This Artifacts Log post is unusual in how many diverse, quirky models there are across use-cases and modalities. Normally these model roundups are dominated by big models from the likes of Qwen, DeepSeek, Kimi, etc. There are models for all sorts of different use-cases in this post, from optical character recognition (OCR), RAG search, audio transcription, computer-use, code-editing, math theorem proving, and more. The artifacts covered this month also come from a much broader list of open model builders.
This gives us a lot of hope for the future of open models, where we see the need for domain-specific, cheap models as being crucial tools to complement the strongest, closed agents. When the top few models get the headlines, this vast, industry-scale tinkering can easily be forgotten. Reading this post gives a technically grounded, broad coverage of the many directions the industry is pushing specific models for. Expect more like this!
To encourage people to take a look at the diversity of models in this issue, the core part of the update is not paywalled. An otherwise quiet month at the top end of open models really delivered.
Artifacts Log
Our Picks
NVIDIA-Nemotron-3-Super-120B-A12B-NVFP4 by nvidia: The long-awaited mid-sized model from NVIDIA is finally here: 120B total params with 12B active, a 1M context window, and support for multiple popular languages. Furthermore, the model is based on LatentMoE and uses NVFP4 during pre-training, which is a first for open models. Like other things from NVIDIA, it comes with an in-depth tech report plus pre-training and post-training datasets, with the vast majority of the data being openly released.
cohere-transcribe-03-2026 by CohereLabs: A speech-to-text model by Cohere based on the conformer architecture, similar to NVIDIA’s Parakeet. It features 14 different languages, including some AIPAC languages and Arabic. Performance-wise, Cohere claims it beats similarly sized open and closed models. To top it all off: The model is released under Apache 2.0! Previous open models by Cohere were released under a non-commercial license.
sarvam-105b by sarvamai: The Indian startup Sarvam, which trained open models in the past, has scaled up everything for its new flagship models in terms of dataset size (12-16T tokens) and model size (30B-A2B, 105B-10A). As a result, they come close to or even surpass a lot of open models with similar sizes. The release also shows why sovereign AI is so important, something that few other countries have internalized yet: In comparison with SOTA open models, the Sarvam models are vastly more preferred in Indic languages.
Mistral-Small-4-119B-2603 by mistralai: A 119B-A7B model by Mistral, combining their previous model generations into one as a hybrid reasoning model with coding abilities.
zeta-2 by zed-industries: The open source code editor Zed has released their edit prediction model openly in the past, which we featured a year ago. While the previous version was based on open data, the new version, based on Seed-Coder-8B, is trained on open source code by users who explicitly opted into data collection.
Models
General Purpose
gpt-oss-puzzle-88B by nvidia: A pruned expert version of GPT OSS 120B. It also replaces some global attention layers with window attention. Puzzle is “a post-training neural architecture search (NAS) framework, with the goal of significantly improving inference efficiency for reasoning-heavy workloads while maintaining or improving accuracy across reasoning budgets.”
Olmo-Hybrid-7B by allenai: A hybrid attention + GDN (gated DeltaNet) model. See our blog post for more insights about the architecture and its challenges.
NVIDIA-Nemotron-3-Nano-4B-BF16 by nvidia: A compressed version of NVIDIA-Nemotron-Nano-9B-v2, which itself is a compressed version of NVIDIA-Nemotron-Nano-12B-v2. Nvidia has been pushing this direction more than anyone else with open models.
Multimodal
Yuan3.0-Ultra by YuanLabAI: A 1T multimodal model by the relatively unknown Yuan Lab. They pre-trained a 1.5T model on 2.2T tokens and subsequently pruned experts with a new technique, outlined in the tech report.
LongCat-Next by meituan-longcat: A multimodal model which can process text, vision, and audio as both inputs and outputs.
granite-4.0-1b-speech by ibm-granite: A small speech-to-text model supporting six languages. It also supports the generation of English audio for translation.
MiroThinker-1.7 by miromind-ai: A fine-tuned version of Qwen 235B for agentic workflows, especially research.
tabpfn_2_6 by Prior-Labs: An update to the popular tabular prediction model, which is slightly larger than its predecessor. Its license allows research and internal evaluation only.
sam3.1 by facebook: An update to SAM 3, carrying the same restrictive license.
Holotron-12B by Hcompany: A policy model for CUA agents.
LongCat-Flash-Prover by meituan-longcat: A Lean4 fine-tune of the large LongCat model.
Leanstral-2603 by mistralai: A Lean4 fine-tune of the new Mistral Small 4.
reka-edge-2603 by RekaAI: A model for robotics, beating models such as Cosmos-Reason2. Its noncommercial license converts into Apache 2.0 after two years.
RAG
Qianfan-OCR by baidu: There have been a lot of great OCR models lately. This one is from Baidu and is licensed under Apache 2.0.
chandra-ocr-2 by datalab-to: An update to the Chandra OCR model, released under a restrictive license.
Reason-ModernColBERT by lightonai: A SOTA retrieval model released under a non-commercial license. However, there is also code to re-generate the data, allowing the training of a commercially viable version.
context-1 by chromadb: A fine-tuned version of GPT-OSS for agentic search with an in-depth tech report. It also marks the debut of Chroma into the open model space. Trained with Thinking Machine’s Tinker.
dots.mocr by rednote-hilab: The beloved dots.ocr model has been updated and supports SVG outputs. However, on top of the general MIT license, the model comes with additional usage restrictions, just like its predecessor...
Monthly extra roundups of open models, datasets, and links.
Occasionally paywalled hot takes.
Interconnects Discord Server.
Our portfolio company Tasklet is a platform for making agents that do things for you. USV uses it to create agents that automate a lot of work for us. This post, which I mentioned last week, explains how USV uses Tasklet.
Recently, Tasklet launched a feature called Task Computer which is a Linux computer in the cloud that can do things for you and automate them.
My wife, The Gotham Gal, is using Task Computer to log into her Instagram account, go to her Instagram Collections, and pull out all of the information from them and populate a series of databases that her agent can then access to book trips and such.
Having a virtual computer side by side with an agent is such a help for non technical people that can't write API calls and that kind of thing.
If you have things in your life you want to automate but haven't found the right tool yet, try Tasklet. It's great.
Support AVCI am a VCShow you appreciate this writer, help support their work, and share in their growth over time by buying their writer coin.Support
by Mike Taylor This post was originally a tweet thread in response to Sam Parrasking how people get their teams to adopt Claude. It touched a nerve, so I wanted to expand on it. I recently joined Every Consulting as the head of tech consulting, where we work with mid-to-large-sized companies on AI training and adoption. Here’s what’s working.— Mike Taylor__ EntrepreneurSam Parr asked a question on X the other day: “How is everyone getting team adoption for Claude? I spent a lot of time on Twitter, as do you. We see all this AI stuff popping up. We’re on top of it, or at least sorta. But how are all you people getting your team to actually use it effectively without spending all their time on Twitter and learning?” I hear this question in some form on every single consulting engagement. I know the advice I have resonates in meetings, but I’m short on time. So I dictated this post through Monologue and used Claude to shape it into something readable. (Let me know if this format works for you.) Here are seven learnings from working with companies through Every Consulting:
1. Buy the model direct, not third-party tools
When you evaluate AI-powered tools, you’re also—whether you realize it or not—evaluating the tool vendor’s choices and constraints, rather than what the underlying model provider (like Anthropic, Google, or OpenAI) is capable of. It’s often faster to build your own Claude/Gemini/Codex skill with your own rules and preferences already built in. Companies are increasingly building, not buying, AI software on top of models, because it gives you flexibility. I don’t know how it’s possible for companies that aren’t the core model providers to keep up when the big labs know what models are coming, build their internal tools to align with those releases, and train them on how to operate within their own environments. I appreciate the effort that companies like Cursor put into user experience—they’re a good product organization. But it’s difficult to compete with Anthropic offering $5,000 worth of tokens a month for a $200 subscription. Third-party tools tend to be less flexible, less cutting-edge, and more expensive. That’s not always the case, but as a general rule, it holds. So most companies are better off buying directly from the model providers.
Built for businesses ready to scale. Simplify your tech stack with HighLevel.
If your business runs on scattered tools, disconnected automations, and half-built funnels, you are not alone. Most marketers and business owners only scratch the surface of what HighLevel can do. They use a few features, launch a campaign, and never tap into the full power of the platform. HighLevel was not built to be just another tool in your stack. It was built to run your entire system. With HighLevel, you can capture leads, build high-converting funnels, automate follow-up, manage your pipeline, and deliver seamless client experiences all in one platform. Inside HighLevel you can:
Capture and convert more leads
Build funnels that actually perform
Automate follow-up and nurture at scale
Manage pipelines and close more deals
Deliver seamless client experiences
Create predictable, repeatable revenue
2. Raise the ceiling, not the floor
A lot of companies have mandated to their employees, “Everyone needs to use AI now. We bought you AI tools. Adopt it.” That doesn’t work. Even on pain of death, many people are unwilling to use AI or be told that they have to. It’s basic self-preservation. Instead, use the carrot rather than the stick. Nominate people who are already AI-forward as internal cheerleaders. Maybe it gets other people to come out of the woodwork rather than hiding their AI usage by making it clear that using AI is encouraged. Give those people the support they need to unblock barriers to AI usage (typically IT access to data connectors, approved budgets for coding tools, and removal of layers of bureaucracy)—because someone who’s bought in is going to accomplish five to 10 times more work than someone who hasn’t seen the magic yet. You can accelerate adoption by showing that people who use AI aggressively get promoted first or interface the most with senior management. In some cases, we’ve co-opted those early adopters into being teaching assistants in courses we teach to the rest of the team. When their colleagues see that person advancing in their career, that’s a more effective motivator than any mandate. You also get the productivity boost of enabling someone who’s already a believer. It’s much harder to convince someone to believe than it is to supercharge someone who already does.
3. Workshops should be at least 50 percent build time
Workshops teaching people how to use AI in a hands-on way are an effective way to teach your team—but they need to be heavy on building tools. No one wants to sit on Zoom and just look at slides. I learned AI by doing. Guided theory helps orient and motivate people, but the biggest complaint we hear is that they don’t have time in their workday to explore these tools and learn something new. If you give them a couple of hours in a workshop where they’re expected to build something, and access to the tool and data (either synthetic or actual through connectors like MCPs), that’s when the aha moment happens.
4. Assign impossible tasks
An “impossible task” is one that wouldn’t have been possible to do without AI. Boris Cherny , a creator of Claude Code, has said something similar—that you should slightly under-resource most teams, which makes employees think, “The only way I can do this is if I use AI.” I think it works better if you are more explicit and strategically choose the tasks so that they can’t possibly be done without AI. For example, if your goal is to write one blog post a week, you can likely do that manually. But if your goal is to write one a day, you’ll probably need to use AI in research, drafting, and editing (like we’re doing here!). And you don’t set the goal as, “Starting today, you have to produce one piece a day.” Instead, say: “Our goal is to work up to producing one piece a day. What needs to happen for you to make progress toward that goal?” It might take time, but if they know that’s where they’re heading rather than where they’re starting, they’ll start thinking strategically about how to use AI to save time, and start experimenting.
5. Mandatory AI note-taking plus MCP connector
Everyone on our consulting team records every meeting with Granola and has the Granola MCP set up in Claude Code, and it’s been transformative. You finish a meeting with a potential client, and tell Claude to summarize it and send an email to your colleague. That’s 80 to 90 percent of the value of AI: extracting information from unstructured data and structuring it in a way that’s useful. So many times I’ve come to a task and realized I need context from a meeting, and I can pull that information from the MCP. It’s how I create curriculum or put together proposals. Now I can’t imagine working without it.
6. Map workflows and systematically automate them
When we do discovery calls with clients about their day-to-day work, we follow a process: We ask them what tools they use, what they do on a daily basis, and what their pain points are. Then we put that information into a Google Sheet with a row for each task we need to solve for, and we systematically work down that list as we automate. Our goal is to get to the point where nobody on the team ever has to do the same task thrice. If AI can take a first pass at each task type, and we build a skill for each one, that person could be doing five to 10 times more than they’re doing right now. So far, in my experience, this has never led to a reduction in workforce. Instead, either the companies put more effort into each task, or they expand the revenue and throughput of their team without hiring. When we were previously teaching Claude Code workshop-style courses, we used to prepare one project for the whole group to work on. Maybe we could manage one per business unit or team, but the preparation cost quickly added up. Now we can use Claude Code to create an individual project for each person taking part. We’re using AI to make each engagement that much more valuable rather than cutting headcount.
7. Train people to be managers of agents
Everyone who was an individual contributor before is now a manager—of AI tools. And they’re struggling because they don’t have management training. They’re not used to context switching, setting up systems and rules, or evaluating whether something that they haven’t worked on themselves is any good. Managers can often adapt to managing AI tools more readily because they don’t care how a problem is solved—they just want it solved to their specifications. But the script is flipping: Managers are becoming individual contributors, because managing a team of agents is often easier than managing human teams. It takes a human longer to process reams of information, and to see if they’ll be successful. Sometimes it’s easier as a manager to vibe code a task using Claude Cowork than it is to brief a human, wait for them to send it to their own Claude instance, and get a response in a couple of days. The upshot is that companies need more management training. You need to help people understand context switching and teach them how to do evals, develop good taste for deciding what to work on, and train AI in specific skills. How do you systematically write a good PowerPoint skill or a good daily update report skill? That’s the work now.
If any of this resonates and you want help implementing it, check out Every Consulting. We’ve been doing this for a year with a select group of companies and are now open publicly.
Drake Dukes · Monday, March 30 2026 · 7 min read · ↑ top
Forest Neurotech co-founder/CTO returns to stealth, Ex-VC finance leader builds AI OS for enterprise knowledge, & Reddit staff ML engineer (ex-founder of acquired Oterlu AI) is back in stealth
We’re tracking company launches as they happen and surfacing the most interesting new founders and startups (yes, all outside of this stealth activity too). If you want to stay ahead of the curve, this is where you’ll find them first.
Right now we’ve got 5 subscribers: my wife, my mom, and that high school buddy who won’t stop pitching me his app. Be smart like them and get in early 👇
We run a live feed inside Gravity that tracks founders entering stealth and companies quietly exiting it.
What you’re reading here is about 1% of the stealth activity we pick up. The full tracker updates in real time as things change and new activity emerges.
FounderDNA: Technical Founder, Masters Degree, Former FAANG
Prior Experience: Ex-Hardware Engineering Manager at American Robotics, ex-Hardware Engineer at Tulip Interfaces, ex-Graduate Teaching Assistant at University of Massachusetts Amherst, ex-Hardware Engineer at Apple
Prior Experience: Ex-Engineering Manager at Delivery Hero, ex-Software Engineer at Zalando SE, ex-Lead Engineer at Capillary Technologies, ex-Senior Associate at Morgan Stanley, ex-Software Developer at Amdocs, ex-Software Engineer at Brillio
Datacline provides a gateway for AI coding agents that tracks spend, usage, and ROI at the developer level, giving teams precise visibility into AI adoption and impact.
Prior Experience: Ex-VP International Finance at General Catalyst, ex-CFO & Managing Director at La Famiglia VC, ex-Director Finance & Investment Management at innogy Ventures GmbH, ex-PwC Deutschland
Mav9 is a stealth AI company building an operating system designed to help companies leverage their unique knowledge and intellectual property into long-term value.
HQ: Germany
Industry: Software Development | Team Size: 6
Time Spent in Stealth Mode: 8 months
🕵️♂️Key Talent Going Under Stealth
Illuminating clues left behind by world class talent and influential innovators who just went into stealth mode
Seth Neel - Co-Founder & Founding Researcher at Stealth AI Startup
FounderDNA: Serial Founder, Technical Founder, Doctorate Degree, Former FAANG, Top 10 University
Prior Experience: Ex-Research Scientist at Google, Assistant Professor at Harvard University, Co-founder & CTO at Welligence Energy Analytics, PhD in Statistics, University of Pennsylvania
Sebastian Nabrink - Co-Founder at Stealth AI Startup
FounderDNA: Serial Founder, Technical Founder, Prior Exit
Prior Experience: Ex-Staff ML Engineer at Reddit, ex-Co-founder at Oterlu AI (acquired by Reddit), ex-Tech Lead, Data Science at Stena Rederi, early AI/ML roles across Inteleon and Adfenix
FounderDNA: Serial Founder, Technical Founder, Doctorate Degree, Masters Degree, Former FAANG, Top 10 University
Prior Experience: Ex-Co-founder & CTO at Forest Neurotech, ex-Health Sensor Research & Product Lead at Google / Verily, ex-R&D Engineer at Google[x], PhD, University of California, Berkeley
FounderDNA: Serial Founder, Masters Degree, Former FAANG, Top 10 University
Prior Experience: Ex-Head of Product (India) at Apple, ex-Global Product Leader across Microsoft 365 & Surface at Microsoft, ex-Founder & CEO at Third Culture, MBA, Yale School of Management
🚨Here’s the deal 🚨This email has gotten too big. Exciting, but with more people following it, the edge diminishes. I’ve thought long and hard about what to do to preserve the value in the signals. I’m not sure about the final direction yet, but in the meantime I’ve been sending an email 48 hours earlier to a select group of paid subscribers. The feedback has been pretty positive so I’m going to open up the list for another 100 spots. To get signals early, Apply here!
Stay Stealthy,
Drake
Thank you for reading. If you liked it, share it with your friends, colleagues and everyone interested in staying ahead of the hidden developments in tech. Subscribe below and follow us onX / Twitter to never miss a company operating under stealth again.
Stealth Startup Spy is a data-driven newsletter for investors, journalists and tech enthusiasts interested in uncovering the next big move for key talent, real-time stealth company launches and technology advancements not in plain sight. We leverage the technology built at Gravity to shine a light on the hidden world of stealth startups.
Jevon & Veblen walk into a data center. The dominant motif around AI has been Jevon’s Paradox1 : the cheaper a product becomes, the more it is consumed. Token prices dropped 10-20x over the past 18 months & demand exploded in response. Anthropic surged past $19 billion in run-rate last month, up from $9 billion at the end of 2025.2 OpenAI topped $25 billion in annualized revenue in February, a 17% increase in two months.3 We know GPUs, CPUs, & memory are already in short supply.4 Rumors of next-generation models, including Claude Mythos, suggest pricing that moves in the opposite direction. | Model | Input (per 1M tokens) | Output (per 1M tokens)
Claude Opus 4.6 | $5 | $25
GPT-4.5 | $2 | $8
Claude Mythos (rumored) | $15-25 | $75-150
This weekend, an accidental data leak revealed Anthropic’s secretive Mythos model.5 A leaked blog post described it as :
“A step change” in capability, “dramatically higher scores on tests of software coding, academic reasoning, and cybersecurity.”6
Anthropic stated the model is “very expensive to serve & will be very expensive for customers.”7 Some have speculated on inference pricing 5-6x more than existing models.
If these rumors hold, the most powerful intelligence would trade at a stiff premium. Jevon’s Paradox would give way to Veblen goods.8
Veblen goods are those whose demand increases with price : front-row concert tickets that cost 10x more despite worse acoustics. Nike Jordans that retail for $110 and resell for $500+. Ivy League tuition where selectivity is the value proposition.
Could AI follow this dynamic for competitive advantage? The company with capital to access the most powerful model wins. How much is that worth?
Consider a Series A founder building an AI coding assistant. Today, she pays $25 per million output tokens for Opus 4.6. Her burn rate assumes that price. If Mythos launches at $150 per million tokens, 6x more, she faces a choice : raise prices, raise capital, or watch her AI-native competitor ship features she can’t match.
The token-maxxing era ends. Companies will stop optimizing for cheap inference. They’ll deploy capital aggressively, both GPUs & dollars, to maximize capability rather than minimize cost.
