI coding agents have been nothing short of revolutionary, speeding up prototyping, automating boilerplate coding and transforming how developers build. The real challenge is no longer generating the code, it’s knowing what to ship, how to secure it and where to scale it. Smart teams are learning to filter out the hype, use agents strategically, and double down on engineering decisions.
As GitHub CEO Thomas Dohmke recently observed: The most advanced developers have moved to “architecting and verifying the process work performed by AI agents.” In the Age of Agents, success does not belong to those who can deliver code quickly, but to those who can engineer systems that last.
Rahul Raja is a staff software engineer at LinkedIn.
Advitya Jamawat is a Machine Learning (ML) Engineer at Microsoft.
Editors Note: The opinions expressed in this article are the personal opinions of the authors and do not reflect the opinions of their employers.