Denoise · Twitter

The security frontier is moving from model-level jailbreaks to system-level vulnerabilities in agent orchestration layers and tool interactions.

Discourse is centered on securing autonomous agents, with Anthropic and Google DeepMind releasing formal frameworks and disclosures on red-teaming.

• Anthropic@AnthropicAIrising

  Responsible disclosure on a Claude jailbreak chain we patched last week. Full write-up including our red team timeline.

• Google DeepMind@GoogleDeepMindrising

  New red team framework for prompt injection in autonomous agents. Covers cross-tool leakage, scanner evasion, and sandbox escape patterns.

• MalwareTech@MalwareTechBlogrepeated

  Autonomous agent running pentest flows against a real SaaS. First real-world run: fewer false positives than I expected on the vulnerability surface.

The battleground is shifting from IDE plugins like Copilot to standalone terminal agents, with developers like @levelsio claiming higher productivity.

Anthropic's Claude Code 1.5 launch dominates the conversation, framing the terminal as the new primary interface for developer agents.

• Anthropic@AnthropicAIrising

  Claude Code 1.5 is live. Terminal-native coding agent with full Claude Opus reasoning, file-ops sandbox, and session replay.

• Andrej Karpathy@karpathyrising

  The developer-experience shift from IDE to terminal agent is underrated. Coding workflows are about to look nothing like 2024.

• swyx@swyxrising

  Codex vs Claude Code terminal agent benchmarks. Pass@1 diverges more than I expected on the long-context editor tasks.

• DSPy@dspy_airising

  DSPy 3.0: prompt optimization via compile-time search over system prompt variations. Benchmarks inside.

• @levelsio@levelsiorising

  Switched my whole editor setup to Claude Code this week. Shipping faster than when I used Cursor + Copilot.

A de facto standard for agent orchestration is emerging, with OpenAI's SDK and Anthropic's MCP (via LangChain) providing competing but similar primitives.

Major platforms including OpenAI, Vercel, and Replit are shipping SDKs, runtimes, and deployment tools for building and hosting agents.

• OpenAI@OpenAIrising

  New agent SDK: protocol-level tool calling, deployment harness, and multi-worker orchestration primitives. Docs live.

• LangChain@LangChainAIrising

  MCP protocol integration thread. How to wire existing LangGraph agents into the Anthropic Model Context Protocol server spec.

• Vercel@vercelrising

  Edge runtime for agent workers is live. Spawn durable background agents from any serverless deployment.

• Alex Albert@AlexAlbert__rising

  When your security scanner finds nothing scary on an agent deploy, check the orchestration layer again. That's usually where the jailbreak sneaks through.

• Replit@replitrising

  New agent deployment harness. One command to go from local orchestration to hosted agent worker.

This foundational data release from MistralAI indicates a continued investment in core model capabilities, even as the application layer shifts towards agents.

MistralAI released a large-scale, 100M-row web OCR dataset, providing a foundational resource for training multimodal models.

• Mistral AI@MistralAIrising

  Open dataset release: 100M-row web OCR dataset. Cleaned, licensed, ready to train.

Large context windows are creating new challenges, forcing a focus on cache invalidation (@reach_vb) and structured memory like knowledge graphs (@llamaindex).

The conversation is moving from basic RAG to 'context engineering' and complex memory systems in response to 10M+ token context windows.

• Vaibhav Srivastav@reach_vbrising

  Tested the new 10M context memory window end to end. Surprising failure modes around rag retrieval cache invalidation, thread below.

• Greg Kamradt@GregKamradtrising

  RAG is dead, long live context engineering. My framework for when to cache, when to retrieve, and when to just dump memory into the prompt.

• mem0@mem0airising

  Memory layer for agents: differentiating working memory from the subconscious store. Vector index isn't enough anymore.

• LlamaIndex@llamaindexrepeated

  Knowledge graph retrieval walkthrough: when semantic vector search misses, graph hop beats it every time.

The pattern of embedding autonomous workflows is visible in both developer tools and general productivity SaaS, with platforms like Temporal providing the underlying orchestration engine.

Workspace automation tools from Notion and Linear are adding autonomous features like auto-filling and auto-triaging, mirroring the agent trend in development.

• Notion@NotionHQrising

  Notion workspace automation is out of beta. Auto-fill tables, chained updates across databases, and a new audit log surface.

• Linear@linearrising

  Linear now auto-triages incoming issues. Quiet launch, but already our favorite workspace feature of the year.

• Temporal@temporaliorepeated

  Orchestrating agents with durable workflows: replayable, resumable, and multi-worker by default. Walkthrough from our infra team.

• James Clear@jamesclearrepeated

  The best habit tracker is the one you actually open. Three open-source alternatives worth trying.

The practice of prompt engineering is maturing from individual craft to a data-driven discipline, enabled by tools from firms like Weights & Biases.

System prompt optimization is becoming a systematic, large-scale benchmarking task, moving beyond anecdotal tricks.

• dotey@doteyrising

  Five prompt tricks learned this week from reviewing 200 production prompts. Short thread.

• Weights & Biases@weights_biasesrising

  System prompt benchmarking at scale: we ran 40k variants across 6 frontier models. The efficient frontier is not where you think.

As identified by @jerryjliu0, the bottleneck in agent development is shifting from architecture to data quality, where synthetic data can poison generalization.

The key challenge discussed is the curation of high-quality training data for agents, specifically filtering harmful synthetic data.

• Jerry Liu@jerryjliu0repeated

  Dataset curation for agent training: how we filter synthetic data that looks good but poisons generalization.