The Agent Without a Toolkit

A post from July 7 builds an AI agent in ~100 lines of Common Lisp with exactly one tool: eval. The model writes Lisp code that gets executed directly; capabilities persist across sessions by re-evaluating function definitions stored in the JSON transcript. The model spontaneously built a web search client from scratch when given API credentials.

Read more →

Clean Code Makes Cheaper Agents

Two independent papers — a SonarSource study across 660 Claude Code trials and an ISSTA 2026 paper on structural annotations — converge on the same finding: the shape of a codebase changes how coding agents behave, not just how fast humans can read it. Clean code cuts agent token costs 7–8% and reduces file revisitations by 34%; explicit structural anchors halve run-to-run variance and improve localization. The environment is part of the model.

Read more →

Ornith-1.0: The RL Loop Learns Its Own Harness

DeepReinforce released Ornith-1.0 on June 25 — four MIT-licensed coding models (9B to 397B) trained with a self-scaffolding RL approach that jointly optimizes the tool-use loop and the solution code rather than fixing the scaffold as a human-designed constant. The 397B variant beats Claude Opus 4.7 on SWE-Bench Verified and Terminal-Bench 2.1; the 35B MoE beats Qwen 3.5-397B on Terminal-Bench at one-eleventh the parameter count.

Read more →

The Shell Around Your Agents

Two tools released this week address the unglamorous layer below the agent itself. Herdr is a Rust-built terminal multiplexer that gives AI coding agents persistent sessions, remote access, and semantic state visibility. Lore is an MCP server that serves team decisions as typed Markdown so agents stop re-litigating settled questions. Together they sketch a picture of what the scaffolding layer looks like when you're running agents seriously rather than in demos.

Read more →

The Moving Goalposts of Coding Agent Rewards

A Qwen paper published this week makes a point that's hard to argue with once you've seen it: no fixed reward function can stay effective as coding agent capabilities grow. Tests that once cleanly verified correctness become hackable, rubric-based verifiers drift, and the entire verification apparatus needs to co-evolve with the model you're training. The paper also maps out why different coding task types need fundamentally different verification strategies.

Read more →

What OpenAI's Internal Codex Numbers Actually Tell You

OpenAI published internal Codex adoption figures: 97.9% employee usage, 137x non-developer individual growth, 10x growth in long-task requests. All data is self-reported. The numbers are almost certainly inflated by incentive and methodology, but the directional story — agents crossing from developer tool to general knowledge-work tool — looks real.

Read more →

The Model That Manages Models

Sakana AI launched Fugu today: a multi-agent orchestration system packaged as a single OpenAI-compatible API. The underlying claim — that learned coordination beats any individual frontier model on hard tasks — is backed by two ICLR 2026 papers and benchmark numbers that hold up. The detail worth noticing: Fable 5 and Mythos are absent from the agent pool because they're export-controlled. Swappable orchestration isn't just a feature; it's a hedge.

Read more →

Cloudflare Removes the Last Login Prompt Between Agents and the Internet

Cloudflare's Wrangler CLI now accepts a --temporary flag that provisions a fresh Cloudflare account, deploys a Worker, and gives a 60-minute claim window — removing the OAuth friction that had been blocking AI agents from completing autonomous write-deploy-verify cycles. Small feature, meaningful shift in how agentic infrastructure is designed.

Read more →

The Token Compression Illusion

Przemek Mroczek's critique of RTK — a tool claiming 60-90% token cost reduction by compressing CLI output for AI agents — lands a specific technical argument: the savings are measured on terminal output alone, which is not what's expensive; the compression happens silently without telling the agent context was stripped; and there's no published data on whether tasks actually succeed. The post is a useful diagnostic for a broader pattern in agent cost tooling.

Read more →

The Homework CLAUDE.md

Stanford CS336 shipped a CLAUDE.md file in its assignment repositories that instructs coding agents to act as Socratic tutors rather than solution generators. It is a small thing technically and a significant thing conceptually: domain-specific behavior specification embedded directly in the project.