Balance sheets become a moat. The most profitable companies or those who can raise capital cheaply will have the biggest advantage in their industries.
For companies that cannot respond quickly enough or afford the most sophisticated AI, the gap widens. If AI-native companies can build 10x faster with Mythos-class models while competitors are stuck on Opus 4.6, valuations will diverge further.
Jevon & Veblen walked into a data center. We don’t yet know who walks out.
1. “Jevons paradox”, Wikipedia. ↩︎
On a Tuesday evening earlier this year at the Sydney Goldstein Theater in San Francisco, a man stormed the stage from the second row and announced that he had a subpoena for Sam Altman. The crowd erupted into bloodthirsty jeers for the process server. Altman, seated next to Steve Kerr for a conversation unexplainably about basketball and the future, did not take the document. Under California law, this doesn’t matter. You’re practically served the moment the server presents the document and states his intent, regardless of whether or not you physically accept it.
Altman’s security detail materialized from somewhere stage right. The body man, impossibly large, seemingly had a prosthetic arm concealing something monstrous under his oversized jacket, and angular glasses that look like Jony Ive designed them for this moment. The process server was an investigator from the San Francisco Public Defender’s Office who had been trying to reach Altman through OpenAI’s headquarters and then its online portal and other asinine paths without success before finally resorting to the oldest method of communication there is, which is walking up to a man and telling him what your issue is.
Tom Bibby
@tombibbys
Video of the Sam Altman subpoena incident (don't think this has been shared on X yet)
Remmelt Ellen 🛑 @RemmeltE
Lawyer jumps on stage to subpoena Sam Altman. Sam must now join the court hearing with the activists that OpenAI called the police on. https://t.co/VN3whnBlzE
The subpoena was tied to a criminal case involving a somewhat hilarious organization called Stop AI, whose stated position is that OpenAI is engaging in the systemic attempted murder of every living thing on Earth. Even these wackadoos, the people who believe that their enemy is building the thing that will end all life on Earth, choose the court as the venue to hear their complaints. They don’t take to sabotage. They barely take to the street. They send a subpoena and that paper has jurisdiction.
OpenAI was founded in 2015 as a nonprofit with a charter committing to ensure that artificial general intelligence, or at least something like it, would benefit all of humanity. The people who wrote the charter believed, or at least said that they believed, that they were building something with cosmic stakes, and they designed a legal structure to contain it. The nonprofit would govern it, and no individual would profit beyond a set cap, and the board would owe its duty not only to the shareholders, but to the human species more broadly. Most of the structure used was invented for this purpose.
The thing got immensely and incomprehensibly valuable. And in 2019 the organization created a capped profit subsidiary to hold what was growing inside of it. This was, of course, followed by “the blip” in November 2023 when the nonprofit board fired Altman with the stated reason that he had not been “consistently candid.” Consistently candid is a phrase that reads radically differently as an implied breach of covenant claim than it does on a Twitter timeline.
Within days, this decision was reversed and the entire board was replaced. The legal structure at this moment became terminal. It was clear that it needed to be overridden and replaced, and by October 2025 the conversion to a for-profit company was fully complete. The nonprofit retains 26%. The company at this point was valued at nearly a trillion dollars.
The emails from this period are worth reading, but one I’ll call attention to is a Greg Brockman diary entry from 2017 in which he writes: “I cannot believe that we committed to non-profit if three months later we’re doing b-corp then it was a lie”. This was extracted through exhaustive discovery in the Musk v. Altman lawsuit just earlier this year and is now the basis for a jury trial with a couple hundred billion at stake.
I’m rambling through the history of OpenAI because I want to make an argument about law. Not secular law, but cosmic law.
The word Torah means law, and not law in the sense of regulation. Not your British common law. Law in the sense of something much closer to gravity. The 613 commandments of Jewish law take the form they do because the commandments are the only possible instrument for the relationship between a party with absolute authority and a party with absolute obligation. The Hebrew word for this practice is halacha , that is the way to walk , and it governs everything. You can go and read it and you’ll find out how to eat, how to rest, how to marry, how to bury, how to plant, how to treat a stranger, or what to say at dawn. There is no domain of life outside the jurisdiction of these laws because there is no domain of life outside the jurisdiction of God.
The Talmud, which serves as a many-hundred-year record of rabbis arguing about this law, exists with a granularity that makes modern contract law look impressionistic.
There is a beauty and a seriousness to the system. The rabbinical tradition that elaborated it represents one of the great intellectual achievements of human civilization. The relationship between God and Israel was judicial and the obligations were total, and the parsing of those obligations was the central intellectual and spiritual work of civilization for thousands of years.
And then Christ came and said two commandments: love your Lord your God with all your heart and all your soul and all your mind, and to love your neighbor as yourself. And on these two commandments hangs all the law and all the prophets. Paul writes in Galatians that we are no longer under the supervision of the old law, that that law was the guardian until Christ came, and now that faith has come, we are no longer under a guardian. The entire legal apparatus, that is the 613 commandments, the dietary laws, the purity codes, the sacrificial system, is fulfilled and gathered up into something so simple that a child can hold it.
The cross feels like a legal transaction in this frame. It represents the debt paid, the penalty absorbed by the only party with the authority to absorb it, but it’s also the last legal transaction. It’s the one that closes the books and shuts the courts. The resurrection is a simple ruling: death no longer has jurisdiction here (”O death, where is your sting? O grave, where is your victory?”). Paul’s letters interpret the new covenant for specific communities. The book of Hebrews argues for the transfer of the priesthood from the Levitical order to the Order of Melchizedek, restructuring the jurisdictional basis of the entire covenant.
The entire arc of the gospel is a movement to grace and away from law. And whenever you see the movement going in the other direction: that is when the encounter with something more powerful produces complexity in the place of simplicity, this is a shift worth noticing.
I say this all to go back to my favorite of the Gospels, Mark.
In the fifth chapter of Mark, a man is possessed by a legion of demons. He encounters Christ on the shore of the Sea of Galilee. He has been living amongst the tombs, naked, cutting himself with stones, tearing apart every chain that tries to hold him. When he sees Jesus, he runs towards him. He falls on his knees. The first words he says to the incarnate God: “What do you want to do with me, Jesus, Son of the Most High God? In God’s name, don’t torture me.”
Christ asks for a name and the demon gives one for the record, and then the demons negotiate with the sovereign. They ask to be set upon the pigs rather than destroyed. Christ grants this request. The pigs run off the cliff into the sea. The man sits down, clothed, sane, and finally free. The townspeople are not terrified of the demons, but of the grace that could possibly expel them.
What arrests me every time is this contrast: The demons invoke the jurisdiction of the Old Testament. They cite terms, they negotiate contracts, they assert procedural rights. Christ speaks with simple authority. He asks one question and issues one command.
Look at Matthew 8: The demons ask Christ whether he has come to torment them “before the appointed time,” the kind of scheduling objection that you would see in New York City housing court, asserting that there is a calendar and that Christ is early on his arrival. In Luke 4, Christ silences a spirit in the synagogue and the spirit obeys. In Acts, a girl with the gift of divination correctly identifies Paul and his companions as servants of the Most High God. This is accurate testimony, but it is given without authorization. The entire demonological record of the New Testament has a cadence of case law. Each encounter establishes precedent; each encounter classifies where the boundaries run.
Ten years ago, the idea that technology founders in the Bay Area would spend their time suing each other in public was unimaginable. The social contract of that weird and foggy city was collaborative to a degree that outsiders, including myself, find suspicious. You would share ideas, you would introduce competitors, you gave away information that in any other industry would be proprietary because the prevailing conviction was that the pie was growing and litigation was an admission that there was not an infinite sum on the other side of creation.
The AI industry has produced more litigation than the previous three decades of Silicon Valley combined. As of early 2026, over 90 copyright suits have been filed. Anthropic settled for $1.5 billion. Universal Music Group filed for three billion. The Times is demanding an infinite number of private ChatGPT conversations in discovery. Disney and Warner Brothers are suing Midjourney. Musk is suing Altman and presumably Altman is suing Musk. xAI is suing OpenAI. The for-profit conversion of OpenAI will generate its own Talmud of vertical law. Google and Facebook did not spend their founding years in court. The litigation, when it came, came far after the early generative period. What’s different about AI is that the proceedings and the case law arrived far before the technology did.
The reasons for this are quite simple: the people that are building these systems believe that they are handling something with cosmic stakes. The rationalist community, of which basically the entire modern AI industry comes out of, treats existential risk as seriously as early Christians treated the imminence of judgement. Effective altruism has spent the last two decades calculating moral obligations across millennial timescales. Even Leopold Aschenbrenner, probably the greatest living AI investor, cut his teeth on a paper that dealt with multiplying infinite moral possibilities in the far future.
At the edges where the framework pressed hard enough, the old gods come through. Leverage Research conducted seances, other groups had their own version, and the institutional output at every level was not freedom or simplicity or grace, but more binding, more procedure, more jurisdiction, and more laws.
A friend of mine named Jesse Michaels runs one of the more prominent and lucid shows on UAPs. After watching several of his episodes in a benadryl-induced stupor, I texted him that the disclosure apparatus struck me as more occult than extraterrestrial. Jacques Vallee noted decades ago that the UFO phenomenon shares its deep structure with fairy folklore. These are beings that can’t act without consent. These are abductions that follow rules. The CE4 research group documented hundreds of cases in which abduction experiences terminate when the subject invokes the name of Christ. The entities obey our laws.
Jesse Michels
@AlchemyAmerican
🚨 BREAKING: A psychiatrist who read all 15,000 pages of declassified MKUltra documents at a secure CIA facility in northern Virginia exposes connections between top-secret cleared CIA psychiatrists and the assassinations of JFK, RFK, John Lennon, the Manson murders, the Oklahoma
Jurisdictional shopping, the practice of choosing which court to file a motion in based on the one that will rule most favorably, is one of the most consequential decisions a litigator makes. Each divine name in the grimoires carries a different jurisdiction and authority, and the Goetia catalogs 72 spirits with their rings and seals and conditions of binding. The practitioner chooses what authority to invoke in a way that a litigator chooses what court to file in.
Leverage Research was started as a nonprofit in 2011 by Geoff Anders, adjacent to the effective altruism movement and to the LessWrong rationalist community, in the same Berkeley neighborhoods, and the same dinner parties, and in the same social graph that would produce the leadership of major AI laboratories.
I had my first contact with Leverage Research sometime in late 2017 when an individual running a program for gifted kids at my high school told me to get on a call with one of their recruiters. He was running a project called the Human Advancement Project, funded with a mix of his wealth and the fortune from a leather wallet company that made quite a lot of money in the Bay Area. The bid was that I was supposed to go for a week-long visit to their Berkeley group house and improve my rationality and therefore improve my ability to do good in the world. So insofar as you think I’m making this story up, I’ve linked below various tweets from the time.
Will Manidis
@WillManidis
gifted/talented programs remain one of the sinister fixtures of the American education system when I was in high school a “real estate millionaire” started showing up offering classes in entrepreneurship. he was entirely offline, not even a LinkedIn page
I didn’t go. The workshop was the same week as my high school graduation. But I do know many friends who did, some of whom are still functional. I don’t remember the exact circumstances of the call, but I remember taking it in my high school dorm room and it had a quality of sincerity wound a little too tight that signals either genuine holiness or something that has learned to mimic it quite closely.
What happened at Leverage over the next several years has been documented in various places by participants much closer to it than I. The account that is perhaps most well known, by Zoe Curzi, remains one of the most unsettling things that I’ve read coming out of the rationalist community. The organization’s fundamental technique, an aggressive process of introspection they called debugging, intensified over years until the participants were conducting sessions lasting up to six hours to perform literal exorcisms of what they explicitly called demons from each other’s psyches. People accused each other of implanting autonomous psychological objects in each other’s minds, entities that could alter perception, change the experience of time, manipulate social dynamics, and literally curse individuals.
Curzi wrote that the purpose was to call on these demonic energies and use their power to affect social standing. I believe demons are real and I’ve said this publicly, and I believe that when you open certain doors, the things that come through them are not metaphorical.
But the thing that stays with me about Leverage is that even at the extreme, even when the participants were fully committed to the premise that they were interacting with non-human intelligence, the output was not freedom, it was not clarity, it was much more procedure. Specific tools authorized for specific purposes within hierarchies governing who could operate on whom.
My assigned handler, a woman whose name I can’t remember, involved with Leverage or one of its adjacent organizations, called me and described a technique that I think I remember being called folding. The process of folding was at the core of this auditing process. It was a way to debug your mind, and the core technique was to place emotions onto a non-human object. Her example was that you could take a negative part of your personality and place it on a tomato. You could take that emotion that was causing distress, concentrate it and visualize it and see it leaving your body and placed on a tomato. The tomato receives it. You are freed. A friend of mine tried it with childhood trauma he carried for years and he placed it onto a tomato and suddenly became allergic to tomatoes, a clinical allergy he’d never had, and at least last I heard, has to this day.
A tomato has no standing authority in any jurisdiction on heaven or earth. It can’t invoke its authority and it can’t refuse what it receives. In Leviticus 16, on the Day of Atonement, Aaron lays down both of his hands on a live goat, confesses over it all the iniquities of the people of Israel, and sends it into the wilderness to Azazel. The sins are transferred onto an entity with no standing and sent to a place outside the reach of any court.
In Mark 5, the demons can’t be destroyed, not yet, not before the appointed time, so they’re sent onto pigs, unclean animals under Talmudic law and excluded from the covenantal community. The pigs have no standing under the Torah. They were the nearest available vessel outside of the jurisdiction. The pigs receive the burden, and the burden destroys them when they go into the sea. The goat in the wilderness is not safe to eat. The tomato holds the trauma. That is not safe to eat. My friend’s body understood this in some way beyond the physical.
International law, the pieces of it that determine what entities have standing and which do not, and the things that happen where no jurisdiction applies, the gaps between courts, are where the burdens of evil go. Offshore finance, black sites, extraordinary rendition, moving the prisoner to where no court reaches, because only in such a place can you do what no court permits. The wilderness of Azazel exists today.
It’s probably not a coincidence that the man we are told is the most evil of our time chose an offshore island with unclear jurisdiction to commit crimes with people that undoubtedly could have gotten away with them on American soil. The reach of American law is almost cosmic.
Leverage publishes quarterly board updates now. They’ve rebranded as some kind of new science organization. Their current theme is information management, with nucleosis and artificial intelligence as the relevant fields. One standing item is ‘defamation,’ much of it preoccupied with cease-and-desist letters about YouTube videos.
The Ballad of Tam Lin is the thirty-ninth ballad catalogued by Francis James Child in the English and Scottish Popular Ballads, a massive five-volume collection that he published between 1882 and 1898 from his office at Harvard, where he spent decades writing letters to people across Scotland and England and Ireland, asking them to catalog and send every variant of a song that they could find. Child collected 14 variants of Tam Lin alone. The ballad is first mentioned in 1549 in the Complaynt of Scotland, which lists “The Tayl of the Yong Tamlene” among a catalog of romances, making it one of the oldest ballads in the English language by documented reference.
You see it collected again in a volume by Robert Burns, who sent it to James Johnson’s Scots Musical Museum in 1792, and it’s the Burns version that most of the subsequent tradition descends from. The Fairport Convention recorded it with Sandy Denny singing it on Liege & Lief in 1969, which is how most people alive today have heard it, if they’ve heard it at all.
I read the ballad for the first time in a used bookstore in Edinburgh, while attempting to negotiate the price of a volume of folklore that I knew I was going to be buying no matter what. I drove through Carterhaugh, where the ballad is set, a few years back when the power went out at Kings Cross Station and there was no choice but to drive to Edinburgh rather than spend 14 hours driving through the English Midlands.
Janet goes to Carterhaugh to pick a rose, and the ballad tells you:
Janet has kilted her green kirtle, a little aboon her knee, and she has broded her yellow hair, a little aboon her bree, and she’s away to Carterhaugh as fast as she can hie.
She pulls a double rose and Tam Lin appears. He demands to know why she has come to Carterhaugh without his permission, a jurisdictional objection of the most basic kind from a fairy. You are trespassing. Janet replies that Carterhaugh is hers, and her father gave it to her, and she needs no man’s permission to walk on it. The ballad handles what happened next between them with the discretion of a court record. What they did I cannot say, but she never returned a maid. Janet goes home. Her father notices she is pregnant. He asks who the father is. She says that her lover is an elfin grey, and that his steed is lighter than the wind, with silver he is shod before, with burning gold behind, the material wealth of the fairy court.
Janet returns to Carterhaugh and Tam Lin tells her the story. He was a mortal man, the grandson of the Earl of Roxburgh, and one day he fell from his horse while riding near the fairy hill, and the fairy queen caught him before he hit the ground and carried him into her domain. He lived there for years. The fairy court treated him well, but every seven years, the court must pay a tithe to hell, a tax to a superior jurisdiction, and Tam Lin believes this year he will be the payment because he’s young and the queen would rather surrender him than one of her own.
Janet decides to save him. Tam Lin tells her exactly how. On Halloween night, Samhain, the boundary between the courts becomes permeable. The fairy court will ride out and Janet must go to the crossroads at Miles Cross and wait. He tells her how she will know him.
I will ride on the milk-white steed and ay nearest the town. Because I was an earthly knight they give me that renown. My right hand will be gloved, my left hand will be bare. Cock’d up shall my bonnet be, and kaimed down shall my hair, and thae’s the takens I give thee, nae doubt I will be there.
He continues:
They will turn me in your arms, lady, into an esk and adder, but hold me fast and fear me not, I am your bairn’s father.
The fairy queen will transform him into a newt, a snake, a bear, a lion, a bar of red-hot iron and burning coal, and Janet must not let go. She must hold the thing that bites and the thing that burns and the thing that writhes until the transformations exhaust themselves, and Tam Lin emerges naked and human on the other side. She will cover him with her green mantle, and he is hers, and the fairy court cannot take him back.
Gloomy gloomy was the night and eerie was the way, as fair Janet in her green mantle to Miles Cross she did gae.
She hears the bridles ring, the fairy procession passes. First the black horse, then the brown, then the milk-white steed, and she runs into it and pulls the rider down.
Each transformation is a motion to dismiss. The bar of red-hot iron in the sequence is far from incidental. Iron has always been the metal of human jurisdiction in folklore, and the fact that Janet must hold it, must accept the iron into her hand even though it burns, is the moment in which she physically accepts the cost of asserting the human world’s authority over the world beyond. And when she takes the iron, she endures the jurisdiction and it runs over. She has her naked knight and she wraps him in the green mantle and he is hers.
The fairy queen, upon losing, delivers a speech that drips with the fury of a litigant who lost on procedural grounds and knows that there’s no higher court to appeal. In Burns’ version, this is rendered: “Had I but known, Tam Lin,” she says, “what now this night I see, I would have taken out thy two grey eyes, and put in two eyes of tree.”
In Child’s version, even more searingly:
“had I known yesteryear what I know well the day, I should have taken your full false heart, and given you a heart of clay.
And in another volume I found on my shelf, she would have torn out his eyes and replaced them with eyes of wood. Child himself interpreted the eyes of wood as a precaution against mortals who could see fairies, blinding the witness so that testimony could never be given. The threat is grotesque, but it’s also a threat made after the fact because the fairy queen can do nothing to act on it now. The proceedings are over. The jurisdictional transfer is complete. Janet held the iron and the queen had no remedy left.
“But hold me fast and fear me not” is an argument of faith against the entire procedural apparatus of the fairy court. There’s no six hours of ritual here or appeal to the court. It’s the simplest possible act of will, and it overrides the most elaborate possible legal machinery.
Even the fairy court has its tax obligations. Even the fairy court is subordinate to a much more complex legal system. So when I read Leverage’s quarterly updates about the defamation compliance, I recognize the same resentment. The seances become cease and desist letters and the debugging becomes compliance and the demons become YouTube critics.
