When a single engineer can stand up a production SaaS interface in about an hour, the question for most engineering leaders is no longer, “Is agentic coding fast enough?” It is, instead, “What kind of governance makes that speed survivable in production?”
Treasure Data’s recent launch of Treasure Code — an AI-native command-line interface that lets customers operate its customer data platform (CDP) through natural language — is an early, concrete answer. The company says one engineer built the product’s code in roughly 60 minutes using Claude Code. That feat was only possible because weeks of work had already gone into the governance and quality layers around it, and because the team then learned, sometimes painfully, what their first version still missed.
The hour of coding that rested on weeks of planning
Treasure Code is positioned as a natural-language front end to Treasure Data’s CDP. Data engineers and platform teams can describe what they want in text, and Claude Code handles the creation and iteration of the underlying code.
According to Chief Product Officer Rafa Flores, the much-publicized “hour of coding” dramatically understates the work required to make that hour safe and useful. Before any code was generated, the company spent weeks planning to de-risk the business: defining what the system must never do, how it would be constrained at the platform level, and how to move from ideation to execution without treating production customers as a testbed.
The approach deliberately blurred the line between prototype and product. Instead of standing up a sandbox experiment, the team aimed to “go, go, go” directly into production — but in a controlled way. That forced them to treat governance and safety as first-class design problems, not afterthoughts that would be backfilled if the prototype proved promising.
Designing guardrails before writing code
The central design choice was to put governance upstream of any AI-generated code. Rather than rely on individual tools or prompts to behave, Treasure Data pushed constraints into the platform itself, so the system could not act outside existing enterprise controls.
When a user connects to the CDP via Treasure Code, they inherit the same access control and permission model they would have inside the core platform. Concretely, this means users can only touch resources they are already entitled to; personally identifiable information (PII) cannot be exposed; API keys cannot be surfaced; and the system is barred from generating disparaging content about brands or competitors.
Security and leadership were brought in early. Flores, the company’s CISOs, the CTO, and heads of engineering were all involved in validating that the interface could not “go rogue.” Only once that platform-level safety net was in place did the team allow AI to generate the entire codebase for Treasure Code.
For engineering leaders, the notable pattern is where governance lives. Instead of hoping each AI tool remembers the rules, Treasure Data embedded those rules into the infrastructure that mediates every interaction. This is the layer that made it feasible to let an AI system generate, and then regenerate, the interface at speed.
The three-tier pipeline that lets AI write code (but not ship it)
On top of the governance layer, Treasure Data built a three-tier quality pipeline, formalizing a principle Flores describes as: AI writes code, but AI does not ship code.
Tier 1: AI code review. At the pull request stage, Treasure Data runs an AI-based reviewer, also built in Claude Code. For every proposed merge, this reviewer executes a structured checklist: architectural alignment, security compliance, error handling, test coverage, documentation quality. If all criteria are satisfied, it can merge automatically; if not, it escalates to a human.
Importantly, the reviewer itself was generated by Claude Code. The same agentic tooling used to write the product code also wrote the guard that inspects that code, showing a self-reinforcing workflow instead of a parallel, human-authored quality layer.
Tier 2: CI/CD and automated checks. Once a change passes AI review, it flows into a familiar CI/CD pipeline that runs unit, integration, and end-to-end tests, along with static analysis, linting, and security checks. This tier is conventional, but in combination with Tier 1, it ensures every change has been examined by at least two independent automated gates.
Tier 3: Human review. Wherever automated systems detect risk, or where enterprise policy mandates sign-off, humans intervene. Reviewers provide the contextual judgment that AI and automated tests cannot replicate, especially around product intent, regulatory interpretation, and cross-team impact.
The net effect is a system where AI can produce a very high volume of code without overwhelming human reviewers. Humans become the final safety check and policy interpreter, not the first line of defense for every diff.
Why this is more than just pointing a code agent at your data platform
A natural question for other teams is whether they could get similar results simply by pointing a tool like Cursor at their databases or exposing their platform via MCP and letting an AI agent query it directly.
Flores argues the distinction lies in the depth of governance and orchestration. A generic connection might offer natural-language access to data, but it usually operates with the full authority of whatever API key is in use. That collapses your internal permission model into a single, broad set of capabilities, making it hard to enforce the principle of least privilege for AI-mediated actions.
By contrast, Treasure Code fully inherits Treasure Data’s access control and permissioning layer: if a user cannot perform an action in the platform, they cannot perform it via natural language through Treasure Code either. This keeps the AI interface bounded by existing security posture.
