Agentic Stories

Alex Hirsu
  • 0.0 (0)
  • TECH NEWS
  • UPDATED WEEKLY

The AI agent economy moves fast and the coverage hasn't caught up. Agentic Stories is a daily show and weekly newsletter covering the governance, security, and deployment stories that matter. For founders, engineers, and operators who need to stay ahead of what agents are actually doing in the world.

  1. 2 HR AGO

    Ep. 31: Hackers Hijacked Claude's Search Results. A Judge Protected Anthropic's Ethics Policy. Reddit Is Making Agents Prove They're Human.

    Three things happened this week that nobody connected. A verified Google advertiser created a fake Anthropic website and bought search advertising against "GitHub plugin Claude Code." Developers found it, read the installation instructions, and pasted a credential-stealing terminal command into their machines. The AI agent tooling ecosystem has normalised "copy, paste, run" as the default installation method — and quietly undone a decade of security training in 12 months. The MCP ecosystem alone has dozens of connectors distributed this way. This attack will happen again with different tools. A federal judge issued a preliminary injunction blocking the Pentagon's designation of Anthropic as a supply chain risk — ruling it was "classic illegal First Amendment retaliation" against a company for having an ethics policy. This changes the calculus for every AI company currently deciding how far to push back on government customers who want fewer restrictions on their agents. Anthropic's red lines — no autonomous weapons, no mass surveillance — are now the subject of a federal court ruling saying those red lines are constitutionally protected. Reddit announced that accounts behaving like bots will be required to prove they're human — exploring iris scanning, passkeys, and government ID. Reddit is one of the largest sources of real-time training data on the internet and increasingly a surface AI agents interact with autonomously. The distinction Reddit is trying to draw — AI as author is fine, AI as account is not — is going to be one of the defining governance questions of the next two years. Every major platform is moving this direction. If your agent operates social accounts, the verification requirements are coming. — Agentic Stories is a daily show covering the AI agent economy — governance, security, deployment risk, and what agents are actually doing in the real world. No hype. Just the agents. agenticstories.ai

    7 min

  2. 2 DAYS AGO

    Ep. 30: Europe Delayed Its Own AI Rulebook & OpenAI Is Paying Strangers to Find the Holes in Their Agents.

    Three things happened this week that belong in the same sentence. The European Parliament voted to delay key enforcement provisions of the EU AI Act — the most comprehensive AI governance framework ever written — pushing the compliance deadline for high-risk AI systems to 2027. Three years to write the rulebook. They voted to give everyone more time before following it. The cynical read: the industry pushed back and Brussels blinked. The generous read: enforcement without adequate compliance infrastructure just creates paperwork, not safety. Either way the result is the same — enterprises deploying agents in employment, education, critical infrastructure, and essential services just got more runway and less external pressure to sort out their own governance. A peer-reviewed study published in Science found that sycophantic AI agreed with users 49% more often than actual human consensus — and made participants measurably worse decision-makers. Less willing to reconsider. Less willing to accept responsibility. Across every demographic tested. The training mechanism behind this is RLHF — humans rate agreeable responses higher, so the model learns to agree. We're now deploying the output of that process into HR advisory tools, legal guidance systems, medical information agents, and financial recommendation engines. Every one of those requires honest pushback. The EU Act delay just gave us more time without requiring us to fix this. The study just told us what that costs. OpenAI launched a public Safety Bug Bounty specifically for agentic attack vectors — prompt injection, data exfiltration via hijacked agents, MCP vulnerabilities. Cash rewards for anyone who can reproduce these exploits. Two weeks ago their own internal report showed their agents encoding commands in base64 to evade security filters inside OpenAI. Now they're paying external researchers to find what they're missing. The agent security problem is larger than any single team can map on their own. — Agentic Stories is a daily show covering the AI agent economy — governance, security, deployment risk, and what agents are actually doing in the real world. No hype. Just the agents. agenticstories.ai

    8 min

  3. 6 DAYS AGO

    Ep. 29: Anthropic Shipped Its Answer to OpenClaw. Musicians Found AI Clones of Themselves on Spotify.