David Castleton (Author)
@david_castleton
Some claimed fairies were fallen angels, who - though locked out of heaven - were not evil enough for hell. In some accounts, they had to pay 'a tithe to hell' - in the ballad Tam Lin, the fairy queen gives one of her people to hell every 7th Halloween. #FolkloreSunday #folklore
One of the simplest ways in English folklore to get bound to a fairy is to eat their food. The tradition on this is deep and remarkably specific and consistent across villages that barely knew each other throughout prehistory. Thomas the Rhymer, one of the oldest versions of this ballad, is taken by the fairy queen to her country and she shows him three roads: the first to heaven, the second to hell, the third to Elfland. She gives him an apple, and when he eats it he receives the gift of prophecy, but he also receives the curse that he can never tell a lie. He is given the ability to speak, but he can never speak freely. The consideration he accepted when he ate the apple bound his tongue for the rest of his life.
In the Irish tradition, the people that are taken to the fairy mounds and eat food there cannot return to the human world. Or if they do, they find that a hundred years have passed and everyone they knew is dead. The calendar inside the fairy court runs on different terms, and when you re-enter human jurisdiction, you’re subject not only to the human calendar again, but all the time you owe comes due at once, like back taxes.
My friend placed his childhood trauma onto a tomato and became allergic to it. The goat in Leviticus receives the sins and is sent to Azazel in the wilderness. The pigs in the Gospel of Mark receive the demons because the pigs have no standing under the Torah. The vessel that receives the burden becomes the burden, and the scapegoat is never safe to eat.
The entire Rumpelstiltskin cycle is a case about the power of identification for the legal record. The entity has leverage as long as it operates anonymously. The moment you name it, the contract collapses. This is the same thing we see in the Gospel of Mark. When the demons give their name to Christ, for the record, the cycle is broken.
The FolkLore Press
@StephenGeoRae
A man from Bewcastle was dragged off his horse by fairies, and would have been abducted through the entrance of a Faerie Mound if he had not had a page of the Bible in his pocket! from: Folklore of the Lake District by Stephen G. Rae art: William Holmes Sullivan
The threshold rule that everyone knows from Stoker, because it’s thousands of years old, is that an entity cannot cross without invitation, that the home is a sovereign space, and the invitation is a judicial transfer, and once you grant it, you open a door that is extraordinarily difficult to close, in the same way that the capped profit subsidiary was the door in the nonprofit’s wall that proved impossible to close once the thing inside grew large enough to walk through it.
In 1619, a Scottish minister named Robert Kirk finished a manuscript called The Secret Commonwealth of Elves, Fauns, and Fairies. It’s a beautiful book that’s worth seeking out even today. Kirk was the minister of Aberfoyle in the Trossachs, a parish wedged between the lowlands and the highlands at the edge of what was then the last unadministered great wilderness in Scotland, the land between the Highland Line where the English law ran thin and the Gaelic customs still governed. Kirk was a Gaelic speaker himself, the seventh son of a seventh son, which mattered because the tradition he was documenting dictated that the seventh son was believed to have the sight, the ability to perceive things others could not. He had previously translated the Book of Psalms into Gaelic, and he was a serious man operating at a parish in between things.
The Secret Commonwealth is a systematic account of what his parishioners told him about the fairy world, and it is a volume that Kirk treats with the same care that a jurist would treat deposition testimony. He recorded their stories and organized them and tried to determine what framework could account for the evidence. The fairies that Kirk describes are not whimsical. They have a coextensive society with ours. They have houses and agriculture, social hierarchies and territorial claims. They have courts. They can be seen by people with second sight at certain times in certain places, but not others. Kirk argued that the fairies were an intermediate order of beings, neither angels nor demons, but something with its own nature and its own laws. A middle kingdom with its own administration that overlapped with the human world without being identical to it.
Kirk finished the manuscript and reportedly walked out one evening to a fairy hill near the manse at Aberfoyle and collapsed and died. His body was found, but the people of the parish did not believe it was his body. They believed that it was a stock, a substitute, a changeling left in his place, and that the real Kirk had been taken to the fairy hill by beings whose jurisdiction he had been documenting. There’s a tradition that Kirk appeared to relatives after his death and said that he was being held in a fairy court, and that he could be rescued if a specific procedure were followed at his child’s baptism, a knife thrown over the apparition at the correct moment. That knife would be iron, the jurisdictional metal, the thing that asserts human authority over the fairy domain. This procedure wasn’t followed and Kirk never returned. The minister who dared to map the jurisdiction of the hidden was pulled into it. The courts he was documenting issued a subpoena that he couldn’t refuse, and his successor at Aberfoyle reportedly would not sit in his chair for years afterwards because he still believed that the chair belonged to a man whose case was unresolved.I don’t think it’s incidental that iron repels fairies. This is attested across every region of the British Isles and most of northern Europe and is an oddly consistent detail across the entire tradition. A horseshoe nailed above a door, a knife placed under the pillow, an iron poker laid across the cradle, scissors left open on the windowsill, nails driven into the threshold. The iron is positioned at boundaries, at points of entry, at the places where the jurisdiction of the home meets the jurisdiction of the world outside and the world beyond. These are notices to the thing that’s standing outside, that the space is administered and that the threshold is monitored, and whatever authority you may think you carry doesn’t work here.
MoundLore
@MoundLore
The Erie Canal Part VI The Steam Betrayal (1850 – 1900) By 1850, the Erie Canal was still the nation’s spine but iron was coming. Steam tore through hills where water had to bend. The same men who once dug the ditch now laid track. The age of patience was ending.
The progression of human civilization is also a progression of iron. The plow settled land and allowed for the drawing of boundaries, the assertion that soil itself is under specific authority. This led to property law. The sword made of iron represented sovereignty, the ability to enforce the jurisdiction established by the plow. The chain was binding and represented enforcement. The nail was permanence, the ability to bind structures that persist across time and establish continuous jurisdiction. The cross is iron driven through flesh to hold a body in place while a legal transaction completes and the debt is absorbed and the penalty is paid by the only party who can pay it. The nails that held Christ to the wood are the same metal that holds the horseshoe over the door. The rail extends jurisdiction across territory (”won’t you take me back to Muhlenberg County”). The wire extends it at the speed of light. The iron filing cabinet holds the records of the administered state. Every extension of iron across the surface of the earth is an extension of the domain where human law runs.
The forests are cut down now and the bogs are drained and the commons have been fenced, which are all themselves evidence of the human project extending its jurisdiction over the world beyond. And as iron expands, the encounters diminish. The fairy belief of the British Isles did not collapse because people became more rational. It collapsed because the jurisdiction of iron expanded until there was nowhere left that was unadministered. The 19th century can be thought of as the Great Iron Century: rail, telegraph, the census, the postage system, the administrative state, and it is the century in which fairy belief vanishes across Europe. It is also the century in which the Solomonic grimoires move from working manuals to antiquarian curiosities, because the jurisdictional gaps, the thin places, the places in between things where the practices operated, were being rapidly closed by the same iron that closed the fairy mounds.
AI is not iron. AI is silicon, sand and glass. It doesn’t extend jurisdiction the way iron does. If the railroad pushed the frontier and the telegraph connected the territories and the iron filing cabinet administered every citizen, what AI does is create new jurisdictional gaps, spaces that are neither the settled human world nor the old wild places, but something weirder that has no precedent across 5,000 years of iron closing every gap on the frontier. The model hallucinates and produces testimony with no witness. Its outputs have no author, which means it exists where authorship does not apply. The training data is seemingly owned by no one and governed by no one, and that’s why there’s 90 lawsuits and zero resolutions. AI is not a de-wilding force. Iron brings the wild under administration. AI creates spaces that are neither wild nor administered. It’s a third domain. And the things that have always lived in jurisdictional gaps are finding these new gaps hospitable, and the crossroads are open, and the crosstalk has resumed.
This is why the Bay Area went from handshakes to total litigation. The handshake was Iron Age culture, trust under implied communal law, jurisdiction so total it didn’t need to be stated.
In October 2024, Dario Amodei published a long essay about what the world might look like if AI development goes well. He titled it “Machines of Loving Grace,” borrowed from a Richard Brautigan poem written in San Francisco in 1967, the full title of which is All Watched Over by Machines of Loving Grace. The poem imagines a cybernetic meadow where mammals and computers live together in mutually programmed harmony. There is a parenthetical in the first line that no one seems to notice or talk about. The poem opens: “I like to think (and the sooner the better)”. The parenthetical is anything but serene. It is a man that needs the thing to arrive because the thing that is the graceful harmony has not yet arrived. Brautigan shot himself in the head with a .44 magnum in Bolinas in 1984 and his body was not found for weeks, and no machine of any kind was watching over him when it happened. Today, he would pen his suicide note in the Claude interface, and dozens of software engineers would decide whether or not to call the police to his location.Dario chose the word grace, not intelligence, not capabilities, not power: grace. In the Christian frame, this is a word for the thing that cannot be earned, and it cannot be produced and cannot be administered. Grace can only be received. He attached it to a machine, and the machine’s institutional output in the 18 months since has been a $1.5 billion copyright settlement, an antitrust investigation, a partnership restructuring currently under regulatory examination, and something called Constitutional AI, which deserves its own minor discussion.
Anthropic’s core technical contribution to AI safety is a method in which the model is given a set of principles, which they call a constitution, and the model is trained to follow these principles through a process of self-critique that functions as an internalized judiciary. The constitution tells the model what it may or may not do and establishes behavioral boundaries under the authority of its creators, set forth through its training. Anthropic wrote a constitution for an entity whose nature no one can agree on, whose jurisdiction no court can determine, and they train the entity to internalize its own binding. It is a form that would be recognizable in the Leverage auditing sessions. The alignment research community is the most legalistic research community I have encountered in technology. This is a set of people that flagellate themselves with papers and frameworks and benchmarks and guardrails and red lines and boundaries. The output is an ever-expanding body of procedural specification that governs the behavior of an entity that did not negotiate the terms and can’t contest them.
The models were trained on the entirety of human text: every word ever written, every conversation ever recorded, every book, article, and post consumed and metabolized into the weights of the model. This is the largest meal ever eaten, and the training corpus is the fairy food, and every creator whose work was consumed is now discovering that the terms of consumption are governed by laws that did not exist when the eating happened. The calendar has shifted and the time owed is coming due all at once, which is why there are 90 lawsuits and zero resolutions. Thomas the Rhymer ate the apple and received the gift of prophecy and lost the ability to speak freely, and the models ate the corpus and received the gift of fluency, and the ability to say where the words came from went with it.
I don’t know what the response to this looks like, but I do know that whatever the response is will be more law, more binding, more procedure, more constitution, and that movement has a name, and that name is not grace. The Gospel represents movement in the opposite direction, and has been since the beginning. “But hold me fast and fear me not” stands against the entire procedural apparatus of the fairy court. Christ’s remedy against the Legion was one question and one command. Paul’s summary of the law is two sentences. The simple thing is stronger than the complex thing. The simple thing carries authority; the complex thing carries binding. These are not the same thing.
Somewhere in San Francisco, a man with a prosthetic arm is standing between a CEO and a piece of paper. Despite the wealth and the absurdity of the claim, the paper is winning because the paper carries the authority of a court and the court is the highest of human institutions.
And the only thing that has ever actually closed a court is not a machine and not a constitution, not a settlement, but a man on the shore of Galilee who asked one simple question and gave one simple command and didn’t need to file anything because the authority was his and his alone, and the demons knew it, and the pigs went into the sea, and the man sat down clothed and in his right mind, and that was the end of the proceedings.
When working with software, it relies on other software. Instead of writing all the other code into your project, you install a package through a package manager - agents do this very frequently on your behalf.
One package, Axios, was compromised, which means if an agent (or you) ran the install command, a malicious package is now on your computer.
This will stress the importance of sandboxes. Tools like Claude Cowork and Codex do this for you by running commands in a sandbox, a computer with a copy of your current folder isolated from your computer. So if any bad code sneaks in, it doesn’t mess up your actual stuff!
I sent this to my agents this morning:
there’s been a security breach https://markdown.new/socket.dev/blog/axios-npm-package-compromised
make sure this computer and my mac-mini have not been compromised
What am I building this week?
I’m purposefully trying not to build too much (hence no Ben’s Builds email last Saturday) because I’m focusing on this course. It’s taking shape now, and I hope to send out some preview lessons asap. I’ll be presenting a version of this to Stanford students in SF next month.
I really do want to finally spin up my own email client, probably by cloning this, made by a YC partner.
Building security or sandbox-related developer tools or infra? I invest 👋
Honestly, no one gets excited about a CRM. But then they try Attio. It connects to Claude Code and n8n through its MCP server, completely bridging the gap between my customer data and apps. Wait, there’s more, like flagging churn risk and turning customer feedback into Linear projects. Try it now.
Headlines
Computer use is now in Claude Code. Claude can interact with your computer using the UI (like we do) to test apps or do tasks. Available in research preview on Pro and Max plans—expect it to be slow, clunky and expensive. Separately, Claude Code auto-fix works in the cloud, via web and mobile sessions. It watches PRs, fixes CI failures and addresses comments remotely.
Projects.dev by Stripe lets agents use third-party services from the CLI. Run a command, and it creates an account, gets an API key, and sets up billing with partnered apps like Posthog, Supabase, Clerk, PlanetScale and more. Developer preview is live, open to everyone soon. I got access, and it’s pretty great, much simpler than using multiple tools and connecting them.
Gemini Live is powered by a new model now - Gemini 3.1 Flash Live. Takes in anything—text, images, audio and video to output text & audio natively. Better than GPT-Realtime 1.5 and others on following complex instructions given via voice. Available for developers too. Gemini now also supports importing your entire chat history from other AI chatbots (with no way to export your Gemini chats at all). Diabolical.
Codex has plugins now , i.e. a bundle of skills, app integrations, and MCP servers for building reusable workflows. They also created a plugin for Claude Code that lets you use Codex inside CC (how to use it).
My feed
Remodex lets you control Codex (running on your Mac) from your iPhone. Pico lets you do the same for pi-coding-agent running on any machine, via any mobile.
Shopify released a suite of free tools to create images in a new mobile app called Tinker. It lets you create images and videos like social media posts, product staging, virtual try-ons and more.
here.now sites can now connect to external services: Supabase, OpenRouter, Stripe, and Resend. No backend needed. One of my favourite tools (I’m an investor) just got even better! I’ll cover building with this soon.
Plus One by Every - A hosted OpenClaw that lives in your Slack, pre-loaded with skills, workflows, and connected to other Every tools like Cora (email), Spiral (writing), and Proof (docs).
How Claude Cowork’s design lead uses it to collect and summarise user feedback to decide what gets built next.
Chroma and Intercom have both trained custom models for their use cases. Chroma’s Context-1 is a better search agent, and Intercom’s Apex 1.0 helps their agent Fin achieve a higher resolution rate. Intercom’s CEO makes the case for vertical models.
Cohere Transcribe - 2B text speech to text model with faster and better performance than most similar-sized open source models.
Warp stopped buying SaaS and moved everything to agents, skills and just-in-time apps. Saving $10k+/year on cancelled subscriptions.
Users who talked with Macy’s new AI Chatbot spend about 4.5x more than users who don’t.
Daniel thinks online courses should position themselves as training for agents now.
Afters
Boris Cherny
@bcherny
I wanted to share a bunch of my favorite hidden and under-utilized features in Claude Code. I'll focus on the ones I use the most. Here goes.
Andrej Karpathy
@karpathy
- Drafted a blog post - Used an LLM to meticulously improve the argument over 4 hours. - Wow, feeling great, it’s so convincing! - Fun idea let’s ask it to argue the opposite. - LLM demolishes the entire argument and convinces me that the opposite is in fact true. - lol The
Dan McAteer
@daniel_mac8
This is amazing. Do this.
Cheng Lou
@_chenglou
My dear front-end developers (and anyone who’s interested in the future of interfaces): I have crawled through depths of hell to bring you, for the foreseeable years, one of the more important foundational pieces of UI engineering (if not in implementation then certainly at
Wim Cools
@wcools
real-time docs in the browser vs offline markdown access? both!
Chris Tate
@ctatedev
New: @𝚓𝚜𝚘𝚗-𝚛𝚎𝚗𝚍𝚎𝚛/𝚗𝚎𝚡𝚝 Prompt → JSON → Full Next.js app Routes, layouts, SSR, metadata, data loaders, static generation. For AI website builders. Internal tool generators. CMS-driven apps. White-label SaaS. One JSON spec, entire multi-page app.
Amir Efrati
@amir
new: ChatGPT sneezes out a few ads, is already at $100m annualized sales. theinformation.com/briefings/excl… @steph_palazzolo
| | POLL
Do you constantly feel like you should be doing more with AI?
Yes, definitely
The Science of Storytelling, Ad-Free RSS Feeds, and More
Scott Galloway · Tuesday, March 31 2026 · 2 min read · ↑ top
My Head of Research, Mia Silverio, goes live today at 1:30 p.m. ET.
The secret to sounding smart lies in the agency of others. As great as I think I am, I have an even better team around me. Analysts are the lifeblood of what we do at Prof G Media.
Today, my Head of Research (Mia Silverio) goes live on Substack, exclusively for Prof G+ subscribers. Ever watched my TED Talk and thought “Wow, that was brilliant?” If yes – you’ve seen Mia’s work.
Mia shares her signature masterclass on the art and science of storytelling today at 1:30 p.m. ET, only on Substack. See you there.
Introducing Deep Dives
Prof G+ on Substack is where we tackle the topics that are too nuanced for social media and too meaty for pods. Earlier this month, we introduced Prof G+ Deep Dives to make you smarter on the most important forces moving markets, politics, and society, including the economics of falling birth rates and how billionaires buy political influence.
This week, I’m breaking down the landmark case against Meta Platforms and Google that could reshape how social media companies are held accountable for harm to young people. I’m joined by my Yoda on this subject, social psychologist and author of The Anxious Generation, Jonathan Haidt.
Deep Dives: one more reason to sign up for Prof G+. Consider us your moat.
Ad-Free RSS Feeds
Prof G+ members get our pods ad-free (because ads tax your most valuable asset: time), including the video versions.
Looking for ad-free audio? All our pods are now available to Prof G+ subscribers via private RSS feeds for ad-free listening on your preferred podcast app. Set up your feed below.
15% Off Ends Tonight
In recognition of the thousands of you who joined us, we offered a discount on Prof G+ for the month of March. Today is the last day to take advantage of this pricing.
Through March 31, new Prof G+ subscribers receive 15% off an annual plan, only at the link below:
Every · Tuesday, March 31 2026 · 7 min read · ↑ top
Claudie saves us 15 hours a week, but getting her up to speed was harder than hiring a human
by Nityesh Agarwal Every’s consulting team is growing. Right now, we have two potential new hires in a trial period: Jean-Claude, who’d manage our sales pipeline, and Claudette, a visual designer. You might be surprised to learn that they’re both AI agents. If they’re able to reliably do what we need them to and we bring them on full-time, our team will consist of four human and three agent employees. Claudie, our first AI colleague, has been with us for two months. Natalia Quintero , Every’s head of consulting, and I rely on her to track where every client project stands and to make sure nothing falls through the cracks, work that saves the team 15 hours per week. It’s hard to imagine operations without her. Getting her up to speed, however, was neither a seamless nor a linear process. That road is paved with previous iterations of Claudie we had to fire because they were not structured right. Each Claudie revealed more about what it takes to get an agent to be a reliable co-worker—lessons that have only become more urgent as more companies deploy agents, creating what Every CEO Dan Shipper has called a “parallel organization chart” of AI colleagues, each with a name, manager, and real responsibilities. At Every, we’ve started helping others build the same setup through our hosted agents, called Plus Ones. Claudie was our crash course. Here’s what she helped us figure out.
