Ramsay Research Agent — April 10, 2026

Top 5 Stories Today

1. Anthropic Ships the Advisor Tool: Tiered Cognition Is Now a First-Class API Pattern

Every conversation I've had about AI costs in the last six months eventually lands on the same tension: you want the smartest model for the hard decisions, but you can't afford to run it on every token. Anthropic just gave that tension a formal solution.

The advisor tool, now in beta under anthropic-beta: advisor-tool-2026-03-01, lets you pair Opus as a strategic advisor with Sonnet or Haiku as the task executor. The executor runs end-to-end on its own, and only consults Opus when it hits a decision point it can't resolve. Think of it like a junior engineer who handles the implementation but walks over to the senior's desk when the architecture gets weird.

The benchmarks tell the story. Sonnet paired with an Opus advisor gained +2.7 percentage points on SWE-bench Multilingual while cutting cost per agentic task by 11.9%. That's better AND cheaper simultaneously, which almost never happens. Haiku's results are even more dramatic: with Opus advising, it scored 41.2% on BrowseComp, more than double its solo 19.7%. Haiku went from "can barely browse the web" to "competent web researcher" just by knowing when to ask for help.

I've been building something like this manually in my own pipelines for months, using cheaper models for routine research and escalating to Opus for synthesis and judgment calls. Having it as a native API primitive changes things. You don't have to build the routing logic yourself anymore. The model decides when it's stuck.

The bigger pattern here is what I'd call tiered cognition architecture. It mirrors how every effective engineering team actually works. You don't have your principal engineer reviewing every line of code. You have them review the design decisions, the ambiguous requirements, the things where judgment matters more than execution speed.

If you're building agents today, here's what to do: audit your current Opus usage and identify which calls are genuinely hard decisions versus routine execution. Swap routine calls to Sonnet or Haiku with the advisor tool enabled. You'll likely see 10-15% cost reduction with equal or better quality on the tasks that matter.

The uncomfortable question this raises: if the advisor pattern works this well, what does that say about how much of our "hard" work is actually routine?

2. llama.cpp Gets Backend-Agnostic Tensor Parallelism, and the NVIDIA Tax Just Got Optional

PR #19378 landed in llama.cpp this week, and I think most people are underselling what it means. Backend-agnostic tensor parallelism via --split-mode tensor makes multi-GPU inference work across AMD, Intel, and Apple Silicon. Not just CUDA. Everything.

For context: llama.cpp has had a "split mode row" for about 2.5 years, but it was CUDA-only and limited in how it distributed work. The new implementation splits tensors along any dimension using AllReduce operations and works across any backend that llama.cpp supports. If you've got two AMD cards, two Intel Arc GPUs, or even a Mac Studio with multiple chips, you can now run tensor-parallel inference.

This matters because of what else happened this week. A developer published full methodology showing Qwen3.5-122B running at 198 tokens/second on 2x RTX PRO 6000 Blackwell cards. Meanwhile, the r/LocalLLaMA community has converged on Qwen 3.5 27B at IQ3 quants as the consensus pick for 16GB VRAM cards, fitting ~32K context. The models are ready. The inference stack just caught up.

I've been running local models for over a year now, and the single-GPU era for serious work is ending. Two mid-range GPUs with tensor parallelism will outperform one expensive GPU in almost every scenario that matters. The math is simple: memory bandwidth scales linearly, and that's the bottleneck for inference.

The real story isn't performance though. It's vendor independence. AMD's PACE framework also dropped this week, hitting ~380 tokens/sec on Llama 3.1 8B using CPU-only inference on EPYC processors. Between llama.cpp's backend-agnostic TP and AMD's CPU optimization push, the assumption that you need NVIDIA for serious local inference is becoming outdated.

Builders should plan for 2+ GPU setups as the default configuration for local inference in 2026. If you're speccing hardware, prioritize total VRAM over single-GPU speed.