The second differentiator is orchestration. Because Treasure Code plugs directly into Treasure Data’s AI Agent Foundry, it can coordinate multiple sub-agents and skills across the platform. Instead of executing a single isolated task — “run this analysis” — the system can orchestrate end-to-end workflows spanning omni-channel activation, segmentation, and reporting. That orchestration is what moves the tool from being a conversational query layer to being an operational interface for the CDP.
What broke anyway: adoption, compliance, and skills
Even with a strong governance architecture and a multi-tier pipeline, Treasure Code’s rollout exposed gaps that matter for any team contemplating similar projects.
Unplanned go-to-market. Treasure Data initially exposed Treasure Code to customers without a formal launch plan, assuming adoption would remain low while they refined positioning. Instead, more than 100 customers and nearly 1,000 users found and started using it within two weeks, entirely via organic discovery.
This unexpected growth forced the team to improvise go-to-market motions around a product that was already live: whether to retroactively label it a beta, how to support users already relying on it, and how to sequence feature communication.
Compliance lagging behind usage. Concurrently, Treasure Data was still working to certify Treasure Code under its internal Trust AI compliance program. Customers began using the product before those processes were complete, creating a compliance gap that had to be closed after adoption had begun.
Skill development without clear criteria. When Treasure Data invited non-engineering teams — including customer success managers (CSMs) and account directors — to build and submit new skills, they did so without clear upfront guidance on what would be approved. Many submissions could not pass repository access policies, leading to wasted effort and a backlog of unmergeable contributions.
For leaders, these issues highlight a simple tension: fast technical readiness does not automatically translate into organizational readiness. Governance over code and data does not obviate the need for governance over rollout, compliance sequencing, and contribution models.
Early enterprise validation — and a missing maturity model
Treasure Data has already seen early enterprise uptake. Thomson Reuters, for example, had been attempting to build its own AI agent platform and struggled to move at the pace it wanted. It turned to Treasure Data’s AI Agent Foundry to accelerate audience segmentation work, then expanded into using Treasure Code for faster customization and iteration.
Flores says feedback from such customers emphasizes extensibility and flexibility — and pragmatically, the value of building on an existing vendor relationship where procurement is already complete. That bypasses a major friction point for enterprise AI projects.
However, these same customers have surfaced a significant gap: Treasure Code does not yet help organizations understand how to adopt it. It offers capabilities, but not guidance on AI maturity. The product does not currently tell a customer which personas should use it, which problems to tackle first, or how to shape access and responsibilities across different skill levels.
Flores frames the next frontier as “AI that allows you to be leveraged, but also tells you how to leverage it.” That is, systems that embed not only execution capabilities but opinionated pathways for safe, staged adoption.
Lessons for engineering leaders considering agentic coding
Reflecting on the rollout, Flores is clear about what he would change. Future releases, he says, would stay internal first, with controlled exposure to learn about risk at lower stakes before allowing external access. And he would define explicit skill-approval criteria before inviting non-engineering teams to contribute.
Those retrospective points echo the broader lessons from Treasure Data’s experience, which translate into several practical takeaways for engineering leaders:
1. Governance infrastructure must precede code. Treasure Code was safe to iterate on quickly because access controls and permission inheritance were already embedded at the platform level. Without that, every AI-generated output would have required exhaustive manual review, eliminating the speed advantage.
2. AI-enabled quality gates are necessary at scale. An AI reviewer that evaluates every pull request against a structured checklist allows teams to enforce standards consistently without relying solely on human bandwidth. Human review remains critical, but as a targeted, high-leverage layer rather than the only defense.
3. Expect and plan for organic adoption. If an AI tool is genuinely useful, internal and external users will discover and spread it faster than formal processes anticipate. That reality should shape launch planning, compliance readiness, and support models from the outset.
Flores sums up the opportunity as allowing “vibe coding” — highly iterative, AI-driven development — to work “in a safe way” with proper guardrails. For engineering leaders, the message is not that AI will replace the good work of their teams, but that it can systematically offload the tedious parts. The challenge is ensuring the structures around that offloading are robust enough that when one engineer can ship something in an hour, the organization is still comfortable with what goes out the door.
Hi, I’m Cary Huang — a tech enthusiast based in Canada. I’ve spent years working with complex production systems and open-source software. Through TechBuddies.io, my team and I share practical engineering insights, curate relevant tech news, and recommend useful tools and products to help developers learn and work more effectively.