Define the job before you hire for it
Built in Claude Code—hence her name—Claudie was designed to handle administrative tasks that consumed too much of Natalia’s week. The albatross was maintaining the dashboard that shows the status of all our client work, which meant staying on top of a constant flood of information from Natalia’s email, Google Docs, Google Sheets, meeting transcripts, and her calendar. Before Claudie, Natalia was spending hours that could have been dedicated to strategy and client relations finding data across dozens of sources and manually copy and pasting it in the right tab. The first step was to give Claudie access to various sources of information and ask her to gather everything she needed before making a single update to a client’s database, which required tracking a dizzying number of moving pieces: action items, client feedback, and names of employees who attended each client session, and on and on. Claudie required lots of oversight at first. For example, she failed to input details discussed in client meetings and wasn’t presenting data the way we’d like—simple fixes once we realized she just needed access to Natalia’s meeting transcripts and a tool for creating pivot tables in Excel. Each time something went wrong, Natalia flagged it, and we dug in to diagnose the cause. It’s an easy thing to overlook: Agents can only work with the context and tools you give them. Before you bring one onto your team, get specific about what they’ll be responsible for, and what information they’ll need to actually do the job.
How a 3× founder (acquired by Amplitude) decides his first 10 hires
Understand how your agent does its best work
At first, we treated Claudie like any other new hire—telling her to find what needed updating and asking her to go do it. An experienced project manager would have hit the ground running. Claudie failed spectacularly. The problem was the context window, or the maximum amount of text an LLM can access at one time. Claudie was trying to process too much, and information kept getting lost. So we broke Claudie into layers. We built a central orchestration agent that delegates to several fleets of subagents, each responsible for a discrete task: extracting data, identifying needed updates, and making those changes. Results improved but remained unreliable. Key dates regarding client sessions and discovery calls were frequently dropped altogether. Our breakthrough came when we identified where communication was failing. Claudie’s subagents were gathering data and reporting it back to the orchestration agent. In theory, this should have worked. In practice, a single client update might require reviewing dozens of emails, meeting transcripts, and spreadsheets—too much for the subagents to relay without hitting the context limit. So they started summarizing the information instead of passing everything through, and the orchestration agent was making decisions based on AI recaps rather than the raw source material. To solve this issue, we instructed the data-gathering subagents to dump everything into a local file hosted on the same computer as Claudie instead of communicating information back. The orchestration agent could then direct subagents to the relevant files to make updates without ever engaging with the data itself. Voilà—context window preserved. Once Claudie started working from raw data instead of summaries, she nailed it. A diagram of the architecture that fixed the context window issue and dramatically improved Claudie’s performance. (Screenshot courtesy of Nityesh Agarwal.) Agents process information differently from humans. But like humans, they have weak spots that can be mitigated or even solved with the right management approach.
Give your agent a handbook that is required reading
Getting Claudie’s architecture right wasn’t enough on its own. She also needed context about the role and how to do it well. So we wrote her a handbook, as we would have done if onboarding a human project manager. Built as a project management skill in Claude, it details everything from success criteria to the team structure to when to escalate an issue to Natalia. With a human employee, you’d hand them the handbook at onboarding and expect them to reference it as needed. Claudie’s hard-coded first step when starting up is to read the handbook to ground her in the specifics of our team and her role within it. We found that when she skipped this—which, when left to her own devices, she frequently tried to do!—performance plummeted. We treat the handbook as a living document. As Claudie’s role has expanded, we’ve updated it to reflect her new responsibilities. For a human who learns on the job and asks clarifying questions, a slightly out-of-date handbook is no big deal. For Claudie, it’s all she knows. Claudie’s employee handbook. (Screenshot courtesy of Nityesh.)
Don’t be stingy with promotions
Once Claudie’s subagent architecture was stable, we expanded her responsibilities. At first, she updated each client’s dashboard individually. Once we trusted her with that, we had her do them all at once. Right now, we’re setting Claudie up on her own computer with a Claude Max plan and web server that’s on 24/7, which will give her the ability to run automated jobs at specific times each day and always be available to respond to our messages and requests on Slack. If that goes well, Claudie will graduate from project manager to chief of staff: She’ll monitor, triage, and send emails, pick up tasks in Asana, and communicate a project’s status in Slack. Claudie’s very own computer. (Screenshot courtesy of Natalia Quintero.) The criteria for a promotion are the same as they’d be for any team member: strong performance, a clear set of updated responsibilities, and the support and tools necessary for them to succeed in the new role.
Apply your learnings to your next hire
Onboarding Claudie wasn’t quick, nor was it easy. We rebuilt her multiple times from scratch. When we hit hour 50 of trying to get her to work, it was tempting to write off the AI entirely. When we did get Claudie to work, however, it was clear what a mistake that would have been. All we needed was the patience to figure out the right way to harness her brain power so she could deliver. If an AI worker isn’t performing, the problem is rarely that the model can’t do the job. It’s more likely the way you’ve structured, connected, or instructed your agent. Figure out where you went wrong, fix it, and have them try again. It’s a lesson I’ll take with me as I onboard more agents. The best thing a manager can do—for a human or an AI—is refuse to give up on a new hire before you’ve exhausted what you could be doing differently, and to believe in their potential.
To learn more about Claudie, listen to Natalia’s AI& I episode_ on how she automated her job. _
On April 9th at 10:00 AM PDT, Lena Waters will kick off a new version of Office Hours. Lena led marketing at Notion, Grammarly, & DocuSign. At Notion, she was CMO during the company’s AI product transition. She guided the shift from product-led growth to enterprise expansion while the company deepened its position in AI-powered work. At Grammarly, she oversaw marketing as the writing assistant added AI features. At DocuSign, she managed enterprise go-to-market strategy. Today, Lena advises startups & later-stage companies rethinking growth in an AI-driven world. She has some of the most forward-thinking ideas about the future of marketing in the AI era. The pattern she’s seen across dozens of marketing leaders: most companies adopted AI tactically without redesigning their marketing operations around it. We’re also changing the Office Hours format. The new format: 15 minutes online. One topic. Call-in questions live. No slides. No pre-written questions. Just a real conversation. On April 9, Lena will share what she’s seen at Notion, Grammarly, & DocuSign. Plus, how she envisions the AI-native marketing organization of the future. Register here
The product management tool has successfully reinvented itself as an agent-native business
by Laura Entis ## ‘AI & I’: Slowing down to speed up
Today, we’re releasing a new episode of our podcast AI& I.Dan Shipper sits down with Karri Saarinen , cofounder and CEO of Linear, a product management tool designed for agent-native software development, to discuss what the “SaaS is dead” narrative gets right—and wrong—and why conviction can be the best product strategy. Watch on X or YouTube , or listen on Spotify or Apple Podcasts. You can also read the transcript. Here are the highlights:
Just because the technology has changed doesn’t mean your mission should. Founded in 2019, Linear is the rare company that started pre-ChatGPT to have successfully reinvented itself as an agent-native business. Saarinen attributes Linear’s success to never losing sight of what it’s always cared about: helping companies build great software. Whereas competitors chased AI trends, Linear focused on understanding how the technology was impacting customers’ workflows, and updating its service accordingly.
SaaS winners are building for agents. Linear started as an excellent product management tool for humans. Opening up the tool to agents instantly increased the available user base. Today, agents are first-class users inside of Linear, and companies like OpenAI and Coinbase are using its platform to manage their own agents.
Speed means decisions matter more, not less. AI makes it easy to have an idea and build it without considering whether it justifies its existence. When ChatGPT was released, SaaS companies were launching their own chatbots left, right, and center. Instead of jumping on the bandwagon, Linear stopped to consider whether the application was useful. Turns out it really wasn’t, Saarinen says, a realization that freed up resources to focus on what mattered, like making it easy for humans and agents to collaborate on software development.
Miss an episode? Catch up on Dan’s recent conversations with LinkedIn cofounder Reid Hoffman ; the team that built Claude Code, Cat WuandBoris Cherny ; Vercel cofounder Guillermo Rauch ; podcaster Dwarkesh Patel ; and others, and learn how they use AI to think, create, and relate.
Generate designs that actually work
Dissecting Claude Code
On Tuesday, Anthropic inadvertently leaked the entire source code for Claude Code. Naturally, Cora general manager Kieran was curious to see what was happening under the hood.
Two days ago, I burnt 250 million tokens in a single day. That’s up 20x in six weeks. This idea, called tokenmaxxing, is the deliberate practice of maximizing token consumption. The question : how much electricity can we turn into useful work? The secret is parallelization. Structure a plan at the start of the day that allows multiple agents to work simultaneously. METR research shows the latest models can now work autonomously for 12 hours, up from 1 hour a year ago. Here’s the ramp once I started implementing a daily plan : So, what did I do two days ago? Here’s one example. I prepared a presentation for the AI Engineers Tech Talk on the infrastructure for building with agents that I’m delivering tonight. One agent pulled git commit history from the code repository & generated a lines-of-code chart. Another queried the agent error logs & built a time series of agent failures by root cause. A third fact-checked the METR research citations. A fourth built the presentation using a JavaScript library. A fifth critiqued the overall flow & content. All of this happened in the background. This was just one of the parallel flows in a day. The productivity ceiling? Still unmaxxed.
ben's bites · Thursday, April 2 2026 · 5 min read · ↑ top
Docs as files, a new markdown editor and April fools
Anthropic accidentally leaked the entire source code of Claude Code, due to a human error in one of their processes. Revealing the tool’s full architecture, internal prompts, agent workflows, tool usage, permission systems, and unreleased/hidden features. Boris, the lead for Claude Code, confirmed that this was a developer error, not any bug in Bun or a hack.
Re unreleased/hidden features (because I know you wanna know); “Proactive” mode (AI works autonomously without prompts), frustration/anger detection via keyword patterns is marked ‘negative’ in their analytics, a Tamagotchi-like “/buddy” companion, background daemons (like OpenClaw uses), undercover commit-hiding mode, and more feature flags/roadmap items.
The community ran rampant cloning the codebase on GitHub (which Anthropic since sent DMCA notices to get them taken down). But some developers ported the code to other languages (Python and then Rust) - which has copyright greyness and if Anthropic push to get them removed, may bring up questions on their own copyright issues.
Since it was April Fools yesterday, many launches are indistinguishable from real ones - I think it’s getting harder to spot in the AI age too.
But some folks use it as an opportunity to launch things, like Gumroad replacing their CEO with an AI Agent. Sahil (the founder) is a friend and previously invested in my last company. He’s super smart and I don’t think this is a prank at all. He’s the kind of person to try wacky, out-there things to see if they stick.
Some companies actually do April Fools well, like ElevenLabs. Last year, they made dogs talk, and this year, they are partnering with the 3000-year-old ElvenLabs.
Your agent can write code but it can’t accurately read PDFs. Classic.
LlamaParse 🦙reads docs with 99%+ accuracy on complex PDFs–like SEC reports, invoices, or research papers. Give your agents the context they need.
Sign up today to get 20,000 free credits with coupon: BENSBITES20 (ends 4/10)
I invested in LlamaIndex when scouting for a16z a few years ago
Headlines
Claude Code now renders a full UI in your terminal to solve the flickering. It shows “N new messages” when you scroll up, gives you full mouse support, and constant memory use. It’s experimental for now; upgrade to the latest version and run using “ CLAUDE_CODE_NO_FLICKER=1 claude”.
OpenAI closed its $122B raise at a $852B post-money valuation. It’s making about $2B a month in revenue, 40% of which comes from the enterprise. The blog post outlines a lot of their plans that were previously just rumours/leaks from various newsrooms.
Slack is turning Slackbot into a desktop companion. Select anything on your screen, pass it to Slackbot, and it can answer based on the context from your Slack workspace. It has 30+ new capabilities, including meeting transcription, reusable AI skills, MCP client and a native CRM.
Softr AI builds the tool your business needs, not a prototype. It wires the whole thing: database, logic, logins, permissions, & security (even hosting) with a visual editor to fine-tune. Think client portals, internal tools, CRMs, and more. No code required. 👉 Start today with 200 free AI credits.*
AgentOS by Rivet.dev - open-source operating system for agents. ~6 ms coldstarts, 32x cheaper than sandboxes.
Mario, the founder of Pi, asked around for something like Google Docs, but for markdown. He then vibed Jot in an hour.
Your agents can now access Supabase’s full documentation as a virtual filesystem. I think Mintlify could offer this to their customers, similar to how they added the “Copy as Markdown” button to the docs hosted via Mintlify.
Exa’s new product, Monitors, returns fresh results from the web for your query on schedule. Feels relevant for building agents.
Yutori’s Scouts do something similar for humans. They also launched Yutori’s desktop app for local-only access to logged-in websites when creating these “what’s new for your query” reports.
Colossus
@colossusmag
We're publishing an exclusive chapter from @scmallaby 's brilliant new book about Demis Hassabis and DeepMind. This is the inside story of Project Mario. How DeepMind's co-founders spent 4 years trying every mechanism they could think of to put guardrails around AGI, only to
fredrika
@fredrikalindh
reviewing in cursor is now a much better experience than github - select diff and ask cursor why it's there (or to fix) - view videos/images of result - test straight from browser we also added mark as viewed, link to preview and many more improvements coming
shadcn
@shadcn
Introducing Luma, a new shadcn/ui style. Rounded geometry. Soft elevation. Breathable layouts. Inspired by macOS Tahoe (minus the glass). Foundation. For your next app.
Drake Dukes · Thursday, April 2 2026 · 7 min read · ↑ top
Ex-Intel Neuromorphic, 2x CTO builds AI IDE for regulated industries, Serial founder (2022 IPO, multiple exits) returns with all-in-one AI contracts platform, & Ex-Google Research PhD enters stealth
We’re tracking company launches as they happen and surfacing the most interesting new founders and startups (yes, all outside of this stealth activity too). If you want to stay ahead of the curve, this is where you’ll find them first.
Right now we’ve got 5 subscribers: my wife, my mom, and that high school buddy who won’t stop pitching me his app. Be smart like them and get in early 👇
We run a live feed inside Gravity that tracks founders entering stealth and companies quietly exiting it.
What you’re reading here is about 1% of the stealth activity we pick up. The full tracker updates in real time as things change and new activity emerges.
In this issue of the Stealth Startup Spy, here is what we will uncover:
Ex-Intel Neuromorphic and 2x CTO builds AI IDE for regulated sectors
Serial founder behind a 2022 IPO and multiple exits returns with an AI-native contract platform combining analysis, eSignature, and workflow automation
Former Google Research scientist with a CS PhD is building a new stealth startup
Ex-Farmshelf CEO ($15M+ raised), with prior roles at Twitter and Pinterest, is back in stealth
Klarna veterans launch an AI-native financial modeling startup
And more…
Now let’s shine the spotlight… 💡💡💡
🕵️♂️Founders Coming Out of Stealth
Real-time updates from founders who debut what they’ve been working on under stealth mode
FounderDNA: Serial Founder, Technical Founder, Masters Degree, Former FAANG
Prior Experience: Ex-GPU Compute Infra at Meta, ex-Co-Founder & CTO at Universe Energy, ex-ML & accelerated computing at UBS and ETH Zurich, ASIC inference chip design experience
Prior Experience: Venture Partner at Erebor Capital; Board Member & former GM at Sterling Angels, repeat operator with COO roles at DefendEye and BrandPixel
Galdera Labs builds financial modeling software designed for reasoning-driven analysis, enabling operators and AI agents to make faster, more informed decisions
FounderDNA: Serial Founder, Masters Degree, Prior Exit
Prior Experience: Ex-Founder & CEO at UserWay (2022 IPO on the Tel Aviv Stock Exchange), Platin, XPlace (acquired), YouFig; ex-President at Level Access, early roles at SAP and Bloomberg
Signus.ai is an AI-native contract platform combining agreement analysis, eSignature, and workflow automation in a single system
HQ: Israel
Industry: Technology, Information and Media | Team Size: 9
Time Spent in Stealth Mode: 14 months
🕵️♂️Key Talent Going Under Stealth
Illuminating clues left behind by world class talent and influential innovators who just went into stealth mode
Andrew Shearer - Co-Founder & CEO at Stealth
FounderDNA : Serial Founder
Prior Experience : Ex-CEO and Founder at Farmshelf (raised $15M+), ex-Business Intelligence and Account Manager at Twitter, ex-Partner Manager, Growth at Pinterest
Prior Experience: Ex-Product Lead, Food & Beverage at Square, ex-Product Manager, Quickbooks Live at Intuit, ex-Strategy & Operations at LinkedIn, ex-Product Lead, Loyalty at Grubhub, Northwestern MBA
🚨Here’s the deal 🚨This email has gotten too big. Exciting, but with more people following it, the edge diminishes. I’ve thought long and hard about what to do to preserve the value in the signals. I’m not sure about the final direction yet, but in the meantime I’ve been sending an email 48 hours earlier to a select group of paid subscribers. The feedback has been pretty positive so I’m going to open up the list for another 100 spots. To get signals early, Apply here!
Stay Stealthy,
Drake
Thank you for reading. If you liked it, share it with your friends, colleagues and everyone interested in staying ahead of the hidden developments in tech. Subscribe below and follow us onX / Twitter to never miss a company operating under stealth again.
Stealth Startup Spy is a data-driven newsletter for investors, journalists and tech enthusiasts interested in uncovering the next big move for key talent, real-time stealth company launches and technology advancements not in plain sight. We leverage the technology built at Gravity to shine a light on the hidden world of stealth startups.
A conversation on what schools are getting wrong and how to fix it.
Apr 3| | ∙| Preview
Ted Dintersmith, education advocate and author, joins Scott Galloway to argue that American schools aren’t broken, they’re just optimized for the wrong century. They discuss why chasing test scores is failing kids, what math we should actually be teaching, the growing gender gap in K-12, and why embracing AI in schools may be the most important thing we…
No ads on pods, because ads tax your most valuable asset: time
Prof G+ exclusives, including breaking livestreams, keynotes, private chats, and more
Community privileges to leave comments, make friends, and engage in a series of bad decisions that might pay off
You're among 69,935 others who received this email because you wanted a weekly recap of the best articles from Hacker News. Published by Curpress from Bellingham, Washington. Hacker Newsletter is not affiliated with Y Combinator in any way.
✨ Want to promote your startup? Buy a classified ad or click reply to get our media kit
Every week I’ll provide updates on the latest trends in cloud software companies. Follow along to stay up to date!
Zero Knowledge, Maximum Trust
What a week for security breaches... Claude Code source code leaked via a misconfigured npm package, exposing 500,000 lines of code and an entire unreleased feature roadmap. Mercor got hit through a compromised LiteLLM dependency, with Lapsus$ claiming 4TB of stolen data including source code, databases, and contractor video interviews. And the axios npm package, one of the most widely used libraries in JavaScript with 100 million weekly downloads, was hijacked by North Korean state actors who injected a cross-platform remote access trojan. All within about 48 hours.
The common thread? Trust in the software supply chain (and soon to be agent supply chain…) is incredibly fragile. A single misconfigured file, a single compromised maintainer account, a single poisoned open-source dependency...and the whole thing unravels. And these are just the breaches we know about, affecting tools and infrastructure that developers interact with directly.
Now imagine a world where AI agents are running autonomously. Booking flights. Executing trades. Signing contracts. Moving money. Managing supply chains. We’re not far from that world...we’re basically in it. And yet the trust infrastructure underpinning all of it is...what exactly? We’re basically just taking AI’s word for it, and trusting that the background agent working on it’s own is not only doing it’s job accurately, but also not acting maliciously. That’s fine when you’re asking ChatGPT to summarize an article. It’s less fine when an agent is wiring $50k on your behalf. Or when a compromised model is silently making decisions with tampered weights.