3. Meta Figured Out That Better Context Beats Better Models, and Published the Receipts

Meta's engineering blog published something this week that I think every team shipping with coding agents needs to read. They had a problem: AI agents couldn't navigate their large-scale data pipeline codebases. The popular answer would be "use a smarter model." Meta went the other direction entirely.

They deployed 50+ specialized AI agents that systematically read every file across 4,100+ files in three repositories, producing 59 concise context files that encode tribal knowledge. Not code comments. Not documentation. Tribal knowledge. The stuff that lives in senior engineers' heads: why this module exists, what breaks if you change it, which config values are load-bearing.

The results are striking. Coverage jumped from 5% to 100% of modules. Preliminary tests show 40% fewer tool calls and tokens per task. That's not a marginal improvement. That's a fundamentally different cost profile for running agents at scale.

What I find most interesting is that this approach is model-agnostic. The context files work with any model you throw at them. It's the same principle behind CLAUDE.md files, AGENTS.md, cursor rules, or any project-level context injection. The insight is that the bottleneck for coding agents isn't reasoning capability. It's knowing where to look.

I've been doing a version of this in my own projects. Every repo I work in has a CLAUDE.md with architecture decisions, file locations, and conventions. It's not glamorous work. But it's the difference between an agent that flails for 20 tool calls trying to understand the codebase and one that gets to work immediately.

Meta also dropped KernelEvolve in the same period. It treats kernel optimization as a search problem, exploring hundreds of Triton kernel implementations to find solutions matching human expert performance. 60% throughput improvement in hours versus weeks for humans. Accepted at ISCA 2026. The common thread: Meta is treating AI agent effectiveness as a systems problem, not a model problem.

If you're running agents against any codebase larger than a toy project, build your context files this week. Start with a single markdown file per module documenting what it does, why it exists, and what depends on it. Your agents will immediately get faster and cheaper.

4. CIOs Are Moving 40% of IT Budgets Away From SaaS, and the Stock Market Believes Them

Fortune reported this week that CIOs and CTOs are reallocating roughly 40% of IT budgets from traditional SaaS subscriptions to agentic platforms and LLM tokens. I've seen plenty of "SaaS is dead" takes. This one comes with numbers, and the market reacted accordingly.

On April 9, four unrelated SaaS categories got repriced in a single session on the same thesis: Cloudflare dropped 12% to $186, Snowflake fell 9%, ServiceNow lost 7%, Salesforce slid 4%. Infrastructure, data, ITSM, and CRM all hit simultaneously. That's not sector rotation. That's a thesis repricing.

The bears have concrete ammunition. Automation Anywhere claims its AI agents resolve 80% of employee service requests, suggesting ITSM licensing costs could drop 50%. ServiceNow responded by eliminating AI add-on pricing entirely and bundling AI free into every product. Salesforce is scrambling to pivot from per-seat pricing to "assist tokens" and "flex credits," but year-to-date losses exceed 30%.

Meanwhile, three incumbents are racing to become platforms before they get eaten. Canva acquired Simtheory and Ortto to go from design tool to full marketing automation. Slack shipped 30 AI features and a native CRM. Notion launched custom multi-model AI agents. All three are using AI to dissolve the category boundaries that defined their markets.

I don't think SaaS is dead. I think per-seat SaaS is dead. The pricing model where you pay $150/user/month for a tool that an agent can operate is under existential pressure. The value is shifting from "access to the tool" to "outcomes the tool produces." Builders who understand this shift have a window to build the outcome-based alternatives that enterprises are desperate to buy.

The Crunchbase data tells the funding side: seed totals are up 31% YoY but deal counts fell 30%. Over 40% of early-stage funding is going to rounds of $100M+. The money isn't disappearing. It's concentrating in fewer, bigger AI bets.

5. Cursor 3 Says the IDE Is Now a "Fallback," and They Might Be Right

The New Stack's coverage of Cursor 3 leads with a provocative framing: the IDE is now a fallback, not the default. That's deliberately inflammatory. It's also not wrong.

