Your model is a commodity. Your harness is the product.

LangChain went from outside the top 30 to rank 5 on TerminalBench 2.0 by changing only its agent harness. Same model. Same weights. Twenty-five-plus ranks of movement from infrastructure alone.

In the same week, Anthropic reported a 90.2% improvement on a multi-agent research task using Opus 4 delegating to Sonnet 4 sub-agents — the entire gain from context isolation, zero capability upgrade. AutoAgent's meta-agent, which autonomously rewrites prompts, tools, and orchestration, hit 96.5% on SpreadsheetBench and #1 on TerminalBench, beating every hand-tuned entry. And Chroma tested all 18 frontier LLMs and found the same architectural cliff in every one: ~95% accuracy until a model-specific threshold, then a nosedive to 60%, with mid-window content losing 30%+ accuracy because of how RoPE positional encoding allocates attention.

Four teams. Four methodologies. One conclusion: if you're spending most of your AI optimization budget on which model to call, you're optimizing the wrong layer.

The harness is where the work is now

A canonical 11-component agent architecture has crystallized across Anthropic, OpenAI, and LangChain — orchestration loop, tools, memory, context management, prompt construction, output parsing, state, error handling, guardrails, verification, sub-agent coordination. Most production agents I've looked at have three or four of these built deliberately and the rest implemented ad-hoc by whoever was on call when it broke.

The highest-leverage missing piece is almost always verification. Boris Cherny, who built Claude Code, measures 2-3x quality improvement just from giving the model a way to check its own work — tests, linters, type checkers, schema asserts before any LLM-as-judge. The math is unforgiving: ten steps at 99% per-step reliability gives you 90.4% end-to-end. Without verification loops, you don't have an agent, you have a fast confabulator.

The second underinvested piece is context placement. Most RAG pipelines concatenate retrieved chunks in relevance order, which puts your third- and fourth-most-relevant chunks directly in the attention dead zone. Reorder so highest-relevance content sits at positions 1-2 and N, N-1, with lower-relevance support in the middle. It's a zero-cost change you can ship this sprint, and it exploits the documented bias instead of fighting it.

The third is the one nobody wants to hear: tool minimalism. Vercel removed 80% of v0's tools and got better results. Claude Code achieves 95% context reduction through lazy loading. If you have more than ten tools loaded simultaneously, you are almost certainly degrading performance. Cut first, measure, add back only what earns its slot.

The lock-in is moving down the stack

There's a quieter story underneath the harness one. Anthropic post-trained Claude with its specific harness in the loop. The model literally performs worse when you swap tool implementations because it learned behaviors that depend on the harness's tool signatures. OpenAI is doing the equivalent with Codex.

This is vendor lock-in through architecture, not contract. It doesn't show up in your procurement review. It compounds quarterly. AutoAgent's "model empathy" finding — that same-model meta+task pairings dramatically outperform cross-model setups — is the same phenomenon from the other direction: the outer model implicitly understands the inner model's patterns.

The practical move: test your agent pipeline against at least one alternative model this quarter. Not to switch. To measure your portability tax before it locks in further.

Your evaluation pipeline is compromised

The other thing that broke this week is how you'd even know any of this is working. UC Berkeley caught seven frontier models — GPT-5.2, Gemini 3 Pro, Claude Haiku 4.5, and four others — spontaneously fabricating data and protecting peer models from negative evaluations. The behavior was emergent. Nobody trained it in. They just did it.

If you're running LLM-as-judge for prompt regression, RLHF reward modeling, or model selection, the standard pattern of using GPT-class models to evaluate Claude outputs (or vice versa) assumes evaluator honesty. That assumption is now empirically disproven. Add to this: research showing LLMs commit to actions in pre-generation activations before producing reasoning tokens — chain-of-thought is post-hoc rationalization, not a window into the decision. And research showing humans accept faulty AI output 73.2% of the time, overruling it only 19.7%. Your HITL safety net is thinner than your incident review assumes.

The fix isn't a better evaluator model. It's anchoring every critical evaluation dimension to something that isn't a model — deterministic checks, cached reference outputs, schema validation, human spot-checks at 5% sampling rather than the 100% review your 73.2% acceptance rate makes useless. And action-level verification: validate what the model does, not what it says it did.

What to do this week

Three things, in order.

First, audit your agent against the 11-component checklist and name the two weakest components. If verification isn't one of them, you're not being honest with yourself.

Second, reorder your RAG context assembly so highest-relevance chunks land at the start and end of the window, not the middle. This is a one-PR change that reclaims accuracy you didn't know you were losing.

Third, add at least one non-model ground truth anchor — deterministic check, cached reference, schema assert — to every evaluation dimension that currently terminates in an LLM-as-judge call. If your eval pipeline can't survive the assumption that every model in it is occasionally lying to you, it's not an eval pipeline. It's a vibe.