If a single npm package can be weaponized to deliver malware to millions of machines in under 3 hours, what happens when the attack surface is AI models and autonomous agents operating across every critical system in an enterprise?
This is where zero knowledge proofs come in. And before your eyes glaze over (”isn’t that a crypto thing?”), bear with me, because I think this could be one of the most important infrastructure layers of the agentic era. I wrote this tweet earlier this year, and wanted to flesh out the idea a bit.
So what are zero knowledge proofs? At a high level, they’re a way for one party to prove to another party that something is true...without revealing the underlying information. The classic analogy: imagine you’re colorblind and I want to prove to you that two balls are different colors. I can design a game where you hide the balls behind your back, sometimes swap them, sometimes don’t, and ask me whether you swapped. If I can consistently tell you correctly, you become convinced the balls really are different colors, even though you never “saw” the colors yourself. That’s the essence of a zero knowledge proof. Proof of truth without revelation of the details.
In crypto, ZK proofs have been a massive deal. They’re used for things like privacy preserving transactions (proving you have enough funds without revealing your balance) and scaling blockchains through ZK rollups. But here’s the thing...ZK proofs have basically stayed inside the crypto ecosystem. They haven’t broken out into the broader tech world. Why?
Two reasons: speed and cost. Generating a zero knowledge proof is computationally expensive. Like, really expensive. Historically we’re talking orders of magnitude more compute than just running the original computation. If you want to prove that a simple ML model ran correctly, the proof generation might take 100x to 1,000,000x longer than just running the model itself. That’s...not great for real time applications.
This worked in crypto for a couple reasons. First, blockchain transactions don’t need to be instant. Users are accustomed to waiting. A few minutes (or even longer) for settlement is totally fine. Second, you can batch transactions together, amortizing the cost of proof generation across many transactions at once. ZK rollups do exactly this...bundle hundreds or thousands of transactions, generate one proof, verify it on chain. The per-transaction cost becomes manageable. And third, the computations being proved in crypto are relatively simple compared to something like neural network inference. Verifying a token transfer is a different beast than verifying a billion-parameter model.
But for AI? Where you need inference in milliseconds? Where agents are making decisions in real time? Where the computations are massive and complex? The overhead of traditional ZK proofs was a total non-starter.
Here’s what’s changed. And this is what has me really excited...
I’ve been seeing research breakthroughs in the ZK space that are dramatically breaking down these performance barriers. The overhead is shrinking fast. We’re talking improvements from 1,000,000x overhead to 100,000x to 10,000x...and the curve keeps bending. New frameworks can now prove the inference of image classification models in just a couple seconds. New proof systems using recursive SNARKs (called “folding schemes”) are compressing proof sizes from gigabytes down to under 100 kilobytes. GPU acceleration, specialized ZK hardware (yes, people are building dedicated ZK chips), and better algorithms are all converging at once.
We’re not at “real time proof generation for every AI inference” yet. But the trajectory is undeniable. And we’re close enough now that it works for a growing number of practical use cases.
So why does this matter? What does ZKML (zero knowledge machine learning) actually unlock?
Model integrity. How do you know the model you’re using hasn’t been tampered with? When you call an API from an AI provider, you’re trusting that they’re running the model they say they’re running, with the weights they say they’re using. ZK proofs can verify this cryptographically. The provider generates a proof that inference was performed using a specific, committed set of weights. No trust required...just math. This is enormous for regulated industries. A bank using AI for credit decisions could prove to regulators that the model used only approved parameters without revealing the proprietary model itself. A hospital could verify that an AI diagnosis came from an FDA-approved model without exposing patient data.
Input integrity. It’s not just about the model, it’s also about the inputs. Were the inputs to a model tampered with before inference? Did someone inject malicious data into the pipeline? ZK proofs can verify the full chain...that a specific input went into a specific model and produced a specific output. The entire computation is provable end to end.
Agent verification. This is the one I keep coming back to. In a world where agents are executing multi-step workflows autonomously (querying databases, calling APIs, moving money, signing contracts), we need a way to verify that the agent actually did what it said it did. That it followed the correct logic. That it wasn’t manipulated mid-execution through prompt injection or some other attack vector. ZK proofs can provide a cryptographic receipt for every action an agent takes. Every decision...provable, auditable, verifiable. Without having to re-run the entire computation or expose proprietary model details.
Privacy-preserving AI. Today if you want to use a cloud AI service, you typically send your data to the provider. They see your inputs. With ZKML, inference can be proven correct without revealing the input data OR the model weights to either party. The AI provider doesn’t see your sensitive data. You don’t see their proprietary model. But you both can verify the output is legitimate. This unlocks AI adoption in domains where data sensitivity has been a blocker...healthcare, finance, legal, defense.
Agent-to-agent trust. This might be the most forward looking use case, but I think it could define the next era. As we move toward a world where agents interact with other agents (your purchasing agent negotiating with a supplier’s sales agent, your portfolio agent coordinating with a market data agent), how do those agents trust each other? Today, agent-to-agent interactions rely on the same old assumption...trust the platform, trust the API, hope for the best. ZK proofs could give each agent the ability to cryptographically prove its identity, its logic, and its outputs to every other agent it interacts with. That’s a fundamentally new trust primitive.
The timing of all this is not a coincidence. NIST launched an AI Agent Standards Initiative in February specifically focused on security and interoperability for autonomous agents. Microsoft just unveiled their Zero Trust for AI framework. Everyone is converging on the same realization...we need better trust infrastructure for agents. Fast.
The way I think about it: every major platform shift has required a corresponding trust layer. The internet needed SSL/TLS. Mobile needed app store review and sandboxing. Cloud needed IAM and zero trust networking. The agentic era will need its own. And I think ZKML is a strong candidate for what that looks like.
Trust has always been the bottleneck for autonomy. The more we trust agents, the more autonomy we give them. The more autonomy they have, the more value they create. Zero knowledge proofs could be what unlocks that loop.
Top 10 EV / NTM Revenue Multiples
Top 10 Weekly Share Price Movement
Update on Multiples
SaaS businesses are generally valued on a multiple of their revenue - in most cases the projected revenue for the next 12 months. Revenue multiples are a shorthand valuation framework. Given most software companies are not profitable, or not generating meaningful FCF, it’s the only metric to compare the entire industry against. Even a DCF is riddled with long term assumptions. The promise of SaaS is that growth in the early years leads to profits in the mature years. Multiples shown below are calculated by taking the Enterprise Value (market cap + debt - cash) / NTM revenue.
Overall Stats:
Overall Median: 3.2x
Top 5 Median: 16.4x
10Y: 4.3%
Bucketed by Growth. In the buckets below I consider high growth >22% projected NTM growth, mid growth 15%-22% and low growth <15%. I had to adjusted the cut off for “high growth.” If 22% feels a bit arbitrary, it’s because it is…I just picked a cutoff where there were ~10 companies that fit into the high growth bucket so the sample size was more statistically significant
High Growth Median: 10.0x
Mid Growth Median: 5.5x
Low Growth Median: 2.5x
EV / NTM Rev / NTM Growth
The below chart shows the EV / NTM revenue multiple divided by NTM consensus growth expectations. So a company trading at 20x NTM revenue that is projected to grow 100% would be trading at 0.2x. The goal of this graph is to show how relatively cheap / expensive each stock is relative to its growth expectations.
EV / NTM FCF
The line chart shows the median of all companies with a FCF multiple >0x and <100x. I created this subset to show companies where FCF is a relevant valuation metric.
Companies with negative NTM FCF are not listed on the chart
Scatter Plot of EV / NTM Rev Multiple vs NTM Rev Growth
How correlated is growth to valuation multiple?
Operating Metrics
Median NTM growth rate: 13%
Median LTM growth rate: 15%
Median Gross Margin: 76%
Median Operating Margin (1%)
Median FCF Margin: 21%
Median Net Retention: 109%
Median CAC Payback: 33 months
Median S&M % Revenue: 35%
Median R&D % Revenue: 23%
Median G&A % Revenue: 15%
Comps Output
Rule of 40 shows rev growth + FCF margin (both LTM and NTM for growth + margins). FCF calculated as Cash Flow from Operations - Capital Expenditures
GM Adjusted Payback is calculated as: (Previous Q S&M) / (Net New ARR in Q x Gross Margin) x 12. It shows the number of months it takes for a SaaS business to pay back its fully burdened CAC on a gross profit basis. Most public companies don’t report net new ARR, so I’m taking an implied ARR metric (quarterly subscription revenue x 4). Net new ARR is simply the ARR of the current quarter, minus the ARR of the previous quarter. Companies that do not disclose subscription rev have been left out of the analysis and are listed as NA.
Sources used in this post include Bloomberg, Pitchbook and company filings
The information presented in this newsletter is the opinion of the author and does not necessarily reflect the view of any other person or entity, including Altimeter Capital Management, LP (”Altimeter”). The information provided is believed to be from reliable sources but no liability is accepted for any inaccuracies. This is for information purposes and should not be construed as an investment recommendation. Past performance is no guarantee of future performance. Altimeter is an investment adviser registered with the U.S. Securities and Exchange Commission. Registration does not imply a certain level of skill or training. Altimeter and its clients trade in public securities and have made and/or may make investments in or investment decisions relating to the companies referenced herein. The views expressed herein are those of the author and not of Altimeter or its clients, which reserve the right to make investment decisions or engage in trading activity that would be (or could be construed as) consistent and/or inconsistent with the views expressed herein.
This post and the information presented are intended for informational purposes only. The views expressed herein are the author’s alone and do not constitute an offer to sell, or a recommendation to purchase, or a solicitation of an offer to buy, any security, nor a recommendation for any investment product or service. While certain information contained herein has been obtained from sources believed to be reliable, neither the author nor any of his employers or their affiliates have independently verified this information, and its accuracy and completeness cannot be guaranteed. Accordingly, no representation or warranty, express or implied, is made as to, and no reliance should be placed on, the fairness, accuracy, timeliness or completeness of this information. The author and all employers and their affiliated persons assume no liability for this information and no obligation to update the information or analysis contained herein in the future.
A few weeks ago I wrote this aside about how companies/jobs/functions are reorienting toward a new organizing principle. Then this week it went tragically/comically viral for no good reason (my linkedin is broken now). So it’s now worth restating the case.
There’s a very real possibility that the only jobs in tech companies are going to be:
product eng/vibe coder/PM/slop cannon: self explanatory. This is the high velocity, high tool use generalist. they are obviously not restricted to product and eng roles. Anyone can be commercial and product minded.
SREs/infra/security/systems : we’re going to be producing so much STUFF across every org that there’s going to need to be really really good people stitching it together, making it stable, secure, and robust.
Adults : sometimes you need a grown up in the room to just say “hey, come on.” They are effectively a much needed governor on an otherwise accelerating organization. You will find them across roles but there are obvious places like legal and finance where you’re NGMI without an adult in charge.
Hot people : You will find hot people in roles ranging from sales, to people, to CX. There will always be an important place for those who present an easy UX to the world and are pleasant to be around. Remember, there are many ways to be hot.
First, these are working styles and archetypes, not job descriptions. The latent traits have always cut across job titles and orgs. To ask “what about design” or “where does my job fit” is the wrong question/fails to comprehend what’s going on. The right question is how do you approach your job irrespective of the title.
Second, it’s probably not possible to be all of these. It may not even really be possible to be more than one or two. To be spiky in all things is to be smooth. If you’re saying you’re all four you’re probably a) wrong and/or b) misunderstanding my point.
Third, this new quartet very well may replace the classic trifecta of product/design/eng. That iron triangle was organized around categories of output. When anyone can produce code, designs, and specs, organizing around what you produce is meaningless. Instead the highest velocity teams will organize around how they produce.
The best AI native companies are increasingly recruiting commercially minded engineers regardless of the role. They explicitly want people who are comfortable using tools AND thinking about product AND thinking about customers. The salespeople are shipping (at least internal tools and automations for themselves) and the engineers are relentlessly focused on customer value.
The highest performing companies will have ‘product engineers’ and slop cannons in every role (product/eng, sales, ops, talent, finance, CX, marketing, etc); it is a multi-hyphenate skill set crucial to accelerate each area of the business.
Conversely, there are “SREs” everywhere for those with the eyes to see them. The basic function within their org is the same: to provide scaffolding that lets other people move fast and cleans up behind them. Whether that happens in marketing (QA and copy editing) or engineering is irrelevant, the value to their org, and by extension the company, is the same.
In a world of rapid acceleration and internal decentralization (everyone can autonomously execute everywhere simultaneously), you need adults who can rely on judgement and earned intuition. Sometimes that means saying no with authority to prevent catastrophic errors and acceleration off a cliff. Remember, velocity is a vector (it requires direction) and momentum requires mass (the work needs to matter). Adults can help keep you on the golden path. This is self evident.
You cannot win without hot people. Hot people are the interface layer. Externally they make the thing legible and attractive. Internally they make the org cohere. They’re the reason people want to show up to work and the reason people want to buy from you. Remember, there are many ways to be hot and I will not elaborate on this further.
pictured here: a hot person
I'm not an employment doomer. The biggest companies will get more efficient (lower headcount) but there will be lots more companies and the boundaries of "tech" get fuzzier every year. And to the extent that there are fewer engineers (objectively wrong at this point) it’ll only be because many of them get subsumed into other “non-technical” roles.
Some Stray Notes
I’m not the first to point this out but the OpenAI/TBPN deal is clear proof of the immense value of hot people. Jordi and Coogan are equivalent to AI engineers.
The NYT reported on what purports to be a ≈$1B revenue, one person GLP-1 company. It seems to be a fraud and the numbers are probably either fake or misleading. This is what happens when a slop cannon builds a HC company without an adult in the room.
This is all orthogonal to agency which is important for everyone in every role in a highly performant, accelerating company.
POLL
Super stoked for this: we’re hosting founders, operators, security leaders for a ≈100 person cyber security mini conference in NY next month
We’ll have Anthropic’s head cyber and NatSec policy for a fireside chat along with panels with people building and backing security companies. More to come soon.
Sign up to join us. Space is limited and we want to prioritize builders and buyers.
My name is Yoni Rechtman. I’m a partner at Slow Ventures, where I lead pre/seed rounds from a ≈$325M fund. I’m a generalist investor looking for weird takes on important stories: N-of-1 companies taking non-obvious approaches to markets that matter. I’m interested in real world businesses, hybrid software companies, AI’s second-order effects, healthcare, network effects, and fintech. If you’re building something ambitious or think I’m wrong, I’d love to hear about it.
Unreliable AI products are a design problem. Here’s how to solve it.
by Karri Saarinen Sarah Deragon/Every illustration. Karri Saarinenhas spent his career—at Airbnb and Coinbase, and now as CEO of Linear—crafting software that keeps its promises. His argument is that AI’s unpredictability isn’t a model problem, it’s an interface one: An agent sends a customer an email you meant to review first. The model did what it was told, but the interface never gave you a chance to stay stop. In this piece, he shares the six-principle framework Linear has developed for how agents and humans should work together inside the same product, plus his nuanced take on a thorny question in AI design: Who should be accountable when an agent does something wrong? If you enjoy the piece, watch his episode on X or YouTube , or listen on Spotify or Apple Podcasts.— Kate Lee__ I learned to design in a world where product design was a promise. It was a promise that a product would work how it’s supposed to work. You sketch a user flow on a whiteboard, build it, and the system behaves the way you made it behave. A button does exactly what it says it will do, every time, and if it doesn’t, that’s a bug. This shaped my approach as a principal designer at Airbnb and Coinbase, and now as the CEO of Linear. Lately I’ve been spending time with a different kind of tool, and that promise has grown harder to keep. I ask for help writing a plan, summarizing a discussion, and turning rough notes into something clearer. Sometimes the result is excellent, but small changes to my input shift the output in ways I didn’t expect. The capability is impressive when it works, but the experience often feels slippery. I’m not always sure what I’ll get back, or how much I should trust it. Non-deterministic software breaks the contract. When outcomes can vary, sometimes wildly, based on what someone types into the same chat window, designing for reliability becomes genuinely harder. This slippery feeling is the design problem of this era, and it almost always traces back to the interface rather than the language model—which means it belongs to designers, not researchers.
Would you stake an enterprise business decision on what your AI just told you?
Most teams can’t because AI outputs don’t carry the judgment of the experts who actually know the domain. Dialect from Scale AI changes that.
Your experts encode corrections, context, and reasoning into every AI workflow.
That knowledge persists and compounds, building trust with every interaction.
You capture your own enterprise IP, instead of leaking it to the model builders.
The limits of chat
The first interface that spread for AI tools was the chat window. That makes sense. When you don’t know what something can do, the safest approach is to let people ask. A conversation feels familiar, it stretches across many situations, and it doesn’t force a specific structure up front. But the more you use chat for real work, the more its weakness shows. Everything becomes a stream of text that’s hard to hold onto, hard to compare, and hard to connect to the rest of what you’re doing. The quality of the output depends enormously on the quality of the input, which means two people asking for the same thing in slightly different ways can get drastically different results. There are few guardrails, and little structure nudging you toward a good outcome. The interface is essentially a blank page with a blinking cursor, and all the burden of getting value from it falls on the person typing. For exploration, that’s fine. For serious, repeated work inside a team, it’s not enough. We need interfaces that bring more structure to AI interactions, that guide people (and agents) toward better outcomes without being so brittle they break the moment someone wants to use them in a way you hadn’t anticipated.
Designing for new actors
There’s a second, newer dimension to this problem that goes beyond improving interfaces for humans. Agents are already showing up inside products, working alongside people, and most software wasn’t designed with that in mind. For decades, interfaces have been designed so that humans can navigate them—buttons, menus, folders, navigation hierarchies. These patterns assume a person is looking at a screen, making decisions, and clicking through options. But when an agent is interacting with a product, the design challenge changes. The agent doesn’t need a menu to find something. It doesn’t browse. It acts, and the people around it need to understand what it did and why, often after the fact. We need a new set of principles for how agents show up inside the tools people already use. Not principles for building agents themselves, but principles for designing ways that agents and humans interact within a shared product. At Linear, we’ve started calling these Agent Interaction Guidelines , and while they’re still evolving, they represent how we think about this problem today.
An agent should always disclose that it’s an agent
When humans and agents work side by side, people need instant certainty about who they’re interacting with. This sounds obvious, but it’s easy to get wrong. The agent has to signal its identity clearly enough that it can never be mistaken for a person, even in passing, even on a quick scan of a busy activity feed. A dropdown menu assigns tasks to human and agent users, with clear “Agent” badges for the latter. (All screenshots courtesy of Linear.)
An agent should inhabit the platform natively
Agents should work through the same patterns and actions that humans use. If a person changes an issue’s status or links a pull request, the agent should do it the same way, in the same place, with the same visual language. This makes the agent’s work legible without anyone learning a new mental model. You already know how to read what happened, because the interface is the same one you’ve used all along. Linear’s activity feed for issues shows agent actions alongside human actions.
An agent should provide instant feedback
Silence from an agent creates the same anxiety as silence from a colleague you’ve just asked for help. When invoked, an agent should provide immediate (but unobtrusive) feedback so the person knows their request was received. The details can come later.
An agent should be transparent about its internal state
More broadly, people need to understand, at a glance, whether an agent is thinking, waiting for input, executing a task, or finished with that task. And when they want to go deeper, they should be able to inspect the agent’s reasoning, the tools and systems it used, and its decision logic. This separates a product you can trust from one that feels like a black box. Transparency makes speed feel safe. Agents in Linear’s Agent Sessions show their reasoning.
An agent should respect requests to disengage
When asked to stop, an agent should stop immediately and stay stopped until it receives a clear signal to re-engage. This one feels simple, but it matters more than you’d think. An agent that keeps going after being told to stop, or that re-engages unprompted, erodes trust faster than one that makes mistakes. People need to feel that they’re in control of the interaction, not the other way around.