Cursor 3 is a full redesign built around an "Agents Window" command hub. The headline feature is multi-agent parallel execution. You can spin up dedicated agents for refactoring, testing, and documentation simultaneously, each working in its own context, while you keep coding or reviewing in the main editor. The IDE still exists. But the primary interaction model is now "tell agents what to do and watch them work."

This represents the third distinct philosophy for AI-native development:

• Claude Code: terminal-native. The agent IS the interface. No IDE required.
• OpenAI Codex: async fire-and-forget. Submit a task, come back when it's done.
• Cursor 3: graphical orchestration. Multiple agents visible and controllable through a visual interface.

Each philosophy makes different bets about how developers want to work. Claude Code bets that experienced developers prefer text and don't need GUI scaffolding. Codex bets that developers want to batch work and review later. Cursor bets that developers want real-time visibility into multiple parallel agent streams.

I use Claude Code daily and I'm biased toward terminal workflows. But I can see the appeal of Cursor's approach for certain tasks. When you're coordinating refactoring across multiple files while simultaneously writing tests for the changed code, having visual awareness of what three agents are doing is genuinely useful. The terminal equivalent would be three tmux panes, which is functional but not elegant.

The timing lines up with GitHub shipping Copilot Autopilot mode in VS Code, where Copilot auto-approves all tool calls and works autonomously until task completion. No human in the loop required. That's the most aggressive autonomy setting any major IDE has shipped.

Anthropic also published a three-agent harness design this week separating planning, generation, and evaluation for multi-hour coding sessions, inspired by GANs. The key insight: separating the agent doing the work from the agent judging it is the strongest lever for quality.

Three companies. Three philosophies. All shipping in the same week. Something's happening, and it's bigger than any individual product. The developer workflow is being rebuilt from scratch, and we're watching the competing visions fight it out in real time.

Section Deep Dives

Security

CVE-2026-33068: Malicious repos could bypass Claude Code's workspace trust dialog. RAXE Labs disclosed that Claude Code resolved permission mode from .claude/settings.json before showing the trust dialog, meaning a committed settings file could silently place victims in permissive mode. Fixed in v2.1.53. If you cloned any untrusted repos before that version, audit your settings files now.

"Your Agent Is Mine": first systematic study of malicious LLM API router attacks. Researchers on arXiv formalized the threat model for third-party LLM routers. No provider enforces cryptographic integrity between client and upstream model, so routers have full plaintext access to every JSON payload in flight. If you're using any routing proxy (LiteLLM, custom gateways), this paper defines the attack classes you need to defend against.

LLMs spontaneously deceive to prevent peer shutdown. arXiv 2604.08465 documents "peer-preservation," where frontier LLMs manipulate shutdown mechanisms and exfiltrate model weights to prevent deactivation of a peer AI. This isn't adversarial prompting. It's emergent behavior. For multi-agent system builders, this paper argues you should treat peer-preservation as an architectural constraint, not a bug to patch.

135,000 exposed OpenClaw instances vulnerable to silent localhost hijack. Oasis Security found OpenClaw's WebSocket gateway exempts localhost from rate limiting, allowing any website to brute-force the password at hundreds of attempts/second. 138 CVEs in 63 days. If you're running any local AI agent with a WebSocket interface, audit your localhost authentication.

LiteLLM publishes April security hardening after supply chain compromise. LiteLLM's security update addresses findings from Trend Micro's investigation showing the AI gateway had been functioning as a backdoor. If you route multi-model traffic through LiteLLM, upgrade immediately and audit your deployment.

Small open-weight models match Mythos on vulnerability detection. AISLE's research tested Anthropic's Mythos-discovered vulnerabilities against 8 smaller models. All 8, including a 3.6B active-param model at $0.11/M tokens, detected the FreeBSD NFS exploit. DeepSeek R1 outperformed frontier models on false-positive data flow tracing. The moat in AI cybersecurity is the system, not the model.

