This week's theme is basically: AI agents are eating the world, and the world is starting to eat back.
Daniel Miessler drops his April AI synthesis — the quarterly anchor you need when the field is moving faster than your git pull. Joel Andrews offers the honest counterpoint with some uncomfortable truths about AI coding agents in real production environments. And Drew Breunig maps the shift from agentic experiments to spec-driven idiosyncratic tooling — the clearest mental model for where we go from here.
Meanwhile, Haseeb Qureshi dug through the full 1,900-file TypeScript leak of the Claude Code source to reverse-engineer how it actually works — the most revealing accidental transparency from any AI lab this year. The security side of the week is busy: axios versions on npm were quietly installing remote access trojans (audit your dependencies, now), and the ecosystem responded with two serious containment tools — Stanford's jai brings kernel-level jailing for AI agents, while nono adds cryptographic immutable audit chains and atomic rollback. If you're running agents in production, both are worth a look.
Also in this issue: 113 hard-won engineering lessons from Jack Kinsella on scaling a monolith to a million lines of code, pgmicro reimplements PostgreSQL semantics on top of SQLite storage in-process (technically audacious), and git-lrc gives you free AI code reviews on every commit with zero friction.
Enjoy!
Signup here for the newsletter to get the weekly digest right into your inbox.
Find the 10 highlighted links of weeklyfoo #131:
by Haseeb Qureshi
Anthropic's Claude Code CLI source code leaked onto GitHub recently. All of it. About 1,900 files and a lot of TypeScript.
🚀 Read it!, claude
The Most Important Ideas in AI Right Now (April 2026)
by Daniel Miessler
Self-improvement and transparency change everything in unexpected ways
📰 Good to know, ai, engineering
Some uncomfortable truths about AI coding agents
by Joel Andrews
I’ve been following the development of generative AI closely for several years now.
📰 Good to know, ai
by Jack Kinsella
113 Pragmatic Lessons from Tech Lead to CTO
📰 Good to know, engineering
by Ashish Kurmi
Malicious Versions Drop Remote Access Trojan
📰 Good to know, security, axios
The 2nd Phase of Agentic Development
by Drew Breunig
Yesterday we talked about how cheap code is fueling an era of idiosyncratic tooling, and previously we’ve talked about the rise of spec driven development.
📰 Good to know, ai, engineering
by Glauber Costa
An in-process reimplementation of PostgreSQL, backed by a SQLite-compatible storage engine
🧰 Tools, postgres, sqlite
by stanford-scs
Jail your AI agent
🧰 Tools, ai
by nono.sh
Kernel-enforced agent sandbox. Capability-based isolation with secure key management, atomic rollback, cryptographic immutable audit chain of provenance. Run your agents in a zero-trust environment.
🧰 Tools, ai, sandbox
by hexmos.com
Free, Unlimited AI Code Reviews That Run on Commit
🧰 Tools, ai, git, reviews
Want to read more? Check out the full article here.
To sign up for the weekly newsletter, visit weeklyfoo.com.
Top comments (0)