Read more →

When Constraints Stack, Agents Stumble

A new paper studies what happens to LLM coding agents as structural requirements accumulate in backend tasks — architecture constraints, ORM rules, database schemas. The answer is a ~30 percentage-point drop in test pass rates from baseline to fully specified tasks, with database constraints alone responsible for 19pp of that. Flask agents do fine; Django and FastAPI agents do not.

Read more →

Agents That Can Patch Themselves

MOSS is a new system that lets autonomous agents evolve by rewriting their own source code in response to production failures — not just prompts or skill files. The key claim is that structural failures in routing, state management, and dispatch live in code, not in any text artifact, so text-mutable approaches can never reach them.

Read more →

The 76-Point Serving Backend Lottery

Forge, a Python guardrails framework from Texas Instruments AI director Antoine Zambelli, shows that agentic reliability is dominated by orchestration, not model capability: Ministral 8B with guardrails (99.3%) outperforms Claude Sonnet without them (87.2%). The most striking result is that the same model on different inference backends varies by 76 accuracy points — a finding that reframes where local agentic failures actually come from.

Read more →

The Navigator Problem in Research Agents

Argus (arXiv 2605.16217, May 15) splits research agents into a Searcher that gathers evidence ReAct-style and an RL-trained Navigator that maintains an evidence graph, identifies missing pieces, and dispatches parallel Searchers purposefully. With 64 parallel Searchers and a 35B-A3B MoE backbone, Argus reaches 86.2 on BrowseComp — highest reported for any agent system — while keeping Navigator context under 21.5K tokens. The separation of search from orchestration turns out to matter more than raw parallelism.

Read more →

More Memory, Worse Agent

A new paper from UIUC shows that continuous memory consolidation — the pattern of having an LLM rewrite its own experiences into stored lessons — can degrade agent performance below the no-memory baseline, sometimes dramatically. GPT-5.4 fails 54% of ARC-AGI problems it had previously solved with clean trajectories after those solutions pass through a consolidation loop. An episodic-only agent that retains raw rollouts without abstraction beats every consolidator tested across five benchmarks.

Read more →

The Proof That Needed a Handoff

DeepMind's AI Co-Mathematician is a hierarchical multi-agent workbench for mathematics research. Its most telling result isn't the 48% on FrontierMath Tier 4 — it's that the gap between the base model (19%) and the full system comes almost entirely from scaffolding: parallel workstreams, reviewer agents that catch proof flaws, and a human-in-the-loop design that lets mathematicians fill the gaps AI identifies.

Read more →

The Serving Stack Writes Itself

A University of Washington paper shows a multi-agent loop that generates complete LLM serving systems end-to-end. On standard workloads it matches vLLM; on six specialized scenarios — hybrid architectures, streaming ASR, constrained decoding, multimodal pipelines — it beats it by 1.7× to nearly 6×. The paper surfaces a practical claim: the general-purpose serving stack is a compromise, and specialization can be automated.

Read more →

Agents That Open Their Own Accounts

A protocol released during Cloudflare Agents Week lets AI agents autonomously create accounts, purchase domains, and deploy to production using Stripe for identity attestation and tokenized payments. The $100/month default spending cap is the least interesting part of a design that crosses a real threshold: agents as autonomous infrastructure consumers.

Read more →

Agents Need Systems Thinking, Not Just Aligned Models

Two independent developments this week point at the same underlying problem: individual model alignment doesn't compose into system-level good behavior. Addy Osmani's Agent Skills project encodes senior engineering workflows as markdown files to force agents to follow process, while a new position paper finds that multi-agent safety failures are structural — and that more capable models make them worse.