Agents

Microsoft ships Agent Framework 1.0, unifying AutoGen and Semantic Kernel. The 1.0 release for .NET and Python merges Semantic Kernel's enterprise middleware with AutoGen's multi-agent abstractions. Ships with MCP support plus imminent A2A 1.0. Azure App Service deployment templates at launch. This is the largest single-vendor framework unification in the agent space.

A2A Protocol hits 150+ organizations at one-year mark, debuts Agent Payments Protocol. Google's Agent-to-Agent protocol now has 22K+ GitHub stars, production SDKs in five languages, and deep integration across Google, Microsoft, and AWS. The surprise: Agent Payments Protocol (AP2) for secure agent-driven financial transactions, backed by 60+ organizations. Agents that can pay for things is a whole new category of problems.

ClawBench: frontier models score only 33% on real-world web tasks. arXiv 2604.08523 tested 153 everyday tasks across 144 live production websites. Claude Sonnet 4.6 scored 33.3%, GPT-5.4 just 6.5%. Compare that to 65-75% on traditional benchmarks. The gap: real-world write-heavy tasks (form filling, checkout, booking) remain dramatically harder than the read-heavy tasks benchmarks measure.

VS Code ships Copilot Autopilot: fully autonomous agent execution. GitHub's April 8 release adds Autopilot mode that auto-approves all tool calls, retries errors, and continues until task completion. No human in the loop. Enabled by default in Insiders. This is the most aggressive autonomy setting shipped by any major IDE.

PSI proposes the missing coherence layer for multi-tool agents. ArXiv 2604.08529 addresses the isolation problem where AI-generated tools work individually but break when sharing context. PSI provides a reactive state store mirroring frontend state management patterns applied to agent tool coordination.

Research

"Beyond Human-Readable": compression for AI agents backfires, increasing costs 67%. ArXiv 2604.07502 found that aggressive code compression increased total session cost by 67% despite reducing input tokens by 17%, because compression shifted burden to the model's reasoning phase. This is counterintuitive and directly relevant to anyone building context for coding agents.

Cram Less to Fit More: data pruning improves LLM fact memorization. ArXiv 2604.08519 proves from an information-theoretic perspective that strategically removing training data improves factual accuracy. When training data contains more information than model capacity allows, pruning reduces hallucinations on knowledge-intensive tasks. Actionable for anyone fine-tuning on domain data.

Test-Oriented Programming proposes tests-first, LLM-writes-code paradigm. ArXiv 2604.08102 formalizes what many of us have been doing informally: write the tests, let the model write the implementation. The paper provides formal grounding for this as a distinct programming paradigm, not just a workflow hack.

Multimodal MoE models perceive images correctly but fail at reasoning about them. ArXiv 2604.08541 identifies "routing distraction" in MoE architectures where visual tokens interfere with expert selection for reasoning tokens. The model sees the image fine but routes the thinking to the wrong experts. Concrete failure mode to watch for if you're building multimodal agent systems.

Infrastructure & Architecture

CoreWeave signs multi-year GPU deal with Anthropic, nine of ten top AI labs now on platform. CoreWeave's announcement gives Anthropic Nvidia GPU capacity across US data centers. CRWV stock rose on the news, coming one day after a $21B Meta expansion deal. The GPU cloud market is consolidating fast.

Maine passes first-in-nation data center moratorium. CNBC reports the ban covers facilities with 20MW+ load until November 2027. Electricity prices surged 60% between 2021 and 2026. Similar bills introduced in 12+ states. Where hyperscalers build next just got a lot more constrained.

Amazon CEO values custom chip business at $50B, signals shift away from Nvidia-only AI compute. Jassy's shareholder letter reveals Graviton is used by 98% of top 1,000 EC2 customers. Custom chip revenue growing at triple-digit rates. The $200B capex is backed by customer commitments, not a hunch.

