AI coding agents are useful because they can make large changes quickly. That is also the reason I do not want to merge their patches just because the final answer says “done”. The risky failure mode is not usually obvious broken code. It is a plausible patch that quietly touches a risky area. Here is the checklist I use before merging AI-agent generated diffs. 1. Did dependencies change? Look for package files and lockfiles: package.json lockfiles requirements.txt pyproject.toml go.mod Docker b