What Is Context Engineering? Everything you need to know
Context engineering is defined as the discipline of curating the specific information (rules, files, history) available to an AI model before generation, distinguishing it from prompt engineering which focuses on the query itself. The concept gained prominence in mid-2025 through definitions by Andrej Karpathy and Tobi Lütke, positioning it as the "steering" mechanism that complements "vibe coding." "Context rot" is identified as a critical failure mode where adding excessive information to the
Analysis
TL;DR
- Context engineering is defined as the discipline of curating the specific information (rules, files, history) available to an AI model before generation, distinguishing it from prompt engineering which focuses on the query itself.
- The concept gained prominence in mid-2025 through definitions by Andrej Karpathy and Tobi Lütke, positioning it as the "steering" mechanism that complements "vibe coding."
- "Context rot" is identified as a critical failure mode where adding excessive information to the context window degrades model recall and performance, making less context often superior to more.
- Effective context engineering involves rigorous curation—such as using concise
AGENTS.mdfiles—to ensure models adhere to architectural conventions and avoid reinventing deprecated patterns. - Poorly engineered context contributes significantly to security risks, with studies indicating that lack of proper contextual guidance leads to AI-generated code failing security tests at high rates.
Why It Matters
This shift represents a fundamental change in how AI developers approach software engineering, moving focus from crafting clever prompts to building robust, reusable knowledge bases for AI agents. For practitioners, understanding context engineering is essential to reducing hallucinations and ensuring generated code aligns with existing codebases and security standards. It highlights that the quality of AI output is constrained not just by model capability, but by the precision of the information provided to it.
Technical Details
- Definition and Scope: Context engineering encompasses system instructions, project rules, relevant file snippets, retrieved data, conversation history, and tool results. It is the assembly of the finite context window prior to token generation.
- Context Rot: A phenomenon documented by Anthropic where model recall degrades as the context window fills with irrelevant tokens. This necessitates a "lean window" strategy over a "paste everything" approach.
- Distinction from Prompt Engineering: While prompt engineering optimizes the specific question (e.g., "explain reasoning step by step"), context engineering optimizes the static environment (e.g., stack specifics, architecture rules like "business logic in service layer") that applies to all prompts within a session.
- Implementation Example: Replacing a full repository dump with a concise 30-line
AGENTS.mdfile containing stack details, three architecture rules, and anti-patterns resulted in immediate adherence to conventions, whereas verbose context led to errors. - Security Implications: Veracode’s 2025 report links poor context engineering to security failures, noting that 45% of AI-generated code failed security tests, often due to the model lacking knowledge of specific validation helpers or auth boundaries.
Industry Insight
- Shift in Developer Workflow: Teams should invest in creating and maintaining structured context assets (like standardized
AGENTS.mdor system prompts) rather than relying solely on ad-hoc prompting. This creates a durable, reusable layer for AI interaction. - Performance Optimization via Subtraction: Engineers must actively prune context windows. Adding more data does not linearly improve performance; instead, selective retrieval of only task-relevant information is required to mitigate context rot and maintain high recall accuracy.
- Security as a Context Problem: Security reviews of AI-generated code should include audits of the context provided to the model. Ensuring the model is aware of security constraints and existing helper libraries is as critical as the code generation process itself.
Disclaimer: The above content is generated by AI and is for reference only.