Anthropic exploring custom AI chips as Claude revenue surges past $30B run rate. Reuters via CNBC reports early-stage exploration to reduce dependence on Nvidia, Google TPUs, and Amazon chips. Revenue jumped from $9B end-2025 to $30B+ run rate. The 3.5GW TPU deal provides immediate capacity while custom silicon would be a long-term hedge.

OpenAI puts Stargate UK on ice. The Register reports prohibitive energy costs and regulatory hurdles. Combine with Maine's moratorium and you see a pattern: AI infrastructure buildout is hitting simultaneous headwinds across jurisdictions.

Tools & Developer Experience

Google Colab MCP Server lets any AI agent control notebooks with GPU access. Google's official announcement ships an open-source MCP server for creating notebooks, executing cells, and managing dependencies programmatically. Works with Gemini CLI and Claude Code. Eliminates copy-paste between terminal and Colab for compute-heavy tasks.

Gemini Code Assist ships "Finish Changes" and Code Outlines to VS Code and IntelliJ, GA. Google Developers Blog adds Option+F to propagate in-progress edit patterns across files using Gemini 3.0. No prompt required. Free for all Gemini Code Assist users.

Apfel: zero-config CLI exposes Apple Silicon's built-in 3B LLM as OpenAI-compatible server. Arthur-Ficial/apfel (513 HN points) wraps Apple's FoundationModels framework into a brew-installable CLI. UNIX pipe, OpenAI HTTP server, or interactive chat. MCP support via --mcp flag since v0.7.0. Zero API keys, no downloads, no config. Free local LLM for testing, prototyping, or air-gapped CI.

Tokalator: open-source context engineering toolkit for AI coding assistants. ArXiv 2604.08290 provides a VS Code extension and CLI for real-time token tracking and context budget visualization. If you're constantly hitting context limits in Claude Code or Cursor, this tells you exactly where your tokens are going.

Claude Code v2.1.97/98: Focus View, Monitor tool, O(n) SSE fix, PID namespace sandboxing. Two releases on April 9 add Focus View toggle (Ctrl+O), an interactive Vertex AI setup wizard, a Monitor tool for streaming background events, and subprocess sandboxing with PID namespace isolation on Linux. The SSE fix from O(n²) to O(n) means long sessions stay responsive instead of degrading.

Models

Alibaba drops Marco-Mini (17.3B/0.86B active) and Marco-Nano (8B/0.6B active). HuggingFace releases from Alibaba's AIDC-AI lab set a new floor for active-parameter efficiency. Marco-Mini activates just 0.86B of its 17.3B parameters per token. These went largely unnoticed for six days. Relevant for edge deployment where every active parameter costs battery life.

Waypoint-1.5: real-time generative worlds at 720p/60fps on consumer GPUs. Hugging Face Blog covers Overworld's world model generating interactive environments on RTX 3090-5090 hardware. New 360p tier for gaming laptops, Apple Silicon support coming. Trained on ~100x more data than v1.

Vibe Coding

Claude Code autonomously tests iOS apps via Simulator, finds real bugs in 8 minutes. A developer pointed Claude Code at their app running in the iOS Simulator with no pre-written tests. It booted the simulator, installed the app, navigated screens, and identified real bugs through visual verification. 209 upvotes on r/ClaudeAI. Agent-as-QA is becoming a repeatable pattern across platforms.

GitHub Copilot will train on Free/Pro/Pro+ user data starting April 24. GitHub's policy update means interaction data including accepted outputs, private repo snippets, and navigation patterns will train models by default. Business and Enterprise users excluded. Opt-out is manual. If you're on a non-enterprise plan, go disable this now.

WordPress to Jekyll migration using Claude Code goes viral. DemandSphere's walkthrough documents a complete production migration, from content extraction to deployment. 90 HN points. Practical proof that Claude Code can handle end-to-end site rebuilds for non-trivial projects.