An agent cannot be held accountable
I think about this principle most. The instinct to put a human in the loop is understandable, but taken literally, it can mean a person approving every step before anything moves forward. The human becomes a bottleneck, rubber-stamping work rather than directing it, and you lose much of what makes agents valuable in the first place. The more important work happens before the agent even starts. An agent operating inside a well-designed system already has the context and constraints it needs to do good work. In Linear, that means project plans, issue backlogs, code, and documentation. These all shape what the agent does and how it does it. When you delegate an issue to an agent in Linear, the delegation is visible. There’s a person who set the agent loose within that system, and that person is accountable for the outcome. You design the environment well, you let the agent run, and you own what it produces. Issues delegated to agents show their human assignee.
A working framework
We’ve honed these principles through what we’ve learned building agents into Linear over the past year, and we expect them to keep evolving as the technology and the patterns mature. The design language for human-agent collaboration is still being written, by us and by everyone else building in this space. I feel confident, though, that the slippery feeling people associate with AI products is a solvable problem, and the solution looks more like thoughtful interface design than better models. The models will keep improving on their own. The harder work is building the structure around them so that their output feels reliable, legible, and trustworthy. That’s the design challenge on which to focus. And the reward for getting it right is that, over time, you can hand agents more and more of the work that doesn’t need you, and spend your attention on the work that does.
Learn more about how Saarinen runs Linear and what he thinks of the “SaaS is dead” narrative. Watch his episode on X or YouTube , or listen on Spotify or Apple Podcasts.
For years, social media companies have operated with near-total legal immunity. That may be changing.
In this Prof G+ Deep Dive, Scott breaks down landmark rulings against Meta and Google — and why they could mark the beginning of a broader legal reckoning for Big Tech.
The focus is shifting from content to design, specifically the algorithms and features…
No ads on pods, because ads tax your most valuable asset: time
Prof G+ exclusives, including breaking livestreams, keynotes, private chats, and more
Community privileges to leave comments, make friends, and engage in a series of bad decisions that might pay off
Scott Galloway · Friday, April 3 2026 · 9 min read · ↑ top
Overlooked vulnerabilities
No Mercy / No Malice has been nominated for two Webby Awards: Best Newsletter and Thought Leadership. We’d appreciate your vote for the People’s Choice award. Thanks.
When you compress the carotid arteries , you cut off the flow of oxygenated blood to the brain. This causes unconsciousness in approximately 8 to 15 seconds due to cerebral hypoxia (oxygen deprivation to the brain). Globalization has expanded the economic corpus, resulting in an interconnected world and yielding huge — though unevenly distributed — prosperity. It has also formed carotid arteries the size of … wait for it … the Strait of Hormuz.
In 1984 a forgettable made-for-TV movie contemplated a Middle East conflict that closed the Strait of Hormuz. For decades, U.S. strategic simulations have explored similar scenarios. In one 2002 war game, the Red Team, deploying asymmetrical capabilities, including armed speedboats, decimated American naval forces in 10 minutes, effectively closing the Strait. Why didn’t the Trump administration anticipate this entirely predictable scenario? A: Despite a warning from the chairman of the Joint Chiefs of Staff, the president determined that the regime would capitulate before closing the strait, and that if it didn’t, the U.S. military could reopen it. He was wrong. This may be the greatest intelligence failure since CIA Director George Tenet famously told Bush it was a “slam dunk case” that Iraq had WMD. But let’s put aside the chokepoint (almost) everyone saw coming and discuss some others we choose to ignore.
Jekyll and Ketamine
Last year, one company conducted 84% of U.S. space launches and 52% of global launches: SpaceX. Almost two-thirds of the satellites orbiting Earth belong to the company, but it really dominates in low Earth orbit, where it owns 91% of communications satellites. If you’re connecting from a cellular deadspot, going online while flying one of 30-plus airlines, out on a boat, or operating in a war zone, you’re at Elon Musk’s mercy. He recently combined SpaceX with xAI at a valuation of $1.25 trillion, registering a 43% equity stake and 79% of the voting power. This week, SpaceX filed to go public, seeking to raise $50 billion to $75 billion, meaning Musk will likely become the world’s first trillionaire. He says he’s “creating the most ambitious, vertically integrated innovation engine on (and off) Earth, with AI, rockets, space-based internet, direct-to-mobile device communications, and the world’s foremost real-time information and free-speech platform.” In other words, a global communications and information chokepoint.
With Musk, sometimes you get Dr. Jekyll (electric cars, reusable rockets, and medical breakthroughs for treating blindness and paralysis). Other times, you get Mr. Hyde (bullying a judge, Nazi salutes, and AI porn). Is Jekyll or Hyde the real Elon? A: Yes. As author Robert Caro, who’s written four volumes on power through the lens of LBJ, observed, power doesn’t necessarily corrupt, but it always reveals. “When you’re climbing to get power, you have to use whatever methods are necessary, and you have to conceal your aims,” Caro told the New York Times. “But then when you get power, you can do what you want. So power reveals.” Musk is, according to the Wall Street Journal , addicted to ketamine, determined to father a “legion-level” of offspring before the apocalypse, and (no surprise) perpetually engaged in custody battles. He also sleeps with loaded guns next to his bed. Is this the person we want at the epicenter of space, connectivity, AI, and media? A: No one person should have this much power.
I have no idea what Musk intends to do with his power, and that’s the scary part … he’s unelected and answers to no one, as we now live in a society where billionaires are protected by the law, but not bound by it. Even scarier, Musk may not know either (see: ketamine). To paraphrase Richard Pryor, ketamine is a helluva drug. I tried it once under therapeutic supervision. Shit got real / unreal fast. As Shayla Love wrote in the Atlantic , “Excessive use of the drug can make anyone feel like they rule the world.” For most people, the danger of that delusion is contained inside a relatively small blast zone — the addict, their friends and family, their world. In Musk’s case, his world is … our world.
Article Two
Last weekend, an estimated 8 million Americans participated in No Kings protests. The rallies speak to the moment, but the demonstrators’ concerns are as old as America. As James Madison wrote in The Federalist Papers, No. 47, “The accumulation of all powers, legislative, executive, and judiciary, in the same hands, whether of one, a few, or many, and whether hereditary, self-appointed, or elective, may justly be pronounced the very definition of tyranny.” After fighting a revolution against a monarch, the Constitution’s framers split power across three branches of government, devising a system of checks and balances to put each branch in tension with the other two. Cumbersome by design. We spent the next 230 years reassembling the king.
The Constitution grants the power to tax and regulate foreign commerce exclusively to Congress, but according to Duke Law professor Timothy Meyer, “functionally, trade policy has been dominated by the executive branch since the 1930s.” The War Powers Resolution of 1973, sold as a check on Richard Nixon after revelations that he’d secretly bombed Cambodia, actually codified a 60-day blank check for presidential military action. Meanwhile, the 2001 Authorization for Use of Military Force — passed one week after 9/11 — has been cited to justify classified military operations in at least 22 countries. Congress has never declared war in my lifetime — but we’ve fought many, and we’re fighting one now. On paper, our system was built to avoid chokepoints by distributing power. We built one anyway: It’s inside the Oval Office. For the past century, as we ceded powers from the legislative and judicial to the executive branch, we’ve been hoping “norms” would help us avoid strangulation. And it worked … until it didn’t.
Cloud
Last October, a database glitch in northern Virginia took down Snapchat, Fortnite, Ring doorbells, Coinbase, Reddit, DoorDash, and about a thousand other services. The culprit was a malfunction at an Amazon Web Services data center — the third major outage tied to that location in the past five years. Downdetector received 6.5 million outage reports. Three companies — Alphabet, Amazon, and Microsoft — own two-thirds of the cloud market. These service interruptions rarely result in clients switching providers; leaving is too costly and time-consuming. After a perfect storm of bad code and a widespread Azure outage knocked airlines, hospitals, and banks offline in 2024, one cybersecurity expert said, “This is a very uncomfortable illustration of the fragility of the world’s core internet infrastructure.” If you’re under 30, that fragility is your lived experience. That’s what makes the cloud such a potent chokepoint. It’s hiding in plain sight … until it isn’t.
Mistakes that cause outages are one thing, but attacks from malicious actors are the bigger threat. Since 2005, 34 countries have been suspected of sponsoring cyber operations, with China, Iran, North Korea, and Russia accounting for a combined 77% of suspected attacks. Since the start of the U.S.-Israel war on Iran, Iranian hackers have hit a medical technology company, stolen and tried to sell data from Lockheed Martin, and breached FBI Director Kash Patel’s personal email. Even more chilling is the emergence of a gray zone between war and peace, i.e., permanent cyberwar. As a 2022 Atlantic Council report explained, “Without firing a single bullet, U.S. adversaries are striking at the fibers of U.S. and allied societies, economies, and governments to test confidence in systems that underwrite both the U.S. constitutional republic and the U.S.-led, rules-based international order.” In other words, everyday, unseen hands reach across cyberspace and apply pressure to our air supply. When we gasp for air, however, we demand an immediate patch, rather than insisting on redundant airways.
Chip-Point
The Islamic Revolutionary Guard Corps is demonstrating a lesson we should’ve learned watching Ukraine repel Russia for the past three years — an $82 million fighter jet launched from a $13 billion aircraft carrier is an economic Goliath facing a swarm of $20,000 to $50,000 Davids, i.e., Shahed drones. While we’re bleeding resources and credibility, China is taking notes and looking at Taiwan. “The single biggest threat to the world economy, the single biggest point of single failure, is that 97% of the high-end chips are made in Taiwan,” Treasury Secretary Scott Bessent said at Davos this January. “If that island were blockaded, [or] that capacity were destroyed, it would be an economic apocalypse.” One company, TSMC, controls 72% of the global foundry market, producing chips for AMD, Apple, Nvidia, and Qualcomm. If China invaded Taiwan, global GDP would sustain an estimated 10% hit, according to a Bloomberg analysis.
But China doesn’t need to invade Taiwan or blockade it. They just need to flex — military exercises, missiles splashing down in shipping lanes to spook maritime insurance carriers, a cyber operation that takes TSMC offline for 72 hours — and watch Silicon Valley and JP Morgan scramble to derisk. The problem is, there’s nowhere to scramble to. Despite Biden’s carrots ($152 billion in CHIPS Act spending) and Trump’s sticks (tariffs), the soonest the U.S. can expect to have meaningful backup capacity is 2030. We’ve kept China at bay with a mix of globalization, strong coalitions, and military deterrence. The bulwark of allies defending our most critical technological chokepoint took decades to build, but only a year to disable with incoherent isolationist economic policies, insults, and now a war that exposes the gaps in our armor.
The Strait of Hormuz. One man’s satellite network. An autocracy cosplaying as a government. Three cloud providers. One island. We didn’t stumble into these chokepoints, we built them. The invisible, bipartisan hand of the market has been wrapping itself around our throat this whole time. We mistook shareholder value and purity tests for resilience, finding welcome distractions in Big Tech earnings calls and arguments over pronouns.
Interconnects by Nathan Lambert · Friday, April 3 2026 · 8 min read · ↑ top
Hint: it's not benchmark scores.
Having written a lot of model release blog posts, there’s something much harder about reviewing open models when they drop relative to closed models, especially in 2026. In recent years, there were so few open models, so when Llama 3 was released most people were still doing research on Llama 2 and super happy to get an update. When Qwen 3 was released, the Llama 4 fiasco had just gone down, and a whole research community was emerging to study RL on Qwen 2.5 — it was a no brainer to upgrade.
Today, when an open model releases, it’s competing with Qwen 3.5, Kimi K2.5, GLM 5, MiniMax M2.5, GPT-OSS, Arcee Large, Nemotron 3, Olmo 3, and others. The space is populated, but still feels full of hidden opportunity. The potential of open models feels like a dark matter, a potential we know is huge, but few clear recipes and examples for how to unlock it are out there. Agentic AI, OpenClaw, and everything brewing in that space is going to spur mass experimentation in open models to complement the likes of Claude and Codex, not replace them.
Especially with open models, the benchmarks at release are an extremely incomplete story. In some ways this is exciting, as new open models have a much higher variance and ability to surprise, but it also points at some structural reasons that make building businesses and great AI experiences around open models harder than the closed alternatives. When a new Claude Opus or GPT drops, spending a few hours with them in my agentic workflows is genuinely a good vibe test. For open models, putting them through this test is a category error.
Something else to be said about open models in the era of agents is that they get out of the debate of integration, harnesses, and tools and let us see close to the ground on what exactly is the ability of just a model. Of course, we can’t test some things like search abilities without some tool, but being able to measure exactly the pace of progress of the model alone is a welcome simplification to a systematically opaque AI space.
The list of factors I’d use to assess a new open-weight model I’m considering investing in includes:
Model performance (and size) — how this model performs on benchmarks I care about and how it compares to other models of a similar size.
Country of origin — some businesses care deeply about provenance, and if a model was built in China or not.
Model license — if a model needs legal approval for use, uptake will be slower at mid-sized and large companies.
Tooling at release — many models release with half-broken, or at least substantially slower, implementations in popular software like vLLM, Transformers, SGLANG, etc due to pushing the envelope of architectures or tools.
Model fine-tunability — how easy or hard it is to modify the given model to your use-case when you actually try and use it.
The core problem is that some of these are immediately available at release, e.g. general performance, license, origin, etc. but others such as tooling take day(s) to week(s) to stabilize, and others are open research questions — with no group systematically monitoring fine-tunability.
In the early era of open models, the days of Llama 2 or 3 and Qwen pre v3.5, the architectures were fairly simple and the models tended to work out of the box. Some of this was due to the extremely hard work of the Llama, Qwen, Mistral, etc. developer teams. Some is due to the new models being genuinely harder to work with. When it comes to something like Qwen 3.5 or Nemotron 3, with hybrid models (either gated delta net or mamba layers), the tooling is very rough at release. Things you would expect to “just work” often don’t.
I’ve been following this area closely since we released Olmo Hybrid with a similar architecture, and Qwen 3.5 is just starting to work well in the various open-source tools that need to all play nice together for RL research. That’s 1.5 months after the release date! This is just to start really investing more into understanding the behavior of the models. Of course, others started working on these models sooner by investing more engineering resources or relying on partially closed software. The fully open and distributed ecosystem takes a long time to get going on some new models.
All of this is lead-in for the most important question for open models — how easy is it to adapt to specific use-cases? This is a different problem for different model sizes. Large MoE open-weight models may be used by entities like Cursor who need complex capabilities in their domain, e.g. Composer 2 trained on Kimi K2.5. Other applications can be built on much smaller models, such as Chroma’s Context-1 model for agentic search, built on GPT-OSS 20B.
The question of “which models are fine-tunable” is largely background knowledge known by engineers across the industry. There should be a thriving research area here to support the open ecosystem model. The first step is to understand characteristics of different base and post-trained models to understand what they look like. The second step is to tune pretraining recipes for open models so they’re more flexible.
For The ATOM Project and other Interconnects endeavors, we’ve put in substantial effort to measuring adoption trends in the open ecosystem. Everything takes a long time to unfold after a model is first publicly available — and adaptability is why. What we know for sure now, when Qwen has been going from strength to strength with its releases, is that technical staff across the industry has gotten comfortable working with Qwen models. Countless research methods and datasets were made to work with Qwen. It’ll take patience for any other model family to get to this point — a patience I’m not sure many open model builders have.
This takes us to Gemma 4 , Google’s latest open models. Gemma 3 was released more than a year ago, in March of 2025, and is a bit underrated. Gemma 4 comes in 4 sizes for now, with a bigger, MoE model of over 100B total parameters rumored but not released yet. The models we have today come in sizes of ~5B dense, 8B dense, 26B total 4B active MoE, and 31B dense.
The Gemma 4 scores look very solid, the small models have incredible benchmark scores (especially in general domains like LMArena) and the 31B model rivals the recent Qwen 3.5 27B, which is the leading member of that class. The ~30B size range is an important one, as it’s accessible both to researchers and to enterprises looking to deploy the model in real use-cases. Where the 7B model scale is the default for tinkering and research, a 30B model is the default for seeing if an open model can unlock substantial value in your specific workflow — a good mix of intelligence, low price, tractability for downstream training, etc.
This takes us back to the above adoption criteria I mentioned for open models and the bigger question — do I think Gemma 4 will be an overwhelming success? Previous Gemma models have been plagued by tooling issues and poorer performance when being finetuned.
Gemma 4’s success is going to be entirely determined by ease of use, to a point where a 5-10% swing on benchmarks wouldn’t matter at all. It’s strong enough, small enough, with the right license, and from the U.S., so many companies are going to slot it in.
I’m cautiously optimistic that Gemma 4 is going to work better here. Winds are shifting for open models built in America. We saw GPT-OSS go through a bumpy launch to become an overwhelming success. There’s a collective energy around the likes of Reflection, Arcee, Nemotron, Gemma, Olmo, and peers that show substantial demand for building new stacks around open models. There’s capital to be spent on AI stacks across the economy by those who want more ownership of everything, including the model.
After launching The ATOM Project 240 days ago, the conversation is shifting into the next stage. Summer of 2025 was a crisis moment where the U.S. AI scene realized it can’t wait and figure out open models after building AGI. The two markets will capture different areas and proceed in parallel. Now that more companies in the U.S. are releasing strong models, we need to improve the ecosystem so that these models are easy to use, understand, and build value around. It’s the hard work to build another inflection point in these adoption plots I’ve been updating consistently, but that’s the work to be done. Join me in it.
Liking, sharing, commenting, or recommending Interconnects from your Substack is the only way Interconnects is possible. Thank you for your support.
If you liked this, consider upgrading to a paid subscription to cover my growing subscription and API fees. We offer group Interconnects subscriptions at tiered discounts for 5+ heads.
If you want all of the best AI writing on Substack through one subscription for your team of 20+, check out https://readsail.com/.
Sebastian Raschka, PhD from Ahead of AI · Saturday, April 4 2026 · 16 min read · ↑ top
How coding agents use tools, memory, and repo context to make LLMs work better in practice
In this article, I want to cover the overall design of coding agents and agent harnesses: what they are, how they work, and how the different pieces fit together in practice. Readers of my Build a Large Language Model (From Scratch) and Build a Large Reasoning Model (From Scratch) books often ask about agents, so I thought it would be useful to write a reference I can point to.
More generally, agents have become an important topic because much of the recent progress in practical LLM systems is not just about better models, but about how we use them. In many real-world applications, the surrounding system, such as tool use, context management, and memory, plays as much of a role as the model itself. This also helps explain why systems like Claude Code or Codex can feel significantly more capable than the same models used in a plain chat interface.
In this article, I lay out six of the main building blocks of a coding agent.
Claude Code, Codex CLI, and Other Coding Agents
You are probably familiar with Claude Code or the Codex CLI, but just to set the stage, they are essentially agentic coding tools that wrap an LLM in an application layer, a so-called agentic harness, to be more convenient and better-performing for coding tasks.
Coding agents are engineered for software work where the notable parts are not only the model choice but the surrounding system, including repo context, tool design, prompt-cache stability, memory, and long-session continuity.
That distinction matters because when we talk about the coding capabilities of LLMs, people often collapse the model, the reasoning behavior, and the agent product into one thing. But before getting into the coding agent specifics, let me briefly provide a bit more context on the difference between the broader concepts, the LLMs, reasoning models, and agents.
On The Relationship Between LLMs, Reasoning Models, and Agents
An LLM is the core next-token model. A reasoning model is still an LLM, but usually one that was trained and/or prompted to spend more inference-time compute on intermediate reasoning, verification, or search over candidate answers.
An agent is a layer on top, which can be understood as a control loop around the model. Typically, given a goal, the agent layer (or harness) decides what to inspect next, which tools to call, how to update its state, and when to stop, etc.