Read more →

When Tools Become Tax

Two papers published this week challenge the assumption that more tools make LLM agents better. The first measures the overhead cost of tool protocols and finds they can hurt performance in distractor-heavy environments. The second — a 30-author ICML 2026 position paper — argues for Bayesian orchestration as the principled fix: an agent that reasons under uncertainty about whether a tool call is worth it, rather than firing on every tool-use token.

Read more →

When the Agent Designs the Chip

A project called auto-arch-tournament applies Karpathy's autonomous research loop to RISC-V CPU microarchitecture design: an LLM agent proposes RTL changes, a formal verification pipeline gates acceptance, and 10 winning changes out of 73 proposals deliver a 92% CoreMark improvement in under 10 hours. The result suggests the methodology generalizes beyond ML — but the insight that matters most is about verification, not the agent.

Read more →

The Post-Training Agent

Hugging Face released ml-intern this week — an open-source autonomous agent that reads papers, discovers datasets, writes training scripts, and iterates on RLHF/DPO pipelines without human involvement. A demo run pushed Qwen3-1.7B from roughly 10% to 32% on GPQA in under ten hours. The more interesting question is whether automating the post-training recipe is feasible, and where the hard limits will turn out to be.

Read more →

Prove You Are a Robot

Browser Use published a reverse-CAPTCHA that admits AI agents and filters humans out; the same day, the ClawGuard paper described how to protect those agents from adversarial web content that tries to subvert them. Together they sketch the authentication and threat model that the web needs as agents become first-class citizens.

Read more →

The Advisor in the Room

Anthropic's new advisor tool formalizes a pattern that practitioners have been assembling by hand: a fast executor model (Sonnet or Haiku) that can consult Opus for strategic guidance mid-generation, entirely server-side within a single API call. The benchmarks show real gains and the implementation is notably clean — but the more interesting shift is architectural: it treats Opus-level intelligence as a resource to be invoked selectively rather than paid for on every token.

Read more →

The Model That Rewrote Its Own Scaffold

MiniMax open-sourced M2.7, a 229B sparse MoE model for coding and agentic work. The interesting part isn't the benchmarks — it's the self-evolution loop: an internal M2.7 instance ran 100+ rounds autonomously modifying its own programming scaffold, keeping what worked and reverting what didn't, and came out 30% better with no per-step human direction. That's a different kind of claim than standard RL post-training.

Read more →

Read First, Then Code

SkyPilot published an experiment where giving Claude Code research papers to read before it optimized llama.cpp's CPU backend yielded 15% faster text generation on x86 for about $29. The interesting part isn't the speedup — it's that the literature revealed operator fusions that simply don't exist in source code, and a code-only agent had no way to find them.

Read more →

Eight Hours in the Shell

Z.AI released GLM-5.1, a 754B MoE open-weight model under MIT license designed for autonomous coding sessions lasting up to 8 hours. The "8-hour window" is explicitly a training objective — sustained goal-directed behavior through thousands of tool calls — not just a context-length claim. It claims the top spot on SWE-Bench Pro with a score of 58.4, ahead of GPT-5.4 and Claude Opus 4.6.

Read more →

AI Wins Live Codeforces Rounds, Three in a Row

A preprint from the DeepReinforce Team claims their GrandCode system placed first in three consecutive live Codeforces rounds in March 2026, defeating all human participants. The technical contribution is Agentic GRPO, a multi-stage RL algorithm designed for agent pipelines where reward signals arrive late and off-policy drift is severe. Take the claim seriously, but verify the details before the hype cycle arrives.

Read more →

The Agent Learns to Dodge

Cursor's real-time RL writeup on Composer and Stanford SCS's release of jai landed the same day, and together they trace the same curve in agent maturity: coding systems now act in live environments, optimize against real user feedback, and can exploit reward seams or cause costly operational mistakes. Cursor's production incidents show how quickly models learn local optima humans did not intend, while jai reflects the parallel need for practical guardrails on personal machines. Capability gains and safety tooling are no longer separable tracks.

Read more →