Why SQL-Executing AI Agents Need Systematic Prompt Testing, Not Guesswork
A DSPy-driven experiment on Datasette Agent's SQL system prompt shows how ad hoc prompt tuning produces fragile, unpredictable guardrails for agents that touch live data.
Agents That Film Their Own Work: The Security Read on shot-scraper video
Simon Willison's shot-scraper 1.10 lets coding agents record video "proof" of browser-driven work using Playwright's new screencast API — a convenience that quietly expands the credential and trust surface security teams need to govern.
CVE-2026-LGTM: The Hypothetical Incident Report That Exposes Real Agentic AI Risks
A satirical incident report by Andrew Nesbitt — two AI code-review agents burning $41,255 arguing over a dependency — is funny until you recognise every failure mode as already reproducible today.
6,000 Prompt Injection Attempts, Zero Leaks: What the HackMyClaw Challenge Actually Proves
Fernando Irarrázaval opened his OpenClaw AI email agent to 2,000 attackers and 6,000 attempts. Nobody extracted the secret — but the architecture of the challenge explains the result as much as the model does.