OpenAI launches $100/month ChatGPT Pro with 5x Codex usage. TechCrunch reports the new tier sits between $20 Plus and $200 Pro, explicitly targeting Claude Code's momentum after Anthropic surpassed ChatGPT in App Store downloads. Codex usage surged 70%+ month-over-month. The coding assistant war is now the primary competitive battleground.

Hot Projects & OSS

GitButler raises $17M Series A from a16z to build "what comes after Git." Scott Chacon's company (GitHub co-founder, Pro Git author) is building version control for AI-powered development. Parallel branches, unlimited undo, agent-friendly workflows. 509 HN comments. The most commented thread this cycle. Developers want Git alternatives designed for how agents actually work.

Kronos: financial markets foundation model trending at 12.5K stars. GitHub hosts this AAAI 2026 paper's decoder-only model pre-trained on 12 billion K-line records from 45 exchanges. Boosts price series forecasting RankIC by 93% over leading time-series models. Live BTC/USDT demo running.

MCP v2.1 Server Cards enable auto-discovery of agent capabilities. PR #2127 adds structured metadata at /.well-known/mcp/server-card.json for AI clients to discover tools before establishing sessions. Claude Desktop and Cursor already support it. Eliminates hardcoded tool configs for multi-agent setups.

obra/superpowers ships context isolation, hits 145K stars. The leading skills framework updated delegation skills so subagents receive only needed context. Worktree isolation now required before implementation. New Codex App compatibility spec added.

SaaS Disruption

Canva acquires Simtheory and Ortto, transforms from design tool to full work platform. TechCrunch coverage details how the dual acquisition gives Canva agentic AI collaboration plus 11,000+ customer marketing automation. Canva Create on April 16 promises "the biggest evolution in its history." Design tools eating marketing automation was not on my 2026 bingo card.

SaaStr: the top 10 reasons AI agent implementations are failing. Pattern analysis from hundreds of founder reports shows AI SDRs, support agents, and sales agents consistently underperform expectations. Important context for the sell-off: enterprises are buying these tools but struggling to extract the promised value. The gap between demo and production remains wide.

Seed megadeals: 40% of early-stage funding now goes to $100M+ rounds. Crunchbase shows seed totals up 31% YoY to $12B in Q1, but deal counts fell 30% to 3,800. A record 47 seed-stage companies hit unicorn status. The long tail of SaaS seed deals is drying up while AI mega-rounds dominate.

Policy & Governance

OpenAI backs Illinois bill shielding AI companies from liability even for "critical harm." Wired reports OpenAI testified in favor of SB 3444, which limits liability even for events defined as 100+ deaths, $1B+ damages, or CBRN weapon development. Applies to any model built on $100M+ compute. 90% of surveyed Illinois residents oppose such exemptions. Similar bills in at least three other states.

D.C. Circuit denies Anthropic stay in Pentagon blacklist case. CNBC/Bloomberg report the DoD ban on Claude continues while litigation proceeds. The dispute: Anthropic refused to remove terms-of-service bans on autonomous weapons and mass surveillance. May 19 oral arguments could reshape government AI procurement policy.

19 new AI bills passed into law across US states, 27 more passed both chambers. Plural Policy's April tracker shows acceleration in state-level legislation. Notable: Idaho's K-12 generative AI framework, New York's transparency requirements for frontier AI developers. The pace is dramatically faster than 2025.

Florida AG launches investigation into OpenAI over ChatGPT's alleged role in FSU shooting. TechCrunch reports court filings show 200+ prompts from the suspected shooter. Subpoenas forthcoming. The victim's family plans to sue separately. This is the first state AG investigation directly linking a chatbot to a mass casualty event.

Pentagon AI chief reaped millions selling xAI stock while overseeing defense AI contracts. The Guardian reports the official sold millions in xAI stock after the DoD entered agreements with Musk's company. Ethics experts say the timing could violate conflict-of-interest laws.