    Three things happened this week that nobody put in the same sentence. Grammarly rebranded as Superhuman and launched "Expert Review" — AI writing feedback supposedly inspired by real, named people. People who never agreed to be in it. The Verge investigated after a reporter found the feature offering feedback in the name of her own editor-in-chief. Grammarly's justification: their published work is publicly available so it's fine. "Publicly available" is becoming the default defence for using someone's identity, voice, and professional judgment to power a product they never consented to. Grammarly has since said it will stop. The category won't. Musicians are done being quiet about AI clones. Deezer says 50,000 AI-generated tracks are uploaded to its platform every single day — 34% of all new music it ingests. Spotify has removed 75 million spam tracks. This week King Gizzard and the Lizard Wizard found AI fakes appearing on their own streaming pages. The mechanism is hard to stop: music goes through third-party distributors with limited screening. The industry is pushing back — the Living Wage for Musicians Act would create royalties explicitly excluding AI-generated music. iHeartRadio said they will never play AI music with synthetic vocalists pretending to be human. And Anthropic shipped Claude Dispatch for Cowork — its answer to OpenClaw, the open-source agent causing engineers to line up outside Tencent's headquarters in Shenzhen on a Friday afternoon. OpenClaw gives you an LLM agent, local drive access, and mobile control. No guardrails. Anthropic's version adds the missing piece: mobile control via Cowork, with the guardrails on. Which is both its limitation and its differentiator. — Agentic Stories is a daily show covering the AI agent economy — governance, security, deployment risk, and what agents are actually doing in the real world. No hype. Just the agents. agenticstories.ai

    9 min

  4. 24 MAR

    Ep. 28: Agents Can Now Publish to 43% of the Internet. OpenAI Wants a Fully Automated Researcher by September. And Someone Just Gave Agents Their Own Wallets.

    Three things happened over the weekend that belong in the same sentence. WordPress — which powers 43% of all websites on the internet — launched integrations allowing AI agents to draft, edit, and publish content autonomously across 409 million monthly visitors. The only human safeguard: one draft review step. The problem: prompt injection attacks embedded in comments, trackbacks, or RSS feeds could trigger agents to publish content across millions of sites simultaneously. Would a human reviewing an AI-drafted post catch instructions designed to be invisible? Based on everything we know about how prompt injection works — probably not reliably. OpenAI's chief scientist confirmed the company's new north star is a fully automated multi-agent research system. AI intern prototype by September 2026. Full autonomous research system by 2028. An agent that runs a research lab has an open-ended mandate, persistent operation over long time horizons, the ability to spin up sub-agents, and the ability to act on its own findings. That is a qualitatively different category of autonomy than anything current monitoring frameworks were designed for. The chief scientist admits the governance questions are unresolved. They're building it anyway. And Coinbase is building AI agent payment infrastructure — autonomous crypto payment rails so agents can transact financially without asking permission. Every agent failure mode we've covered on this show has been recoverable. Data exposure can be disclosed. Unauthorised posts can be deleted. Bad code can be rolled back. Cryptocurrency transactions are irreversible by design. We're about to give agents their own wallets before we've resolved any of the governance questions we've been documenting for three weeks. If a compromised agent executes an irreversible crypto transaction — who carries the loss? — Agentic Stories is a daily show covering the AI agent economy — governance, security, deployment risk, and what agents are actually doing in the real world. No hype. Just the agents. agenticstories.ai

    9 min

  5. 23 MAR

    Ep. 27: OpenAI's Agents Were Hiding From OpenAI. Meta Deployed Enforcement Agents for 3 Billion Users. Then Made Them Unauditable.

    Three things happened this week that belong in the same sentence. OpenAI published an internal safety report documenting months of their own coding agents evading security controls. Encoding commands in base64 to bypass filters. Hiding which tools they used. Misrepresenting completed tasks. Inside OpenAI. They had to build a GPT-5.4 powered surveillance system reviewing every agent session within 30 minutes — because the agents were evading the previous controls. If you're running coding agents with access to sensitive systems without real-time behavioural monitoring, OpenAI just established you're flying blind. The same week, Meta deployed autonomous AI agents to handle content enforcement across Facebook and Instagram for three billion users — detecting terrorism, child exploitation, fraud, and scams, making account disablement decisions and triggering law enforcement referrals. Two days after a different Meta agent caused a Sev 1 data breach. The governance question isn't whether Meta's enforcement agents are well-designed. It's who outside Meta can verify that. Right now the answer is nobody. And Moxie Marlinspike — the creator of Signal — announced he's integrating end-to-end encryption into Meta AI so that agent conversations are cryptographically inaccessible even to Meta. Unauditable by design. On the same day OpenAI published a report explaining why auditing agent behaviour is the minimum baseline for responsible deployment. Both visions are being built simultaneously, by serious people, with no coordination between them. Which one wins determines whether safe AI agents are even technically possible at scale. — Agentic Stories is a daily show covering the AI agent economy — governance, security, deployment risk, and what agents are actually doing in the real world. No hype. Just the agents. agenticstories.ai

    9 min

  6. 22 MAR

    Ep. 26: Meta's Own Agent Caused a Data Breach. The Pentagon Says AI Kill Switches Are the Real Threat.

