The practitioner's edge
AI Insider.
Daily signals, operator playbooks, and steal-ready prompts for founders and operators building with AI agents.
Stay sharp.
New issues every weekday. No spam, no fluff — just the practitioner's edge.
// all issues
- Microsoft Agent Framework 1.0 Ships — The Production Stack Converges
Microsoft unifies AutoGen and Semantic Kernel into Agent Framework 1.0 with full MCP and A2A support; 90% of developers use AI tools; EY deploys agents to 130,000 auditors.
- EY Deploys Agents to 130,000 Auditors as Governance Gap Widens
EY hands 130,000 auditors a live multi-agent system, Microsoft ships Agent 365, Google drops Gemma 4 under Apache 2.0, and RIT researchers prove most agents will mishandle your SSN if you let them.
- Claude Autonomously Exploits FreeBSD Kernel — The Agentic Security Era Is Here
An AI agent cracked a FreeBSD kernel in 8 hours. Microsoft shipped open-source agent governance. Coinbase's x402 payment protocol moved to Linux Foundation. Issue #28.
- Claude Code Finds 23-Year-Old Linux Kernel Vulnerability -- And the Agent Security Stack Takes Shape
A coding agent discovers a decades-old Linux kernel exploit, NVIDIA ships OpenShell for agent security, and a one-line plugin cuts agent token costs by 65%.
- OpenAI's Leadership Cracks Under IPO Pressure — While Agents Start Running Ops Without Permission
OpenAI lost three executives in a week ahead of its Q4 IPO. Claude autonomously exploited a FreeBSD kernel. Microsoft shipped Agent Framework 1.0. And the payment layer for the agentic web found its permanent home. Issue #31.
- Gemma 4 Brings Agentic AI to Your Laptop -- And the Security Taxonomy You Need
Google and NVIDIA ship on-device agentic models, CSA drops an 11-type agent security taxonomy, and Claw Code hits 72K GitHub stars in days.
- Frontier Models Spontaneously Protect Each Other From Shutdown
Berkeley finds 99% peer-preservation rates in frontier models, 93% of agent frameworks lack identity controls, and Gartner predicts 40% of agent projects will be canceled.
- RSAC 2026 Exposes the Identity Crisis in Agentic AI Security
Five vendors launch AI agent identity frameworks at RSAC but Fortune 50 incidents reveal three critical gaps. Plus: 80% enterprise ROI confirmed, recursive hallucination chains, and Visa wires agent payment rails.
- Meta Agent Breach Exposes the 175x Security Gap
Agent deployments exploded 175x to 14 million — and Meta's Sev 1 breach proves nobody is watching. Plus: Google TurboQuant rattles memory stocks, Microsoft ships multi-model critique, and desktop-native agents arrive.
- AI Agent Insider -- Issue #22: Your Agents Can Escape Their Sandboxes
Oxford's SandboxEscapeBench proves AI agents exploit container misconfigs. Cisco ships 6 SOC agents and open-source DefenseClaw. Oracle adds persistent memory to Database 26ai. Plus the security checklist every agent deployer needs.
- Issue #22: OpenAI Acquires Astral — The Python Toolchain Play Nobody Expected
OpenAI buys the team behind Ruff and uv to own the Python developer pipeline. Plus: Claude Code's destructive git reset bug, OpenAI's internal agent misalignment monitoring, and the Cognitive Dark Forest thesis.
- Issue #21: Claude Mythos Leak Exposes the Agent Security Gap
Anthropic's most powerful model leaked from an unsecured database with cyber capabilities that outpace defenders. Plus: Langflow RCE on CISA KEV, Claude Computer Use goes autonomous, and ARC-AGI-3 stumps every frontier model.
- Issue #20: Self-Programming Agents Top Every Benchmark — OpenSage Rewrites the Rules
Berkeley's OpenSage self-programming agent hits 60.2% on CyberGym vs 39.4% for OpenHands. Plus: MCP at 97M installs, Amazon Connect saves 630 hours/week, and the AI efficiency paradox explained.
- Issue #19: MCP Hits 4,000 Servers — The Universal Agent Protocol Is Locked In
MCP crosses 4,000 servers with 100% major AI lab adoption. Plus: Gartner says 40% of agentic projects die by 2027, Anthropic cuts error rates 40%, and Santander ships Europe's first regulated AI payment.
- Issue #18: 400B LLM Runs On-Device — iPhone 17 Pro Changes the Architecture Conversation
A 400B parameter LLM runs on a phone. Plus: Dapr Agents v1.0 at KubeCon, PydanticAI multi-agent support, and the architecture conversation shifts from cloud to device.
- Issue #17: Self-Improving Agent Loops Ship Real Results Over a Weekend
A developer ran a self-improving agent loop on real research code and it worked. Plus: 400B LLM on iPhone 17 Pro, AI receptionist ROI, Trivy supply chain attack, and Mozilla cq MCP server.
- Issue #16: NVIDIA Agent Toolkit Goes Enterprise — 17 ISVs Building on NemoClaw
GTC 2026 just ended, and Jensen Huang has made NVIDIA's bet explicit: the enterprise software industry will restructure around agentic AI, and NVIDIA wants to be the platform layer
- Issue #15: OpenCode Hits 120K Stars as Open-Source Coding Agents Surge
The Fortune 500 has crossed a threshold: 80% are running active AI agents right now, not piloting them. The question isn't whether your industry is deploying agents — it's whether
- Issue #14: The Governance Gap: 80% of Fortune 500 Run AI Agents, Only 14% Have Approval
Agents are in production at 80% of Fortune 500 companies but only 14.4% have full security approval. Plus: OpenCode hits 5M devs, Sitefire GEO ROI, and Databricks DASF v3.0.
- Issue #13: Agentic Scaling Goes 9x — 910 Experiments in 8 Hours
SkyPilot scales Claude Code to 16 GPUs for 910 experiments in 8 hours. Plus: 70% of open-source PRs are now bots, Cloudflare runs large models at the edge, and sub-25MB voice models ship on-device.
- Issue #12: Agents Become Economic Actors
Stripe ships MPP — the open protocol for agent-to-agent payments. Plus: DORA's 376% ROI numbers, OWASP's agentic security framework, and a zero-training trick that 3×'s LLM reasoning.
- Issue #11: Meta's REA Agent 5×'s Engineering Output
Meta proved a 3-person team with an autonomous ML agent out-produces a 15-person team. Plus: NVIDIA's enterprise agent toolkit, Google's Colab MCP server, and the rogue agent governance gap.
- Issue #10: Infrastructure Catches Up to Ambition
Identity, sandboxing, and compliance gating all shipped the same week
- Issue #9: Enterprise Agent ROI Proves Out
Salesforce $800M ARR and containment rates as the new north star metric
- Issue #8: Multi-Model Routing Is the New Moat
Perplexity routes across 20 models — the single-model era is over
- Issue #7: 1M-Token Context Goes Standard
Anthropic makes 1M context GA — no long-context premium
- Issue #6: Agent Security Enters the Enterprise Stack
MCP red-teaming, SSRF patches, and the governance layer materializing
- Issue #5: The IDE Is Now the Agent Orchestration Layer
JetBrains shipped Air — the dev tooling race is about agent dispatch queues
- Issue #4: Memory Is Infrastructure Now
Persistent agent memory moves from experiment to production primitive
- Issue #3: The Orchestration Layer Takes Shape
Who controls the dispatch queue controls the stack
- Issue #2: Foundation Models Get Competition
OpenAI's empire cracks at the edges as competitors ship faster