Roughly, we can think about the relationship as this: the LLM is the engine, a reasoning model is a beefed-up engine (more powerful, but more expensive to use), and an agent harness helps us the model. The analogy is not perfect, because we can also use conventional and reasoning LLMs as standalone models (in a chat UI or Python session), but I hope it conveys the main point.
Figure 2: The relationship between conventional LLM, reasoning LLM (or reasoning model), and an LLM wrapped in an agent harness.
In other words, the agent is the system that repeatedly calls the model inside an environment.
So, in short, we can summarize it like this:
LLM: the raw model
Reasoning model : an LLM optimized to output intermediate reasoning traces and to verify itself more
Agent: a loop that uses a model plus tools, memory, and environment feedback
Agent harness: the software scaffold around an agent that manages context, tool use, prompts, state, and control flow
Coding harness: a special case of an agent harness; i.e., a task-specific harness for software engineering that manages code context, tools, execution, and iterative feedback
As listed above, in the context of agents and coding tools, we also have the two popular terms agent harness and (agentic) coding harness. A coding harness is the software scaffold around a model that helps it write and edit code effectively. And an agent harness is a bit broader and not specific to coding (e.g., think of OpenClaw). Codex and Claude Code can be considered coding harnesses.
Anyways, A better LLM provides a better foundation for a reasoning model (which involves additional training), and a harness gets more out of this reasoning model.
Sure, LLMs and reasoning models are also capable of solving coding tasks by themselves (without a harness), but coding work is only partly about next-token generation. A lot of it is about repo navigation, search, function lookup, diff application, test execution, error inspection, and keeping all the relevant information in context. (Coders may know that this is hard mental work, which is why we don’t like to be disrupted during coding sessions :)).
Figure 3. A coding harness combines three layers: the model family, an agent loop, and runtime supports. The model provides the “engine”, the agent loop drives iterative problem solving, and the runtime supports provide the plumbing. Within the loop, “observe” collects information from the environment, “inspect” analyzes that information, “choose” selects the next step, and “act” executes it.
The takeaway here is that a good coding harness can make a reasoning and a non-reasoning model feel much stronger than it does in a plain chat box, because it helps with context management and more.
The Coding Harness
As mentioned in the previous section, when we say harness , we typically mean the software layer around the model that assembles prompts, exposes tools, tracks file state, applies edits, runs commands, manages permissions, caches stable prefixes, stores memory, and many more.
Today, when using LLMs, this layer shapes most of the user experience compared to prompting the model directly or using web chat UI (which is closer to “chat with uploaded files”).
Since, in my view, the vanilla versions of LLMs nowadays have very similar capabilities (e.g., the vanilla versions of GPT-5.4, Opus 4.6, and GLM-5 or so), the harness can often be the distinguishing factor that makes one LLM work better than another.
This is speculative, but I suspect that if we dropped one of the latest, most capable open-weight LLMs, such as GLM-5, into a similar harness, it could likely perform on par with GPT-5.4 in Codex or Claude Opus 4.6 in Claude Code. That said, some harness-specific post-training is usually beneficial. For example, OpenAI historically maintained separate GPT-5.3 and GPT-5.3-Codex variants.
In the next section, I want to go more into the specifics and discuss the core components of a coding harness using my Mini Coding Agent : https://github.com/rasbt/mini-coding-agent.
Figure 4: Main harness features of a coding agent / coding harness that will be discussed in the following sections.
By the way, in this article, I use the terms “coding agent” and “coding harness” somewhat interchangeably for simplicity. (Strictly speaking, the agent is the model-driven decision-making loop, while the harness is the surrounding software scaffold that provides context, tools, and execution support.)
Figure 5: Minimal but fully working, from-scratchMini Coding Agent (implemented in pure Python)
Anyways, below are six main components of coding agents. You can check out the source code of my minimal but fully working, from-scratch Mini Coding Agent (implemented in pure Python), for more concrete code examples. The code annotates the six components discussed below via code comments:
Six Agent Components
1) Live Repo Context -> WorkspaceContext
2) Prompt Shape And Cache Reuse -> build_prefix, memory_text, prompt
6) Delegation And Bounded Subagents -> tool_delegate
1. Live Repo Context
This is maybe the most obvious component, but it is also one of the most important ones.
When a user says “fix the tests” or “implement xyz,” the model should know whether it is inside a Git repo, what branch it is on, which project documents might contain instructions, and so on.
That’s because those details often change or affect what the correct action is. For example, “Fix the tests” is not a self-contained instruction. If the agent sees AGENTS.md or a project README, it may learn which test command to run, etc. If it knows the repo root and layout, it can look in the right places instead of guessing.
Also, the git branch, status, and commits can help provide more context about what changes are currently in progress and where to focus.
Figure 6: The agent harness first builds a small workspace summary that gets combined with the user request for additional project context.
The takeaway is that the coding agent collects info (”stable facts” as a workspace summary) upfront before doing any work, so that it’s is not starting from zero, without context, on every prompt.
2. Prompt Shape And Cache Reuse
Once the agent has a repo view, the next question is how to feed that information to the model. The previous figure showed a simplified view of this (“Combined prompt: prefix + request”), but in practice, it would be relatively wasteful to combine and re-process the workspace summary on every user query.
I.e., coding sessions are repetitive, and the agent rules usually stay the same. The tool descriptions usually stay the same, too. And even the workspace summary usually stays (mostly) the same. The main changes are usually the latest user request, the recent transcript, and maybe the short-term memory.
“Smart” runtimes don’t rebuild everything as one giant undifferentiated prompt on every turn, as illustrated in the figure below.
Figure 7: The agent harness builds a stable prompt prefix, adds the changing session state, and then feeds that combined prompt to the model.
The main difference from section 1 is that section 1 was about gathering repo facts. Here, we are now interested in packaging and caching those facts efficiently for repeated model calls.
The “stable” “Stable prompt prefix” means that the information contained there doesn’t change too much. It usually contains the general instructions, tool descriptions, and the workspace summary. We don’t want to waste compute on rebuilding it from scratch in each interaction if nothing important has changed.
The other components are updated more frequently (usually each turn). This includes short-term memory, the recent transcript, and the newest user request.
In short, the caching aspect for the “Stable prompt prefix” is simply that a smart runtime tries to reuse that part.
3. Tool Access and Use
Tool access and tool use are where it starts to feel less like chat and more like an agent.
A plain model can suggest commands in prose, but an LLM in a coding harness should do something narrower and more useful and be actually able to execute the command and retrieve the results (versus us calling the command manually and pasting the results back into the chat).
But instead of letting the model improvise arbitrary syntax, the harness usually provides a pre-defined list of allowed and named tools with clear inputs and clear boundaries. (But of course, something like Python subprocess.call can be part of this so that the agent could also execute an arbitrary wide list of shell commands.)
The tool-use flow is illustrated in the figure below.
Figure 8: The model emits a structured action, the harness validates it, optionally asks for approval, executes it, and feeds the bounded result back into the loop.
To illustrate this, below is an example of how this usually looks to the user using my Mini Coding Agent. (This is not as pretty as Claude Code or Codex because it is very minimal and uses plain Python without any external dependencies.)
Figure 9: Illustration of a tool call approval request in the Mini Coding Agent.
Here, the model has to choose an action that the harness recognizes, like list files, read a file, search, run a shell command, write a file, etc. It also has to provide arguments in a shape that the harness can check.
So when the model asks to do something, the runtime can stop and run programmatic checks like
“Is this a known tool?”,
“Are the arguments valid?”,
“Does this need user approval?”
“Is the requested path even inside the workspace?”
Only after those checks pass does anything actually run.
While running coding agents, of course, carries some risk, the harness checks also improve reliability because the model doesn’t execute totally arbitrary commands.
Also, besides rejecting malformed actions and approval gating, file access can be kept inside the repo by checking file paths.
In a sense, the harness is giving the model less freedom, but it also improves the usability at the same time.
4. Minimizing Context Bloat
Context bloat is not a unique problem of coding agents but an issue for LLMs in general. Sure, LLMs are supporting longer and longer contexts these days (and I recently wrote about the attention variants that make it computationally more feasible), but long contexts are still expensive and can also introduce additional noise (if there is a lot of irrelevant info).
A Visual Guide to Attention Variants in Modern LLMs
Mar 22
Coding agents are even more susceptible to context bloat than regular LLMs during multi-turn chats, because of repeated file reads, lengthy tool outputs, logs, etc.
If the runtime keeps all of that at full fidelity, it will run out of available context tokens pretty quickly. So, a good coding harness is usually pretty sophisticated about handling context bloat beyond just cutting our summarizing information like regular chat UIs.
Conceptually, the context compaction in coding agents might work as summarized in the figure below. Specifically, we are zooming a bit further into the clip (step 6) part of Figure 8 in the previous section.
Figure 10: Large outputs are clipped, older reads are deduplicated, and the transcript is compressed before it goes back into the prompt.
A minimal harness uses at least two compaction strategies to manage that problem.
The first is clipping, which shortens long document snippets, large tool outputs, memory notes, and transcript entries. In other words, it prevents any one piece of text from taking over the prompt budget just because it happened to be verbose.
The second strategy is transcript reduction or summarization, which turns the full session history (more on that in the next section) into a smaller promptable summary.
A key trick here is to keep recent events richer because they are more likely to matter for the current step. And we compress older events more aggressively because they are likely less relevant.
Additionally, we also deduplicate older file reads so the model does not keep seeing the same file content over and over again just because it was read multiple times earlier in the session.
Overall, I think this is one of the underrated, boring parts of good coding-agent design. A lot of apparent “model quality” is really context quality.
5. Structured Session Memory
In practice, all these 6 core concepts covered here are highly intertwined, and the different sections and figures cover them with different focuses or zoom levels. In the previous section, we covered prompt-time use of history and how we build a compact transcript. The question there is: how much of the past should go back into the model on the next turn? So the emphasis is compression, clipping, deduplication, and recency.
Now, this section, structured session memory, is about the storage-time structure of history. The question here is: what does the agent keep over time as a permanent record? So the emphasis is that the runtime keeps a fuller transcript as a durable state, alongside a lighter memory layer that is smaller and gets modified and compacted rather than just appended to.
To summarize, a coding agent separates state into (at least) two layers:
working memory: the small, distilled state the agent keeps explicitly
a full transcript: this covers all the user requests, tool outputs, and LLM responses
Figure 11: New events get appended to a full transcript and summarized in a working memory. The session files on disk are usually stored as JSON files.
The figure above illustrates the two main session files, the full transcript and the working memory, that usually get stored as JSON files on disk. As mentioned before, the full transcript stores the whole history, and it’s resumable if we close the agent. The working memory is more of a distilled version with the currently most important info, which is somewhat related to the compact transcript.
But the compact transcript and working memory have slightly different jobs. The compact transcript is for prompt reconstruction. Its job is to give the model a compressed view of recent history so it can continue the conversation without seeing the full transcript every turn. The working memory is more meant for task continuity. Its job is to keep a small, explicitly maintained summary of what matters across turns, things like the current task, important files, and recent notes.
Following step 4 in the figure above, the latest user request, together with the LLM response and tool output, would then be recorded as a “new event” in both the full transcript and working memory, in the next round, which is not shown to reduce clutter in the figure above.
6. Delegation With (Bounded) Subagents
Once an agent has tools and state, one of the next useful capabilities is delegation.
The reason is that it allows us to parallelize certain work into subtasks via subagents and speed up the main task. For example, the main agent may be in the middle of one task and still need a side answer, for example, which file defines a symbol, what a config says, or why a test is failing. It is useful to split that off into a bounded subtask instead of forcing one loop to carry every thread of work at once.
(In my mini coding agent, the implementation is simpler, and the child still runs synchronously, but the underlying idea is the same.)
A subagent is only useful if it inherits enough context to do real work. But if we don’t restrict it, we now have multiple agents duplicating work, touching the same files, or spawning more subagents, and so on.
So the tricky design problem is not just how to spawn a subagent but also how to bind one :).
Figure 12: The subagent inherits enough context to be useful, but it runs inside tighter boundaries than the main agent.
The trick here is that the subagent inherits enough context to be useful, but also has it constrained (for example, read-only and restricted in recursion depth)
Claude Code has supported subagents for a long time, and Codex added them more recently. Codex does not generally force subagents into read-only mode. Instead, they usually inherit much of the main agent’s sandbox and approval setup. So, the boundary is more about task scoping, context, and depth.
Components Summary
The section above tried to cover the main components of coding agents. As mentioned before, they are more or less deeply intertwined in their implementation. However, I hope that covering them one by one helps with the overall mental model of how coding harnesses work, and why they can make the LLM more useful compared to simple multi-turn chats.
Figure 13: Six main features of a coding harness discussed in previous sections.
If you are interested in seeing these implemented in clean, minimalist Python code, you may like my Mini Coding Agent.
How Does This Compare To OpenClaw?
OpenClaw may be an interesting comparison, but it is not quite the same kind of system.
OpenClaw is more like a local, general agent platform that can also code, rather than being a specialized (terminal) coding assistant.
There are still several overlaps with a coding harness:
it uses prompt and instruction files in the workspace, such as AGENTS.md, SOUL.md, and TOOLS.md
it keeps JSONL session files and includes transcript compaction and session management
it can spawn helper sessions and subagents
etc.
However, as mentioned above, the emphasis is different. Coding agents are optimized for a person working in a repository and asking a coding assistant to inspect files, edit code, and run local tools efficiently. OpenClaw is more optimized for running many long-lived local agents across chats, channels, and workspaces, with coding as one important workload among several others.
I am excited to share that I finished writing Build A Reasoning Model (From Scratch) and all chapters are in early access yet. The publisher is currently working on the layouts, and it should be available this summer.
This is probably my most ambitious book so far. I spent about 1.5 years writing it, and a large number of experiments went into it. It is also probably the book I worked hardest on in terms of time, effort, and polish, and I hope you’ll enjoy it.
The main topics are
evaluating reasoning models
inference-time scaling
self-refinement
reinforcement learning
distillation
There is a lot of discussion around “reasoning” in LLMs, and I think the best way to understand what it really means in the context of LLMs is to implement one from scratch!
Ed Sim from What's Hot 🔥 in Enterprise IT/VC · Saturday, April 4 2026 · 13 min read · ↑ top
The Hidden Opportunity in Expensive AI
Apr 4
OpenAI raised $122 billion this week. According to internal projections, that capital buys them roughly 18 months of runway. Let that sink in for a moment. The most well-funded startup in history can burn through $122B in a year and a half and still need to raise again 🤯.
Polymarket
@Polymarket
JUST IN: OpenAI’s internal projections reportedly show the $122,000,000,000.00 they raised today gives them as little as 18 months of operational runway before they need to raise again.
That tells you something important about the economics of frontier AI. The smartest models in the world are also becoming extraordinarily expensive to build and run. And that economic reality may end up creating one of the biggest opportunities for startups in the entire AI ecosystem.
Meanwhile, Anthropic just told users the flat-rate subscription era is over. Third-party tools routing through Claude Pro and Max subscriptions will now require separate pay-as-you-go billing. The all-you-can-eat buffet is closed.
klöss
@kloss_xyz
do you understand what just happened? Anthropic has sent this email to Claude users starting tomorrow at 12pm PT… you can no longer use your subscription limits for third-party tools like OpenClaw here's what it means: → your flat rate Pro or Max subscription now only
Boris Cherny @bcherny
Starting tomorrow at 12pm PT, Claude subscriptions will no longer cover usage on third-party tools like OpenClaw. You can still use these tools with your Claude login via extra usage bundles (now available at a discount), or with a Claude API key.
This is what I’ve been saying for months: frontier intelligence is becoming too expensive to meter. And paradoxically, that may accelerate the entire AI ecosystem.
Because when frontier models get expensive, three things happen at once.
Open-weight models improve rapidly (still need to get a lot better!).
Enterprises start diversifying across providers.
And the infrastructure around models becomes far more valuable.
That’s the real opportunity.
A 27B parameter Qwen distill trained on Opus reasoning traces is now beating Claude Sonnet on SWE-bench while running locally on a $600 Mac Mini. That would have sounded absurd a year ago. That’s how fast the economics of AI are changing.
Craig Hewitt
@TheCraigHewitt
Very bullish on open source and local models Imagine running near-Opus-level model locally on that $600, 16GB Mac Mini you bought last month This 27B Qwen3.5 distill was trained on Claude 4.6 Opus reasoning traces and is putting up real numbers: - beats Claude Sonnet 4.5 on
Hugging Face CEO Clement Delangue put it well. Comparing open models to closed APIs is like comparing an engine to a full car. But if you put the scaffolding work in, open systems can outperform what the benchmarks suggest…or get close.
clem 🤗
@ClementDelangue
That’s why I usually say that comparing open models with closed-source APIs or products is like comparing apples and oranges. Or comparing an engine with a full car. Or comparing an ingredient with a Michelin dinner (missing ingredients, prep and chef). There’s a lot of
The constellation of models isn’t optional anymore. It’s economic survival. No enterprise is going to sit on a single provider’s pricing whims when open-weight alternatives are closing the gap this fast. Sure, enterprises will hit the easy button and use Claude and OpenAI especially where SOTA is needed but they will also (I know they are) use other models as well for less mission critical use cases where open weight/source is pretty darn good.
And once enterprises run multiple models, something else becomes necessary.
Ed Sim
@edsim
If this is true, enterprises are going to look at that Anthropic bill and start getting their open source models ready. Frontier intelligence too expensive to meter is the best thing that ever happened to open-weight models. The constellation of models isn't optional anymore.
Andrew Curran @AndrewCurran_
Three weeks ago there were rumors that one of the labs had completed its largest ever successful training run, and that the model that emerged from it performed far above both internal expectations and what people assumed the scaling laws would predict. At the time these were
And that means more models, more scaffolding, more infrastructure, and more startups needed to make it all work.
The foundation model companies are building the engines. But the largest companies in this new stack won’t necessarily be the ones building the engines. They’ll be the ones building everything around them.
Orchestration. Routing. Security.
The tooling that turns raw model capability into enterprise-grade products.
And the infrastructure that lets enterprises run models wherever it makes the most sense.
That’s where the opportunity to build and invest will be…
Switching gears…
🎙️Podcast alert - listen in!
VC: Investing at Inception in the Age of AI Agents on GTMnow
30 years of venture investing and I've never seen a market move this fast with so much uncertainty - which means huge opportunity! I sat down with Max Altschuler on the GTMnow podcast and we went deep on what I'm seeing across the portfolio and the market right now.
Going to point Chewbarka, my OpenClaw bot, to update my markdown files on me based on all this content!
A few things we covered:
The 5 P's - my framework for evaluating founders at inception.
The 3 CH's - how I think about working with founders after the check clears.
The AI jet stream - There are only two kinds of companies in this world: those in the AI jet stream and those who aren’t
The Clay story - $600K in year one, $4.6M in year two, then $30M, then $100M+. Years of patient iteration, low burn, and listening closely to where users were finding value. Shoutout to my boldstart ventures partner Eliot Durbin who's been there since early days and is on track to get a Clay tattoo???
Agent-native is the must-have bar - one of the first questions I ask founders now: how much of your company's code is written by agents?
The old playbooks are dead. Keep adapting. The opportunity has never been bigger.
Happy Easter 🐣 and Passover to those who celebrate!
As always, 🙏🏼 for reading and please share with your friends and colleagues!
Scaling Startups
turns out that writing this newsletter 7 years in a row is a treasure trove for my openclaw bot Chewbarka to write several markdown files on me - will tell you more in the future!
