AI coding agents that work well on a small project degrade in a large codebase, because the code exceeds the context window and the agent works from a partial view. The fixes are scoped tasks, per-area conventions, retrieval over dumping, and clear module boundaries enforced by structural tests. Add refactor risk zones (green, yellow, red) so agents move fast in safe areas and never confidently rewrite fragile legacy code. Maintainability is the multiplier: tangled code forces more context and more mistakes.
- Large codebases break naive agent usage through context limits, not model limits.
- Classify the codebase by risk so autonomy matches how well an area is understood.
- High internal quality is what keeps agents productive as the codebase grows.
Our Claude Code development service applies this on large .NET systems and monorepos.
A coding agent that is impressive on a greenfield app can flounder in a million-line solution. The reason is rarely the model. It is that the codebase no longer fits in the agent’s view, so it acts on partial information. This guide covers the controls that keep agents effective at scale, including the refactor risk zones described in The Generative Programmer’s 29 May 2026 article on the missing quality layer.
Why do large codebases break naive agent usage?
A large codebase breaks naive usage because it exceeds the context window, forcing the agent to work from a partial view of the system. The limit is contextual, not intellectual, which is why a more capable model alone does not fix it.
Working from a partial view produces three predictable failures, the same ones that hurt maintainability generally:
- The agent loads excess context to understand a change, crowding the window and burning tokens.
- It misses an existing implementation and writes a second, slightly different one.
- It produces inconsistent variations of a pattern, because nothing told it the pattern already existed.
These compound as the codebase grows. The job of scaling agents is to shrink what the agent must hold in mind for any given task, and to make the surrounding structure legible enough that it does not have to guess.
How do you manage an agent’s context in a large codebase?
Give the agent less to hold, not more, by scoping the task and letting retrieval find what is relevant. Dumping the whole repository into context is the opposite of what works.
The practical controls:
- Scope each task to the relevant area rather than the whole system, so the agent reasons about a bounded problem.
- Place an AGENTS.md in each major module, so the agent reads local conventions where it is working instead of a single global file.
- Rely on codebase indexing and retrieval, which both Cursor and Claude Code provide, to surface relevant files on demand.
- Keep tasks small and well specified, because a tightly scoped task needs less context to get right.
This is the feedforward half of the harness applied at scale. For the full treatment of guides and conventions, see the harness engineering guide.
How do you structure a .NET solution or monorepo for agents?
Structure the codebase so an agent can reason about one part without loading the rest, and enforce that structure with tests. Clear boundaries are an agent affordance, not just a human one.
On a .NET solution or monorepo:
- Define module boundaries explicitly (domain, application, infrastructure, API) and keep dependencies flowing one way.
- Enforce the boundaries with ArchUnitNET, so a breach fails the build rather than relying on the agent to remember the rule.
- Use code generators for repetitive shapes, so the agent extends a known topology instead of inventing one. Our harness templates guide covers this in depth.
- Keep modules cohesive, so a task usually touches one area, which keeps the required context small.
Structure that is enforced is structure the agent can trust. Structure that is merely documented is structure the agent will eventually violate under context pressure.
What are refactor risk zones, and why classify your codebase?
Refactor risk zones classify the codebase by how safe it is for an agent to change, so autonomy matches understanding. The Generative Programmer’s quality-layer article frames this as a core control, and it maps cleanly onto how we already assess legacy systems.
A simple three-zone scheme:
- Green: well-tested, well-understood, low-churn code. Agents can work here with normal review.
- Yellow: important or moderately complex code that needs care and tighter review.
- Red: high-churn, poorly understood, or undocumented code, often legacy. A confident agent rewrite here is dangerous.
Behavioural code-analysis tools such as CodeScene help locate the red zones by combining change frequency with complexity to find hotspots. Dependency analysis adds the structural view. The output is a map that tells both the agent and the team where speed is safe and where it is not.
How do you keep agents out of the red zones?
Constrain agent autonomy in red zones rather than banning agents outright. The goal is to keep the speed agents give you in safe areas while preventing unsupervised rewrites of fragile code.
The controls that work:
- Require human pairing for changes in red zones, so a person frames and reviews each step.
- Keep tasks small and explicitly scoped, never “tidy up this module”.
- Forbid broad rewrites through rules, and back the rule with structural sensors that fail on boundary violations.
- Add tests before refactoring, so a red zone has a safety net before an agent touches it, which also moves it toward green over time.
This is the same risk-based discipline we apply to legacy modernisation generally. See our legacy .NET assessment framework for how we score and prioritise old code, and legacy system costs and warning signs for recognising where the risk concentrates.
Why does maintainability decide how well agents scale?
Maintainability is the multiplier, because every quality problem in the codebase becomes an agent problem at scale. This is the central argument of Birgitta Böckeler’s maintainability sensors article, and it is why scaling and maintainability are the same problem viewed from two angles.
Tangled code forces the agent to load more context for any change, raises the odds it duplicates logic it could not find, and makes its output inconsistent with what already exists. High internal quality does the opposite: it shrinks the context needed, makes existing implementations discoverable, and keeps new code consistent. Keeping the codebase healthy with the sensors in our maintainability sensors guide is therefore a direct investment in how far agents can scale.
How does this apply to legacy modernisation?
Large legacy systems are where scaling and risk zones matter most, because they are big, poorly understood, and exactly where teams want agent leverage. The approach is to assess first, then let agents work freely in the safe zones while fragile areas get human pairing.
In practice that means classifying the system into risk zones up front, adding tests to red zones before touching them, and using agents aggressively in the green areas where the modernisation work is well understood. Our guide on modernising legacy .NET applications with AI sets out the wider method.
How does Talk Think Do scale agents on large codebases?
We combine structure, scoping, and risk-based limits, as recorded in the Q1 2026 AI Velocity Report:
- Module boundaries enforced by ArchUnitNET, so agents reason locally and cannot leak a layer.
- Per-area conventions and scoped tasks, so the context any task needs stays small.
- Risk-based limits on where agents work unsupervised, with human pairing in fragile zones.
- 84% of code AI-authored across active projects, with 40-50% faster delivery, every change reviewed by senior engineers and ISTQB-qualified QA inside our ISO 27001-certified framework.
Scaling agents is mostly an exercise in legibility and restraint: make the codebase easy to reason about in pieces, and match autonomy to how well each piece is understood. To plan this on your own system, book a free consultation.
Frequently asked questions
Why do AI coding agents struggle in large codebases?
What are refactor risk zones?
How do you stop an agent rewriting fragile legacy code?
How do you manage an agent's context in a monorepo?
Does maintainability affect how well agents scale?
How does Talk Think Do scale agents on large .NET systems?
Related guides
Is Claude GDPR Compliant? Anthropic Assurance for UK Businesses
How UK businesses get GDPR and ISO 27001 assurance over Anthropic's Claude: commercial terms, the DPA, certifications, EU data residency options, retention settings, and a supplier due diligence checklist.
The Risks of AI-Augmented Development
AI-augmented delivery introduces specific risks across IP, attribution, regulation, security, quality drift, and skills. Eight risks and the controls that contain them.
AI-Augmented Development for Public Sector and GDS
How AI-augmented delivery aligns with the GDS Service Standard, Technology Code of Practice, and UK public-sector procurement. Practical guidance for delivery teams and buyers.