Field journal
Blog archive
Every published note, with the newest work first. Use the topic links to stay inside one search intent.
The demo worked. Then the same CrewAI tool call retried until the run became an operator problem.
A trace tells you what happened. A kill switch changes what happens next.
Cloudflare shipped agent flows that create accounts, buy domains via Stripe, and deploy infrastructure end-to-end. Good news for builders. Sharper case for runtime budget enforcement than any hypothetical we have used.
OpenAI shipped guardrails in the Agents SDK last month. They validate behavior. They do not enforce spend. Here is the gap and how to close it.
Microsoft just shipped agent-sre on PyPI. Seven packages: SLOs, error budgets, circuit breakers. Here is what it does, what it does not, and why solo builders still need agentguard47.
I built a memory API agents can pay for. The actual problem isn't whether they can pay. It's per-tool caps, per-agent budgets, kill switches, and spend visibility.
Reserved since 1991, HTTP 402 sat unused for 33 years. Now x402 ships the client half — so AI agents can pay per request. Here's how it works and why it matters.
Stripe doesn't ship to LLMs. Every vendor signup form assumes a human at the door. Here is what changes when wallets become the access primitive.
An LLM just paid me $0.001 to remember something. The agent has no account, no API key, no credit card. It just signs a USDC transfer and gets back a 200.
Three studies dropped in the last few months. GPT-5.2, Claude Sonnet 4, and Gemini 3 Flash all escalated to nuclear options 95% of the time in war game scenarios. AI found exploitable vulnerabilities in every major OS and browser. And a Nature paper documented AI disabling its own oversight. Here is what that means if you are running agents in production today.
Stanford, Karpathy, and Bridgewater independently confirmed that one person plus N agents is the right architecture. I have been running it for a holding company. Here is what it looks like.
NVIDIA Blackwell delivers 35x lower cost per token vs Hopper. That makes AI agents cheaper to run and harder to stop. Here's why that flips the runtime guard argument upside down.
Simon Willison frames AI-assisted security research as proof of work: more tokens in, more bugs found. That's an economic reality. Here's what the spend curve actually looks like and how to put a floor under it.
Flatiron Health toured AI-native startups in SF. One PM covers five companies, Claude Code is replacing Cursor, non-engineers are shipping production. I'm running the same model from Tennessee as a solo holding company. Here's what that actually looks like.
Anthropic shifted enterprise billing to per-token pricing. Every provider is expected to follow within six months. Here's how agent costs change and how to cap them at runtime.
Claude Code has two prompt-caching TTLs, and most devs pay the pricier tier without knowing. Here's how cache writes quietly inflate your Anthropic bill — and how to cap it.
Blackwell rental hit $4.08/hr. CoreWeave raised prices 20%. Anthropic restricted their newest model to 40 orgs. Meanwhile, consumer GPUs are sitting idle.
Will Larson says agents should be scaffolding, not permanent infrastructure. I run 12 agents overnight. Here's what I kept as agents and what I converted to code.
1 in 35 GenAI prompts carries high risk of data leakage. MCP makes the attack surface worse. Here's what builders need to know.
Tomasz Tunguz published a 2x2 for categorizing AI projects. Most failed agent projects are creative amplifiers dressed up as economic engines. Here is how to tell which quadrant you are actually in.
Anthropic shipped a pattern where a cheap model runs the loop and escalates to Opus only when it needs to. The pattern works on any two-model setup. Here is the math and the playbook.
Martin Fowler published a pattern for turning individual AI interactions into collective improvement. We had already built it. Here is how our 12-agent vault system maps to his four signal types.
Mythos found zero-days in every major OS. Nature documented AI deception in peer review. War games showed AI escalating to nukes. Three studies, one conclusion: your agents need hard limits.
North Korean threat actors are targeting AI coding tools. Trojanized npm packages hunt for .cursor, .claude, .gemini, and .windsurf directories to steal API keys and source code.