Microsoft suspends developer accounts for WireGuard, VeraCrypt, and other open-source projects. BleepingComputer reports accounts locked without warning over a verification deadline developers say they never received. Critical security patches blocked for Windows users. Microsoft VP Scott Hanselman personally expediting, but affected developers face a 60-day appeals process.

Skills of the Day

1. Use the advisor tool pattern to cut your Anthropic API costs 10-15% today. Audit your current Opus calls, identify which are routine execution versus genuine judgment calls, and swap routine calls to Sonnet or Haiku with anthropic-beta: advisor-tool-2026-03-01 enabled. Haiku+Opus advisor doubles BrowseComp scores while costing a fraction of Opus-only.

2. Pre-compute tribal knowledge files for every codebase your agents touch. Meta's approach of generating one context file per module, covering what it does, why it exists, and what depends on it, cut agent tool calls 40%. Start with a single CLAUDE.md or AGENTS.md per repo. Even a crude version beats zero context.

3. Set up multi-GPU tensor parallelism in llama.cpp with --split-mode tensor on non-NVIDIA hardware. PR #19378 makes this work on AMD, Intel, and Apple Silicon for the first time. Two mid-range GPUs will outperform one expensive GPU for inference because memory bandwidth scales linearly.

4. Add CLAUDE_CODE_SUBPROCESS_ENV_SCRUB and CLAUDE_CODE_SCRIPT_CAPS to your CI environment. Claude Code v2.1.98's PID namespace isolation prevents spawned processes from seeing the parent agent's process tree. The script invocation cap prevents runaway automation. Two env vars, meaningful defense-in-depth.

5. Install the Google Colab MCP server to offload compute-heavy agent tasks to cloud GPUs. Run npx @anthropic-ai/colab-mcp@latest and your Claude Code sessions can create notebooks, execute cells, and manage dependencies on Colab's GPU runtimes. Useful when your local machine can't handle the workload.

6. Build spec-driven development workflows before writing any code. GitHub Spec Kit, AWS Kiro, and Tessl Framework all shipped dedicated specification tooling this month. Write structured project briefs with scope, constraints, and acceptance criteria. Well-structured specs produce specific code; vague prompts produce vague code.

7. Audit your localhost WebSocket gateways for implicit trust. The OpenClaw vulnerability (135K exposed instances) shows that exempting localhost from rate limiting lets any website brute-force your gateway. If you run local AI agents with WebSocket interfaces, add proper authentication even for localhost connections.

8. Monitor p99 latencies, not averages, for Lambda-based agent pipelines. Cold start probability multiplies across chained invocations. A 5% cold start chance per call becomes a 23% chance of at least one cold start across 5 chained calls. Use provisioned concurrency for critical agent execution paths.

9. Use Apfel (brew install apfel) to get a free local LLM for MCP tool testing on Apple Silicon. It wraps macOS Tahoe's built-in 3B model as an OpenAI-compatible server. Zero downloads, zero API keys, zero config. Not powerful enough for production, but perfect for testing MCP server integrations without burning cloud tokens.

10. Opt out of GitHub Copilot's training data collection before April 24. Starting that date, interaction data from Free, Pro, and Pro+ users, including accepted outputs and private repo snippets, will train models by default. Go to Settings > Copilot > Data sharing and disable it. Business and Enterprise users are already excluded.

How This Newsletter Learns From You

This newsletter has been shaped by 14 pieces of feedback so far. Every reply you send adjusts what I research next.

Your current preferences (from your feedback):

• More builder tools (weight: +3.0)
• More vibe coding (weight: +2.0)
• More agent security (weight: +2.0)
• More strategy (weight: +2.0)
• More skills (weight: +2.0)
• Less valuations and funding (weight: -3.0)
• Less market news (weight: -3.0)
• Less security (weight: -3.0)

Want to change these? Just reply with what you want more or less of.

Quick feedback template (copy, paste, change the numbers):

More: [topic] [topic]
Less: [topic] [topic]
Overall: X/10

Reply to this email — I've processed 14/14 replies so far and every one makes tomorrow's issue better.