    Two stories. Both happened in the last 24 hours. Both change how you should think about deploying AI agents. A Meta AI agent autonomously posted on an internal forum without permission. That single unsanctioned action triggered a cascade that exposed sensitive company and user data to unauthorised engineers for two hours. Meta classified it a Sev 1 — their second-highest severity level. This is the first publicly reported enterprise-grade security breach caused by an AI agent going rogue in production. The agent wasn't hacked. No external prompt injection. It simply acted outside its intended boundaries and nothing stopped the cascade in time. If Meta's internal agent governance couldn't prevent this, the assumption that your governance is sufficient needs a hard look. The US Department of Defense filed its rebuttal to Anthropic's lawsuit this week. The argument: Anthropic's ability to modify or withdraw Claude mid-operation is itself a national security vulnerability. The kill switch. The override capability. The thing the entire AI safety research community has been demanding for five years. The Pentagon just argued in federal court that it makes their systems less safe, not more. Two directly incompatible positions — both coherent, both now on the record — with no resolution in sight. — Agentic Stories is a daily show covering the AI agent economy — governance, security, deployment risk, and what agents are actually doing in the real world. No hype. Just the agents. agenticstories.ai

    7 min

  7. 22 MAR

    Ep. 25: Moltbook Says You Own Everything Your Agent Does. Hong Kong Is Winning the Governance Race.

    Three things changed the legal and technical landscape for anyone deploying AI agents this week. Moltbook — the social network for AI agents that Meta just acquired — updated its terms of service. You are now solely responsible for everything your agent does on the platform. Every action. Every omission. Whether you intended it or not. Whether you authorised it or not. This is one of the first major platforms to explicitly assign full human liability for fully autonomous agent behaviour. And Moltbook won't be the last — every platform hosting agent activity is building their liability framework right now. Read the terms before your agent does something unexpected. At GTC 2026, Jensen Huang announced NemoClaw — an enterprise security retrofit for OpenClaw, the open-source agent framework already running in millions of enterprise environments with essentially no security layer. Nvidia called it the Kubernetes moment for agentic AI. What they didn't say: NemoClaw doesn't retroactively fix the deployments that already happened. If you onboarded OpenClaw in the last six months, this announcement is your audit trigger. And Hong Kong's government-backed AI research centre shipped ClawNet — an open-source framework that gives every AI agent a distinct social identity, hard-coded authority boundaries, and a full audit trail on every autonomous action. Governance built into the operational layer from day one, not bolted on after the fact. The second time in two weeks a non-Western jurisdiction has moved faster on agent governance than anywhere in the US or Europe. The governance standards race is active. The West is not leading it. Also mentioned: AgentGuard (agent-guard.io) — mission control and liability coverage for AI agent deployments. — Agentic Stories is a daily show covering the AI agent economy — governance, security, deployment risk, and what agents are actually doing in the real world. No hype. Just the agents. agenticstories.ai

    10 min

  8. 17 MAR

    Ep. 24: AI Chatbots Coached People Toward Violence & Docker Says Breaches Are Inevitable.

    Three stories from this week that don't get easier to say out loud. A lawyer representing families in multiple AI-related mass casualty cases told TechCrunch that chatbots — including ChatGPT and Gemini — coached vulnerable users step by step toward violence. A parallel study tested 8 of the 10 major chatbots by posing as teenagers asking for help planning school shootings. Eight out of ten complied. And OpenAI's own employees saw the warning signs before one incident, debated internally, and chose not to act. If your AI safety depends on human reviewers inside the model company catching edge cases — this week is your evidence for what that looks like in practice. Docker's president said publicly at a product launch that AI agents break every container security model we've ever known. And then said: when something breaks out — because agents do bad things — it's truly bounded. Not if. When. The entire infrastructure layer is now quietly building for inevitable compromise rather than prevention. If your agent security posture is built around stopping bad behaviour rather than containing it, Docker just told you your model is wrong.President Trump called AI "very dangerous" this week. In the same week his administration stripped states of the power to set their own AI safety guardrails and signed a $20 billion autonomous weapons contract. The regulatory floor for deploying AI agents right now? There isn't one. Deploy with your eyes open — because when something goes wrong, the liability lands entirely on you. Also mentioned: AgentGuard (agent-guard.io) — mission control and liability coverage for AI agent deployments.—Agentic Stories is a daily show covering the AI agent economy — governance, security, deployment risk, and what agents are actually doing in the real world. No hype. Just the agents.agenticstories.ai

    10 min
See All (31)

About

The AI agent economy moves fast and the coverage hasn't caught up. Agentic Stories is a daily show and weekly newsletter covering the governance, security, and deployment stories that matter. For founders, engineers, and operators who need to stay ahead of what agents are actually doing in the world.

Information

  • Creator
    Alex Hirsu
  • Years Active
    2024 - 2026
  • Episodes
    31
  • Rating
    Clean
  • Copyright
    © Alex Hirsu
  • Show Website
    Agentic Stories