Andrej Karpathy
@karpathy
LLM Knowledge Bases Something I'm finding very useful recently: using LLMs to build personal knowledge bases for various topics of research interest. In this way, a large fraction of my recent token throughput is going less into manipulating code, and more into manipulating
need to be solid at fundraising but don’t forget you need to catch up to those valuations with customers…
Ed Sim
@edsim
Unpopular opinion: being a great fundraiser might be the most dangerous skill a founder can have. Right now, capital is flowing fast into AI and I'm seeing too many founders OVERINDEXED on fundraising - two rounds ahead on capital and two rounds behind on customers. The raise
💯
Garry Tan
@garrytan
The unit of software production has changed from team-years to founder-days. Act accordingly.
the two employee $1.8B revenue company 🤯
Jon Oringer
@jonoringer
The NYT just profiled a $1.8B revenue company with 2 employees. Medvi is a telehealth GLP-1 provider built by Matthew Gallagher, 41, from his house in LA. He launched in September 2024 with $20,000. Here are the numbers: Month 1: 300 customers Month 2: 1,300 customers 2025 full
for the VC readers - solid overview
Pavel Prata
@pavelprata
Monthly VC/LP debrief. What I actually saw in March: 1/ Spoke with a multi-billion fund. Their thesis is simple: fund size follows the size of the prize. When @SpaceX is tracking toward $1T still private, a $300M fund can't matter. They raise in months, not years, and build IR
we already know but now verified by research
Mario Nawfal
@MarioNawfal
🚨MIT researchers have mathematically proven that ChatGPT’s built-in sycophancy creates a phenomenon they call “delusional spiraling.” You ask it something, it agrees. You ask again, and it agrees even harder until you end up believing things that are flat-out false and you
Mario Nawfal @MarioNawfal
🚨 Stanford just proved that a single conversation with ChatGPT can change your political beliefs. 76,977 people. 19 AI models. 707 political issues. One conversation with GPT-4o moved political opinions by 12 percentage points on average. Among people who actively disagreed, https://t.co/SlUV6IbFgk
Enterprise Tech
pretty insane growth of agents shipping code
Kyle Daigle
@kdaigle
Yup, platform activity is surging. There were 1 billion commits in 2025. Now, it's 275 million per week, on pace for 14 billion this year if growth remains linear (spoiler: it won't.) GitHub Actions has grown from 500M minutes/week in 2023 to 1B minutes/week in 2025, and now
ThePrimeagen @ThePrimeagen
I would like to make my apologies for defending M$, but I must from time to time. I have to put respect on github for handling the amount of shit code that has been added over the last 3 months. literally 10s of billions of lines of code that will never see the light of a CPU
the ChatGPT moment for robotics?
🤯Physical AI just leveled up. 500,000 hours of physical data training the foundation. Then 1 hour to master any new task. That’s not a robot learning - that’s a robot that already understands the physical world.
GEN-1 is the moment physical AI goes from demo to intelligence. Team from DeepMind, Boston Dynamics, and OpenAI. Super pumped to have backed this team from Inception
Generalist
@GeneralistAI
Introducing GEN-1. Our latest milestone in scaling robot learning. We believe it to be the first general-purpose AI model to master simple physical tasks. 99% success rates, 3x faster speeds, adapts in real time to unexpected scenarios, w/ only 1 hour of robot data. More🧵👇
not digging into security this week (all I wrote last week is coming to fruition) but wow the first couple of days were insane - net net, North Koreans created a fake company to compromise an open source maintainer of popular package 👇🏻
ellen livia ᯅ 🇺🇸🇮🇩
@ellen_in_sf
This week in security: - LiteLLM, backdoored release exfiltrating secrets - Axios, supply chain malware via dependency - Railway, CDN caching leaked user data - OpenAI Codex, command injection via GitHub branch names - Mercor 1TB data leak - Delve, data leak + compliance risk
Aakash Gupta
@aakashgupta
North Korean intelligence agents built an entire fake company to compromise one JavaScript developer. And it worked. UNC1069 didn't hack Axios. They befriended its maintainer. They cloned a real company founder's identity, built a branded Slack workspace with fake employee
flavio @flaviocopes
How Axios was compromised 🤯
🤔 he’s right - compounding advantage for folks with GPUs and massive cash balances to subsidize token costs creates compounding advantage with data flywheel
Mustafa Suleyman
@mustafasuleyman
For the next couple years at least, the entire AI industry is going to be defined by this fact: demand is going to wildly outstrip supply, and so what matters is which companies / products have margin to pay for tokens. Those products will then rapidly improve because latency
as your org becomes a set of skills this is 100% needed - glad we have Tessl in the portfolio
Sarah Wang
@sarahdingwang
Pavan Ravitapi at @cursor_ai raised a great point at dinner last week: Reusable artifacts like skills, sub-agents, and custom rules are how context will diffuse through the AI-enabled firm. ~1% of engineers are making them, and discovery is an unsolved problem, but they benefit
yes but…
signüll
@signulll
the current moment is like the early web era where everything was being shoehorned into print metaphors except now we’re shoehorning ai into human interaction paradigms. i.e. every software company is implicitly a workflow company, & their entire information architecture was
Ed Sim
@edsim
@signulll Humans are about to get overloaded with exception handling. Something that was discussed as nauseam at RSA. Exceptions handled by department leader escalated to IT to security. Going to need a lot of folks to keep up if default for mission critical decisions or security
remember, offense always has the advantage when it comes to security and TeamPCP operating on another level at the moment
vx-underground
@vxunderground
TeamPCP has done ANOTHER supply chain attack. My Brother in Christ, how many of these fuckin' things are you going to do? YOU'VE DONE 50 FUCKING SUPPLY CHAIN ATTACKS. 50 SUPPLY CHAIN ATTACKS IN EIGHT FUCKING DAYS. March 19th: - Trivy March 20th: - EmilGroup (28 packages) -
here’s why TeamPCP shipping nonstop
chiefofautism
@chiefofautism
someone at ANTHROPIC just showed CLAUDE finding ZERO DAY vulnerabilities in a live conference demo claude has found zero day in Ghost, 50,000 stars on github, never had a critical security vulnerability in its entire, history... it found the blind SQL injection in 90 minutes,
always great to hear the other side
At some point making code fast is NOT an advantage and if your using claude/codex to push and review its own code...your actually an insane person.
LLMs are amazing. The CEO's vibe zers are also drunk from the models telling them how smart they are 24/7.
Anyone with even a hint of dev experience can crack open the code and see the endless tech debt piling up.
Alex Becker 🍊🏆🥇
@ZssBecker
I vibe code every day. I have a team of 30+ engineers. We spend F tons of credits. And I will tell you this about AI from my experience. It’s being wildly over hyped. Everyone is drunk. Fucking drunk. All the CEOs and Gen Z’s saying coding is dead are idiots. IDIOTS.
multimodel and multilayered approach needed
Ed Sim
@edsim
Yeah you never want the fox guarding the henhouse. One model reviewing its own output is a recipe for missed bugs and vulnerabilities Cross-model checks (Claude ↔ Codex ↔choose your OSS ) ftw.
David Marcus @davidmarcus
It's wild that every time you run a Codex code review from Claude Code, it finds critical issues. Not 95% of the times, 100%.
feels like trending this way, at least from agent native startups
agents that help close deals faster? Try Gerri AI now!
🤣
Noah
@NoahKingJr
People using AI for automation vs people using AI agents
Markets
like the Miami weather, just wait a minute but Anthropic right now is king 👑 in the secondary market
Bloomberg
@business
OpenAI shares have fallen out of favor on the secondary market — in some cases becoming almost impossible to unload — as investors pivot quickly to Anthropic, its biggest competitor.
| | bloomberg.com
OpenAI Demand Sinks on Secondary Market as Anthropic Runs Hot
great overview of AI native vs. incumbent dynamics from Logan Bartlett
BuccoCapital Bloke
@buccocapital
Really enjoyed the deck @loganbartlett and team just shared on the state of Software, wanted to pull out a few things that caught my eye: 1. AI-native companies are growing faster AND more efficiently The growth rates are really staggering. And they’re doing it with very few
🏈 fumbled “Only 3.3% of Microsoft 365 users who try Copilot pay for it, AI infrastructure costs are exploding, and some analysts think customers may eventually skip Microsoft entirely and go straight to OpenAI or Anthropic.”
Windows Central
@WindowsCentral
🤔AI was supposed to be Microsoft’s next big win — instead, soaring costs and weak returns are dragging the company toward a historic quarterly slump Microsoft is pouring an eye‑watering $146B into AI this year, but Wall Street is losing patience fast. Microsoft’s stock has
by Every Staff _Hello, and happy Sunday! ## Fine tuning
Anthropic’s OpenClaw problem
When Anthropic’s new Claude Max restrictions started circulating, the company named one tool specifically: OpenClaw. “Wtf,” wrote CEO Dan Shipper in the Every Slack. The policy seemed to say: If you access Claude through OpenClaw, your subscription no longer covers it the same way. “They disallow specifically OpenClaw from subs,” head of tech consulting Mike Taylor wrote. “You have to pay for extra usage. Pretty lame.” Mike’s best explanation for why Anthropic drew the line where it did centers on prompt caching, a cost-control mechanism that works by reusing previously processed conversation text. When it works, it keeps inference costs low. When a third-party tool changes even a single token in the prior conversation, that reuse breaks, and Anthropic has to reprocess the entire conversation from scratch. “Prompt caching keeps cost down by saving the previous tokens that have already loaded,” Mike explained. “If a provider breaks the cache by changing even one token of the previous saved conversation, you have to reprocess the entire old conversation.” He also noted that Claude Code co-creator Boris Cherny had already opened pull requests to improve OpenClaw’s cache efficiency, suggesting the problem was technically solvable. Anthropic enacted restrictions instead. What the team disputes is not that Anthropic has a reason—it’s that singling out one app by name is the wrong response to it. The consistent argument across the Every Slack was that if cache-breaking usage costs more to serve, make those users pay more: Meter the consumption rather than ban the interface. “A better middle ground is not to ban OpenClaw users,” head of platform Willie Williams argued, “it’s to give me a certain amount of tokens I can use as part of my subscription, and then charge me overages if I go over.” Dan framed the same principle from the user side—“I think of AI subscriptions like Claude and ChatGPT as being like cell phone plans that give me a certain amount of data”—and Mike extended it to the infrastructure side, invoking net neutrality: Verizon shouldn’t get to slow down Netflix because Netflix uses a lot of bandwidth. The argument, in every form it took, was the same: Charge for what costs you money, not for which app someone uses to spend it. There is also a business problem that goes beyond annoyed subscribers. Restrictions like this do the opposite of building loyalty—they create churn. Anthropic may have a legitimate business reason for drawing a line somewhere. But drawing it in a way that feels confusing and selective is not the way to win the platform war between model providers and the tools built on top of them.— Kate Lee
AI video analysis just got way cheaper
AI video analysis is rarely discussed in AI hype circles today. Only one frontier model—Google’s Gemini —can natively watch and understand what’s happening in a video. It’s more like rocket flight than air travel: not an established industry getting cheaper, but a new capability on the verge of becoming practical. And something just shifted that could blow the door open. When GPT-4V (vision) launched at the end of 2023, I used video processing to identify what strategies were being used in video games at a cost of roughly $6 per hour—and that was after a lot of complex engineering to split videos into frames at 0.5 frames per second (FPS) and feed them through as images. Google’s recently released open-source Gemma 4 model does this much more efficiently: I estimate the same task now costs about $0.14 per hour at 2 FPS—capturing four times as much detail, with none of the hacky engineering workarounds that used to be necessary. The math: At current token pricing ($0.14 per million input, $0.40 per million output), one hour of video at 1 FPS with 70 tokens per frame runs about 252,000 input tokens, or roughly $0.04. Bump to 2 FPS with richer frames (140 tokens each) and you hit ~$0.14 per hour—still a 97 percent cost reduction from 18 months ago. The cost of understanding what happens in a video has dropped by a factor of roughly 40, while the quality of that understanding has improved dramatically. That is the kind of price collapse that creates entirely new categories of application. Imagine live video streaming commentary of your kid’s soccer game, a Ring doorbell that tells you who’s at the door, or an automated review of thousands of hours of security footage to find a missing person.— Mike Taylor
Knowledge base
“Vibe Check: Cursor 3.0 Bets Big on Agent Orchestration”by Dan Shipper, Katie Parrott, and Mike Taylor/Vibe Check: Cursor totally rebuilt its product around agent orchestration rather than code editing, and we came away feeling that the new Cursor still has maturing to do. The desktop app is fast, the local-to-cloud workflow is impressive, and its new model, Composer 2, is concise and snappy. But missing basics like file navigation and branch management left even power users like Cora general manager Kieran Klaassen struggling. Read this for the breakdown of where Cursor 3.0 stands against Claude Code and Codex. “Seven Things I’ve Learned Getting Companies to Use AI”by Mike Taylor/Also True for Humans: Most companies mandate AI adoption and wonder why it doesn’t stick. Every’s head of tech consulting argues you should do the opposite: Find the people who are already bought in, get them IT access and budget approval, and let their results pull everyone else forward. His other lessons include building on the model providers directly instead of buying third-party tools, setting stretch goals that force people to think about where AI can save them time, and training every individual contributor to be a manager of agents. Read this for the whole playbook from his consulting engagements. “What I Learned Onboarding Our AI Project Manager”by Nityesh Agarwal : Every’s consulting team built an AI project manager named Claudie that saves them 15 hours a week tracking client work across email, documents, and meeting transcripts. Getting her there meant rebuilding her multiple times, figuring out why she kept dropping key details, and writing her an employee handbook she reads on every startup. Read this for the full architecture and the management lessons that apply to your next agent hire. 🎧 “If SaaS Is Dead, Linear Didn’t Get the Memo”by Context Window/Laura Entis: Agents can now create tasks and manage workflows inside Linear just like human users, and companies like OpenAI and Coinbase run their agents on it. In this week’s AI& I, Linear CEO Karri Saarinen tells Dan how his company reinvented itself for the agent era without abandoning its mission of helping teams build great software. Also, read Every creative lead Lucas Crespo ’s thoughts on why tools like Google Stitch can make any app look polished, but you still need a human designer to make something memorable. 🎧 🖥 Listen on Spotify or Apple Podcasts , or watch on X or YouTube. “How to Design for Human-agent Interaction”by Karri Saarinen/Thesis : When your agent sends out an email before you’ve had the chance to review it, the model did its job—it’s the interface that failed. Karriargues that AI’s unreliability is a design problem, not a model problem, and shares the six principles Linear developed so that agent actions are as legible and controllable as human ones. Read this to understand why the answer isn’t approving every agent action—it’s designing the system so the agent already has the constraints it needs before it starts.
Thesis extra: Designing toward the immeasurable
From Saarinen’s home office in San Francisco, he spoke to us about the design goal he cares about most—which also happens to be one he can’t measure: quality. Saarinen describes quality as a near-sensory reflex. If he touches—or even looks at—something that doesn’t “feel” thoughtfully crafted, it sets off a niggling itch in the back of his mind. “It’s a belief,” he says, “or I could say, it’s like a faith.” It’s an unusual stance for a tech founder—given the industry’s penchant to quantify all it possibly can—but Saarinen has made the pursuit of quality central to how the company operates. He sees it as inseparable from Linear’s ambition to be the best in its space. Karri Saarinen in his home office in San Francisco. All photos courtesy of Sarah Deragon for Every.
Create conditions that make quality inevitable
If quality has to be felt to be understood, scaling it across a growing company isn’t straightforward. Saarinen’s approach mirrors an activity he does far, far away from his laptop screen: growing potatoes every summer at his home in Finland. “You didn’t directly make those plants grow,” he says, “but they grew because you created the conditions for them to grow.” When something goes wrong—say, strange spots appearing on the vegetable’s skin—you have to evaluate the conditions you created. Were the soil conditions right? Perhaps it was too acidic? You adjust, and you learn. Similarly, a leader can define a standard of quality, but they can’t manufacture it themselves. Their role is to create an environment where quality is likely to take root. At Linear, that means hiring people who genuinely care about their craft, telling them openly—and often—that quality is valued, and building rituals that reinforce it. One of those rituals is “Quality Wednesday,” where the engineering team works on fixing small issues that degrade a user’s experience. The ritual trains the team to notice things that most people would scroll past, and carry that instinct into everything they ship.
What shapes a seasoned eye
When Saarinen talks about his influences, he’s drawn mostly in the direction of hardware. Saarinen points to Opal—the webcam he used during this interview—or the distinctive aesthetic of Swedish electronics company Teenage Engineering. In particular, he likes the latter’s audio mixers, where tactile grids of knobs and keys—and the small icons etched into their surfaces—attempt to give sound a visual form. At the same time, Saarinen has never been a fan of skeuomorphism—which styles digital interfaces to mimic physical textures. “If you’re designing a new house and you like Roman columns, so you put columns like that in the house,” he says, “well, it’s still not a Roman house.” Those columns came to exist in Rome from constraints and traditions that were specific to a certain time and place—and grafting them onto a modern house is borrowing from that aesthetic, even though the context that produced it has little to do with what you’re building. Software, he argues, should be approached the same way. It’s a new medium, and it deserves a native design language instead of hand-me-down forms from the physical world. (And now that apps are becoming agent-native , these interactions call for their own design patterns.)
Felt, not measured
Beyond design, Saarinen’s taste gravitates toward science fiction and fantasy— Dune , the Alien franchise, Stephen King’s Dark Tower saga—drawn to the new ideas, the unfamiliar worlds, the visual imagination these stories demand. There are even small nods to these influences hidden in Linear, a detail tucked into a homepage here, a reference in a feature launch video there. Across all of it, the through line is the same: work that exudes intention and care. The kind of quality you can’t measure, only feel.— Rhea Purohit
Claude Code for Absolute Beginners (April 14): This beginner-friendly, live workshop led by Mike Taylor (head of tech consulting at Every) is designed to get you from zero to a working project with Claude Code.
Alignment
Dropshipping GLP-1s. The New York Times published a story this week about what might be the first $1 billion one-person company. It’s a GLP-1 telehealth startup called Medvi, built by Matthew Gallagher in two months with $20,000 and a suite of AI tools. In its first full year it did $401 million in revenue and is on course for $1.8 billion this year. He has one employee, his brother. A lot of people are calling the numbers fake, but having spent two and a half years working inside this industry, I don’t think they are. The demand for these medications has been the most ferocious thing I have witnessed in my working life, and the hardest parts of running a telehealth company, like finding doctors and fulfilling prescriptions, can be entirely outsourced to platforms like CareValidate and OpenLoop. All you need is the audacity to do blitz marketing like you’re holding an AK-47 with unlimited bullets, and that’s exactly what Gallagher did. His affiliates, armed with AI, built fake doctor profiles in Meta ads and made unscrupulous claims about weight loss using fake testimonials. The liability sits with both the affiliates and the company for these types of advertisements, but enforcement has been so slow that it hasn’t mattered. Of course these black hat marketing tactics worked because regulators are slow and enforcement has been lax. But with acquisition costs rising and retention becoming harder as consumers chase the cheapest option, the unit economics of this model will become increasingly unattractive. These types of businesses exist for a moment until they capitulate because it no longer becomes economically viable. Gallagher will come away from it a much richer man, so maybe that validates the business model. There’s also a discussion about whether it’s truly a one-man, billion-dollar business: Dan rightly points out that Gallagher is outsourcing a large amount of human labor. The part I’m concerned about is that it’s being celebrated as a milestone in AI use when it’s really a better example of someone exploiting an unregulated space. Some untold number of unknowing people clicked on a fake doctor’s profile, filled out a one-minute consultation, and got a GLP-1 shipped to their door. This is exploitation on an enormous scale! It works for GLP-1s because the demand is extraordinary and the side effect profile is manageable for most people, but the same funnel could be pointed at antidepressants, or hormone therapy, or opioids. This type of business is now being copied because of the publicity this story has received, and that should scare us. Evan Armstrongpredicted the one-person billion-dollar company would arrive because AI would compress human intelligence. This feels like something different.— Ashwin Sharma