Skip to content

Four Signals

Agentic insights for modern tech teams

Vercel launches eve, an open-source framework that treats agents as directories
AI/ML / thenewstack.io

Vercel launches eve, an open-source framework that treats agents as directories

Vercel launched eve, an open-source framework under Apache 2.0 that models AI agents as filesystem directories—each agent is a folder containing a model config (with AI Gateway fallbacks), a Markdown system prompt, and TypeScript tool files where filenames become tool names without registration. Built on Vercel's Workflow SDK, eve provides durable execution with checkpointing, per-agent sandboxed code execution, human-in-the-loop approval for tools, and built-in channels for Slack, Discord, and Linear. Vercel reports 29% of its platform deployments now come from agents, up from under 3% a year ago, and runs over 100 internal agents on eve.

Why it matters

For a platform engineer evaluating agent orchestration, eve's directory-as-agent model and Vercel-tied infrastructure simplify deployment but lock you into Vercel's ecosystem, contrasting with portable alternatives like Mastra or LangGraph.
Node.js 24 Native TypeScript: Running .ts Files in Production Without a Build Step
Languages / dev.to

Node.js 24 Native TypeScript: Running .ts Files in Production Without a Build Step

Node.js 24 introduces native TypeScript support by stripping type annotations at load time, enabling direct execution of .ts files in production without a build step. The runtime parses TypeScript syntax, removes type-only nodes, and caches the resulting JavaScript, eliminating the need for tsc output directories or watch mode. However, it does not replace type checking (still requires tsc --noEmit) or handle advanced transformations like path aliases or decorators, limiting its value to simpler TypeScript projects.
Lore – Open source version control system designed for scalability
Open Source / lore.org

Lore – Open source version control system designed for scalability

This article likely announces Lore, an open-source version control system from Epic Games, designed for high scalability in handling both code and large binary assets, targeting large teams and complex projects.
AI Agent Identity and Permission Challenges: How Uber and Auth0 Are Rethinking Access Control
AI/ML / infoq.com

AI Agent Identity and Permission Challenges: How Uber and Auth0 Are Rethinking Access Control

Uber and Auth0 are rethinking access control for AI agents, moving beyond models built for humans or backend services. Uber's architecture uses an Agent Registry, Security Token Service, and MCP Gateway to issue short-lived, single-hop JWTs that propagate an actor chain—preserving originating user identity and agent provenance across multi-agent workflows. Auth0 argues for capability-scoped permissions and task-scoped credentials to limit blast radius while maintaining agent autonomy.
Proactively reduce tech debt autonomously with AWS Transform – continuous modernization (preview)
Cloud / aws.amazon.com

Proactively reduce tech debt autonomously with AWS Transform – continuous modernization (preview)

AWS Transform – continuous modernization (preview) autonomously scans thousands of repositories against configurable baselines, detects end-of-life dependencies and deprecated frameworks, and generates pull requests for remediation. It integrates with AWS Security Agent to surface source-code vulnerabilities into the same prioritized workflow, providing platform teams with continuous ground truth instead of self-reported status. The capability targets the 30% of IT budgets consumed by tech debt, addressing the acceleration of debt from AI-assisted coding agents.
AWS DevOps Agent adds release management capabilities to assess code changes before production (preview)
DevTools / aws.amazon.com

AWS DevOps Agent adds release management capabilities to assess code changes before production (preview)

AWS DevOps Agent now in preview adds release readiness review and autonomous release testing, evaluating code changes against natural language standards and running change-specific tests in isolated environments before production. The agent checks cross-repository dependency risks, access controls against AWS Well-Architected Framework, and executes lightweight user journey tests, surfacing findings in the console and as PR comments on GitHub or GitLab. Autonomous release testing generates tailored test plans for web and API apps, producing structured artifacts (metrics, logs, traces) to address the growing review bottleneck from AI-generated code.
AMD Ryzen processor
Security / tomshardware.com

AMD silently removes memory encryption from consumer Ryzen CPUs

AMD silently removed Transparent Secure Memory Encryption (TSME) from consumer Ryzen CPUs starting with AGESA 1.2.7.0 firmware, leaving users unaware of the missing protection against physical memory attacks. The change is undetectable on Windows and requires significant technical effort to identify on Linux, as discovered by a user running a Ryzen 7 9700X (Zen 5) who found TSME disabled despite BIOS settings. AMD engineers initially engaged on GitHub but then went silent, with the company only later stating TSME is reserved for PRO CPUs, contradicting years of availability on consumer chips.
Beyond SLSA: How to Stop Zero-Click CI/CD Worms with a 9-Step Plan
DevTools / dev.to

Beyond SLSA: How to Stop Zero-Click CI/CD Worms with a 9-Step Plan

Six autonomous CI/CD worm campaigns between late 2025 and mid-2026 have rendered traditional supply chain security like SLSA Level 3 and container scanning insufficient, as adversaries now target pre-build developer environments and agentic AI contexts. The IX Hexbreaker Aegis Framework proposes a 9-step active defense architecture to sanitize local IDEs, lock down AI coding agents, and stop self-replicating worms that steal credentials and pipeline caches before any container image is built. Key campaigns include Shai-Hulud 2.0's preinstall execution and Bun-based evasion, Mini Shai-Hulud's weaponization of AI settings for IDE persistence, and the TanStack cache poisoning incident (CVE-2026-45321) that commandeered GitHub Actions pipelines.
Supabase RLS Policy Design Patterns Beyond the Basics
Security / dev.to

Supabase RLS Policy Design Patterns Beyond the Basics

Supabase RLS patterns beyond basic auth.uid() include role-based access via a dedicated user_roles table with SECURITY DEFINER functions to prevent client-side spoofing, and team/organization membership using EXISTS subqueries on org_members tables. These patterns enable multi-tenant SaaS access control while keeping policies performant as data grows.
Two robotic arms sit on a lab table, with the robotic arm on the right holding a GPU above a motherboard. Teams of AI coding agents can train robots to do various manipulation tasks.
AI/ML / arstechnica.com

AI coding agents taught robots how to install GPUs and cut zip ties

Nvidia GEAR lab's ENPIRE agent harness enables AI coding agents (OpenAI Codex with GPT-5.5, Claude Code with Opus 4.7, Kimi Code with K2.6) to autonomously train physical robots on tasks like GPU insertion and zip-tie cutting, achieving 99% success rates on manipulation tasks. The open-source framework uses four modules for automatic reset, policy refinement, parallel evaluation, and failure analysis via log ingestion and research papers. Eight-agent teams completed the Push-T task in two hours versus five for single agents, though idle time occurred when agents were busy reading logs or debugging.