Development and Workflow Automation
Study cheat sheet Β· AITECH
Introduction
This topic covers how generative AI plugs into the software development lifecycle (SDLC) β from drafting requirements to writing code to monitoring automated workflows in production. The exam tests whether you understand AI as an accelerant for each phase, not a replacement for human judgment: AI drafts, humans verify. It also covers the practical cost side of building AI-powered workflows β token usage and context-window management β and how AI can improve existing code quality through debugging, error handling, and documentation help.
Key Concepts
SDLC (software development lifecycle) β The phases a feature moves through: requirements, prototyping, implementation, testing, deployment. AI can assist at every phase, typically by producing a first draft a human then reviews.
AI-assisted code generation β Producing a first-draft implementation, boilerplate, or test cases from a natural-language description or existing code β always reviewed before merging, since it can carry bugs, outdated patterns, or security anti-patterns (e.g., hardcoded secrets, unparameterized SQL).
Rapid prototyping β Using AI to quickly produce a working draft (UI, feature, or code) to validate direction with stakeholders before investing in full development. A polished prototype can mask unfinished production concerns (security, scale, edge cases).
AI workflow design β Chaining multiple AI steps together (e.g., extract β transform β report) with clear handoffs, validated intermediate outputs, and human-in-the-loop checkpoints for high-risk steps.
Workflow monitoring β Tracking an AI workflow's outputs, errors, and accuracy over time β not just uptime β because performance can drift after launch even if the workflow passed its initial test.
Token usage and context-window management β Token volume drives both cost and latency. Managing it means trimming irrelevant context, chunking/summarizing large documents, and choosing models whose context window comfortably fits the typical task.
Human-in-the-loop (HITL) for workflows β Applying review selectively to high-risk or low-confidence outputs (e.g., via a confidence score) rather than reviewing everything or nothing β balancing safety against speed.
AI for code quality β Debugging assistance (suggesting a likely root cause from an error/stack trace), improved error handling (suggesting validation/try-except where missing β but risking overly broad catches that mask real bugs), and documentation generation (docstrings/comments β still needs spot-checking for accuracy).
How It Works
- Early SDLC phases (requirements, prototyping) use AI to produce fast first drafts β a human product owner or stakeholder reviews and adjusts before development starts.
- During implementation, AI coding assistants generate boilerplate or full functions; every AI-generated change goes through the same review/test gate as human-written code β no special exception either way.
- Testing phase tools use AI to draft test cases or summarize a pull request's changes for reviewers, speeding up but not replacing human review.
- In production, AI-powered workflows chain multiple steps together. Each step's output is validated before being passed on, and the whole workflow is monitored continuously for drift, errors, and cost β not just checked once before launch.
- Throughout, token and context-window costs are managed deliberately: trimming irrelevant context, chunking large inputs, and balancing model choice against the size of inputs the workflow actually handles.
- For ongoing code quality, AI suggestions (debugging hints, error handling, docs) are treated as drafts a developer reviews and approves β not auto-merged changes.
Commands / Syntax / Key Values
- No specific commands for this topic β it's process and architecture, not syntax. Key terms to know cold: SDLC phases, human-in-the-loop, context-window/token management, and the difference between a prototype and production-ready code.
β Exam Traps
- Assuming AI-generated code is correct because it compiles or looks clean β the exam expects review for bugs, security anti-patterns (hardcoded secrets, SQL injection from string concatenation), and outdated training-data patterns.
- Treating a polished prototype as production-ready β visual polish does not imply security hardening, scalability, or edge-case handling are done.
- Monitoring only the final output of a multi-step workflow β correct answers favor validating and logging each intermediate step, since errors compound silently otherwise.
- Assuming a one-time pre-launch test is sufficient for an AI workflow β ongoing drift/accuracy monitoring is required because performance can degrade after launch.
- Treating "more context" as always better β context-window/token tradeoffs mean excess context raises cost/latency without guaranteed quality gains, while too little context can cause the model to lose track of constraints.
- Reviewing every AI output equally regardless of risk, or none at all β the exam favors selective human-in-the-loop review weighted toward high-risk/low-confidence outputs.
Practice Questions
Q1. An AI coding assistant generates a database query by directly concatenating user input into the SQL string. What must be fixed before merging? - A. The SQL injection vulnerability β use parameterized queries instead - B. The variable naming convention - C. The number of comments in the function - D. The function's return type annotation
Answer: A β Unparameterized, concatenated SQL is a classic AI-generated security anti-pattern that must be fixed regardless of how clean the rest of the code looks.
Q2. A multi-step AI workflow's first step occasionally returns a slightly different output format, causing the next step to fail silently with an empty result. What design principle was missing? - A. Defensive validation between steps, with failures surfaced rather than swallowed - B. The rule that workflows should never have more than one step - C. The rule that only the final output needs monitoring - D. Nothing β format mismatches are always harmless
Answer: A β Each step's output should be validated against an expected schema before being passed downstream, so errors are caught where they originate.
Q3. Why does sending the model's entire conversation history (hundreds of turns) on every request cause an unexpected cost spike? - A. Token usage scales with input size, so unnecessary history directly increases cost and latency - B. Token usage has no relationship to input size - C. Longer context always makes responses cheaper - D. This only affects image-generation requests
Answer: A β Larger inputs cost more tokens; trimming or summarizing older context is the fix, not increasing the context window further.
Summary
- AI accelerates every SDLC phase by producing fast first drafts, but humans verify accuracy, security, and business alignment at each stage β AI checking its own work is not sufficient.
- Multi-step AI workflows need validated handoffs between steps and continuous monitoring for drift, not just a one-time pre-launch test β and human-in-the-loop review should be applied selectively, weighted toward high-risk or low-confidence outputs.
- Token and context-window management is a real cost and quality lever: trim what's unnecessary, but don't trim away information the model actually needs to stay correct.