Developers need to tinker or they’ll reject your platform. That is a lesson that people who build tools and platforms for developers learn. The more ambitious your platform is in scale, the more tinker resistance you encounter - you want it to be the platform that 10,000’s of developers at a bank use, for example. What if you could give the tinkers what they wanted and also put a standardized, enterprise-wide platform in place?

I’ve tried to use a different $CLAUDE_CONFIG_DIR for several weeks now. This way, I can have partitioned off harnesses for real life stuff, versus code, versus experiments. It doesn’t work, however. Sometimes Claude obeys it, sometimes it doesn’t. This means the wrong permissions, memories, rules, and ways of operating get loaded and mixed in. You can try to use guard hooks and all sorts of things, but eventually, Claude just goofs, and it knows it, of course.

AI companies are building platforms for running agentic applications. Right now, those applications are primarily for software development, with a little bit of knowledge worker stuff. In each case, you get a “harness," an application that wraps all sorts of functionality around a model. This harness app is way beyond the chat-based apps we grew up with over the past few years. They use the model to figure out multi-step processes and get access to data and other apps - accessing files, working with your email, PowerPoint, etc.

When I see a platform engineering conference talk about building an internal developer platform on Kubernetes, I think about cf push. Cloud Foundry has been doing this - the actual thing, the single command that takes you from source code to running app - for more than a decade. People keep rebuilding it on top of Kubernetes with Backstage plus a pile of CRDs and a bespoke yaml, and that’s.

If you’ve spent any real time with Claude Code or Cursor, you know the feeling. The thing you told the agent five minutes ago is now optional as far as it’s concerned. The fix isn’t a smarter model. It’s architecture. This week David Zendzian and I dig into memory for AI agents - what it actually means, why one giant context window isn’t it, and what a real structure for long-running agent work looks like.

Also: sovereignty’s control plane, 81,000 people tell Anthropic what they want, Google sells its fiber, and oats for the sparrows, and cake Related to your interests My pal Adib Saikali wrote up an MCP security guide covering how to think about securing MCP servers in the enterprise (no lead-generation required, just a straight-up PDF download). It gets into access tiers (open, group, and user-level servers), authentication with OAuth 2.1, identity propagation models (when to use service accounts vs.

More “how do we secure this AI stuff” talk with David Zendzian on today’s live stream. He’s recently gone Claude Crazy so I wanted to get his CISO-supremo talk on thinking through the risk management for AI in enterprises. Each time I tried to come up with a problem, he was good finding the fix. Plus, we talk about some of the things we’ve learned about using our little robot buddies.

My pal Adib Saikali wrote up an MCP security guide covering how to think about securing MCP servers in the enterprise (no lead-generation required, just a straight-up PDF download). It gets into access tiers (open, group, and user-level servers), authentication with OAuth 2.1, identity propagation models (when to use service accounts vs. forwarding user identity), and how an MCP gateway gives you a governed chokepoint for auth, observability, and capability filtering.

Also: sovereign AI, Claude Code auto mode, FCC bans foreign routers, Walmart digital price tags KubeCon EU 2026 KubeCon is crazy big. James says something like 13,500+ people. They’re going for another infrastructure grab: all the stuff used to run AI. It’s worth asking who they’re competing with there. I have no idea how OpenAI and Claude run the AI PaaSes they’v built - the ones that everyone is bonkers for.