The Unattended Coding Agent Just Arrived. Four Gates Before Letting It Commit.
Anthropic's Claude Code Routines now run with no mid-run approval prompts. NVIDIA has 10,000+ employees on GPT-5.5 Codex on day one. The unattended-commit dial moved across every major harness this week. Here are four gates to set before flipping it.
TLDR Anthropic's Claude Code Routines now run as full autonomous cloud sessions with no permission-mode picker and no mid-run approval prompts. NVIDIA has more than 10,000 employees on GPT-5.5-powered Codex three days into the launch. The unattended-commit dial moved across every major harness in 72 hours, and most engineering orgs have not yet decided what gates they want in front of it. Problem this solves I spent Wednesday morning reading NVIDIA’s April 23 blog post about its GPT-5.5-powered Codex rollout. The line that stuck out was the headcount. "Over 10,000 NVIDIANs - across engineering, product, legal, marketing, finance, sales, HR, operations and developer programs - are already using GPT-5.5-powered Codex." NVIDIA Blog, April 23, 2026 That is day-of-launch usage. Not week-three. The same day, Anthropic’s Claude Code Routines hit a maturity point where, as allthings.how put it, “Claude Code runs the routine as a full autonomous cloud session. There’s no permission-mode picker and no mid-run approval prompts.” The unattended-commit boundary moved across every major harness this week. Routines keep working with the laptop closed. Codex parallel agents run in the background while engineers do something else. The question shifted from “should we ever let an agent commit unattended” to “what gates do we want in front of the dial that has already turned.” Most engineering org s I have spoken to have not answered that question in writing yet. The approach: four gates When I sit down with a CTO this week, here is the framework I keep recommending. Four gates, in order, before any harness gets to push commits without a human in the loop. Gate 1: Scope the action surface. A routine is not a script. allthings.how puts it cleanly: routines are “saved cloud configurations that pair a prompt, one or more GitHub repositories, and a set of connectors into a package that runs on its own.” Decide which routines are allowed to push to a branch, which can open a PR, which can