StrongDM's rule: no human writes the code, and no human reviews it

Simon Willison digs into StrongDM's "software factory," which runs on two blunt rules: code must not be written by humans, and code must not be reviewed by humans. With human review gone, they replace it with two ideas. Scenario testing keeps end-to-end user stories separate from the code, like a holdout set, and scores a build on what fraction of runs satisfy the requirement rather than a pass or fail. The Digital Twin Universe has agents read the public API docs of services like Okta, Slack, and Jira and build behavioral clones, so tests run at huge scale without rate limits or third-party cost.

Willison's read is balanced. He thinks the Digital Twin idea is genuinely new, since high-fidelity clones were always possible but never economically worth it until agents made them cheap. His caveat is the bill: StrongDM suggests roughly $1,000 of tokens per engineer per day, around $20,000 a month each, which only works if you ship faster than competitors can copy you. The open question he leaves is the honest one: how do you prove software works when both the code and its tests were written by agents? Read his write-up on Simon Willison's blog.

Why it matters

If you run engineering, the Digital Twin Universe is the part to steal and the cost is the part to challenge. Cloning third-party services for unlimited test runs is reusable now, but a $20,000-per-engineer monthly token bill is a number you should price against your own margins before copying the model.