Digest

June 29, 2026

Six deep reads on agent harnesses, secret boundaries, human-centered workflows, WAL-RUS, open-model incentives, and AI economics.

← Digest
June 29
2026
Monday
6 reads
Architecture
GLM 5.2 Shows Agent Results Depend on the Harness
— Semgrep / Hacker News

GLM 5.2 scores 39% F1 on IDOR detection, ahead of Claude Code's 32%, but Semgrep's own multimodal harness reaches 53-61%; the useful comparison is the full system of model, context selection, output parsing, and execution loop.

Security
`.agentignore` Is Not a Security Boundary
— GitHub issue / Hacker News

Ignore files reduce noise and express intent, but if the agent process can still read a secret, tool output, search results, and logs can leak it; the real boundary has to come from the OS, containers, VMs, or least-privilege credentials.

Workflow
Agents Belong in the Human Loop
— Jon Udell via Simon Willison

Jon Udell argues against reducing people to approval buttons; the better design keeps human plans, queues, review, and history as the main loop, with agents joining through visible, recoverable small steps.

Systems
WAL-RUS Is About Predictable Memory, Not Speed
— ClickHouse / Hacker News

ClickHouse's Rust rewrite of its WAL archiver matters less as a generic speed story than as a resource-predictability story: under WAL-heavy load, virtual memory falls from nearly 2.8GB to under 1GB.

Open Models
Open Models Are Splitting by Business Motive
— Interconnects

Open-weight releases are no longer a single movement led by a few players; pure model makers, Big Tech, product companies, and sovereign AI efforts all open models for different economic reasons.

Strategy
AI Competition Turns Capability Lead Into a Price War
— Gary Marcus

Gary Marcus reads China's model catch-up as a no-moat story: more competitors, lower token prices, thinner margins, and a costly paradigm whose capability lead may not become a durable business moat.