Coding Is Solved. Verification, Product Judgment, and Security Are Not.

Eight times. That is how much more code the Claude Code team at Anthropic ships per quarter compared to their 2021 through 2025 baseline, according to an internal chart Fiona Fung shared during a June podcast appearance. Fung manages the Claude Code and Cowork engineering teams. Her summary was blunt: "Coding is no longer the bottleneck."

She is not wrong, and three things that happened in the same late-June window make the consequences concrete for anyone running a software team or buying AI tooling.

What 8x throughput actually broke

Fung's June 3 post, "Running an AI-native Engineering Org," lays out what changed when agentic coding became the default on her team. Six-month roadmaps died because they were out of date by month three. Designers and product managers started checking in code directly. Planning shifted from design documents to prototypes that internal users could react to immediately.

The gating activities are no longer writing code, writing tests, or refactoring. They are verification, code review, and security. Fung tracks quality with a "bad vs sad" framework: "bad" means unrecoverable errors shipped to users, "sad" means the experience degraded but did not break. When your team multiplies output by eight, lightweight triage like this matters more than comprehensive manual review, because comprehensive manual review does not scale.

Ishan Gupta at VentureBeat connected this to a broader pattern on June 27. New Stack Overflow questions are down roughly 77% since November 2022. The compressed timeline of how engineers got answers looks like this: the Stack Overflow era (2014 to late 2022), the browser-tab era with ChatGPT (late 2022 to 2024), the IDE-native era with Copilot and Cursor (2024 to 2025), the spec-driven era with Kiro and Amazon (2025 to 2026), and now what Gupta calls the routines era, where Claude Code Routines handle cron jobs, hooks, and overnight swarms.

The bottleneck did not disappear. It moved to the person deciding what the routines should do. Gupta reports Anthropic told its growth team to hire more product managers, not fewer, because Claude Code turned the engineering org into a team that ships at roughly three times its actual headcount. The constraint is now what to build, not how to build it.

Opus 4.8 fast mode made the throughput problem sharper

On June 25, Anthropic deprecated fast mode for Opus 4.7. The removal date is July 24. After that, fast mode requests on Opus 4.7 return an error rather than falling back to standard speed. The migration target is Opus 4.8, where fast mode costs $10 per million input tokens and $50 per million output tokens. That is a third of what fast mode cost on Opus 4.7, which was $30 and $150.

For interactive agent workflows where a developer is waiting, 2.5x faster generation at a third of the previous price is not a marginal improvement. It is another multiplier on the throughput that Fung described. More code per minute means more code to verify per minute.

The pricing page is explicit about the tradeoff. Same model, same intelligence, faster inference configuration. Standard Opus 4.8 at $5 and $25 per million tokens remains the right call for batch workloads where nobody is watching the clock. But for teams running agent loops with human-in-the-loop latency expectations, the old cost barrier just dropped by two-thirds.

The flip side: finding bugs faster than anyone can fix them

The same week, 20 organizations launched Akrites under the Linux Foundation. AWS, Anthropic, Google, Microsoft, GitHub, OpenAI, Cisco, Red Hat, NVIDIA, Chainguard, Citi, and JPMorganChase are founding members. The name comes from the Akritai, Byzantine border soldiers stationed at the empire's most exposed edges.

The launch reason is specific. AI tools have surfaced thousands of validated vulnerabilities in open source software in recent months. According to Endor Labs CEO Varun Badhwar, fewer than 5% are patched. Anthropic's own Project Glasswing reported finding more than 10,000 high or critical severity vulnerabilities across systemically important software, with Cloudflare alone finding 2,000 bugs (400 high or critical) in their first month.

The gap between finding and fixing is the structural problem. When multiple organizations independently scan the same library, maintainers receive a wall of duplicate reports and the genuinely exploitable findings get buried. Every additional party sitting on unpatched vulnerability knowledge increases leak risk before a fix exists.

Badhwar's framing gets at the core issue: "For years, we have believed finding vulnerabilities was never the hard part. Fixing them was. AI has made that gap impossible to ignore."

Where this lands for operators

If your engineering team uses Claude Code, Cursor, or similar agent tools, the output constraint has already moved. Code generation is cheap. Verification is expensive. Product judgment is scarce. Security remediation is the part nobody budgeted for.

The teams getting the most out of coding agents are the ones whose verification loop catches problems before a human sees the pull request. Runtime verification tools, integration test environments, and observability platforms are not optional overhead anymore. They are the new code review.

On the security side, AI can now find vulnerabilities in your dependencies faster than your team can patch them. If you run open source dependencies, and you do, the bottleneck has already moved from discovery to remediation. Track mean time to patch, not just mean time to detect.

Anthropic is hiring product managers because its engineers ship eight times more code. The Akrites coalition formed because AI finds bugs eight times faster than maintainers can fix them. Opus 4.8 fast mode at a third of the old price just poured more fuel on both fires. The question is not whether your organization can generate code. That part is solved. The question is whether you can handle what comes after.