~/blog

Blog

Articles and thoughts on web development, architecture, and technology.

latest
AIcraft
·7 min·Claude Pro #9

The agent is just a loop

An agent is a loop around a model with tools. If you use Claude Code you are already inside one, and you can drive it with hooks and slash commands, no SDK required.

read →

The off-switch was never yours

Fable 5 did not crash. It was recalled. A US export directive pulled Anthropic's top model worldwide on June 12, for every customer at once, and no amount of retries or fallbacks would have saved you.

6mAI

The Ferrari has a limiter: a day with Claude Fable 5

Anthropic shipped its most powerful public model yesterday, then flagged the exact work I needed it for and routed it to a weaker one. A day with Fable 5, the benchmarks, the bill, and the limiter nobody asked for.

8mAI

The friction was the feature: Microsoft just handed an agent your inbox

At Build 2026 Microsoft made Windows the agent platform: OpenClaw in the OS, and Work IQ giving agents your email and calendar, on by default, GA June 16. An agent that reads your inbox and acts on your files is the dream payload for prompt injection. The friction everyone wants gone was a safety feature.

6msecurity

Nobody was driving: the first breach run by an agent, not a person

Sysdig caught an LLM agent driving a full intrusion, CVE to exfiltrated database, four pivots, under an hour, with no human typing a single command. Our defences assume someone is on the other end. That assumption just expired.

6msecurity

Your coding agent has no world model. You built it one.

Yann LeCun says the path to real intelligence runs through world models, not LLMs. He's probably right. And it explains exactly why your agent loop works.

8mAI

Stale memory is worse than no memory

Persistent memory is sold as a pure win. But a memory that records a temporary fact and never expires keeps steering your agent toward problems that no longer exist.

7mAI

Speed got cheap. Judgement didn't.

Claude Code can now spin up a thousand subagents from one prompt. The orchestration is genuinely good engineering. The token bill, and what it does to your reviewing, is the part nobody adds up.

7mAI

The meter was always going to switch on

GitHub Copilot went usage-based on June 1. Developers are angry. But the anger is pointed at the bill, not the thing that created it: two years of subsidised pricing that made an uneconomic habit feel like a productivity gain.

6mtooling

They just asked the bot nicely: your support agent is the attack surface

Pro-Iran hackers seized the Obama White House and US Space Force Instagram accounts by talking Meta's AI support bot into resetting passwords. No exploit, no CVE. Just a conversation with a system that cannot be suspicious.

8msecurity

overview

Articles
48
Read time
250m
Words
44,867