Hi all,

Here's the bonus email for this edition - since it's happened a second time, I expect the volume of content around agents to stay elevated for a while. That might lead to a change in pace for the newsletter and how content is sourced - I'm currently considering smaller weekly or semiweekly editions.

Hope you enjoy all the bonus material this weekend!

Cheers,
Ivan

Invite a friend to join AGT NYC at agtnyc.com!

Launches

• Perplexity Personal Computer
• NVIDIA Ignites the Next Industrial Revolution in Knowledge Work With Open Agent Development Platform
• Cloudflare Dynamic Worker Loader
• Alibaba Launches Wukong: An AI-Native Agentic Platform for Enterprises
• Jido 2.0: agent runtime on the BEAM VM
• Public launches AI agents for investment portfolios
• BrowserEnv: train agents on websites with RL pipelines
• Qwen3.6-Plus: Towards Real World Agents
• NVIDIA Launches Vera CPU, Purpose-Built for Agentic AI

It seems we're firmly in the second wave of agent products: big labs are launching agent platforms, chip manufacturers are centering products around agents, and new models are explicitly built for agents. The buzzword-driven flailing around by incumbents that was everywhere last year has diminished substantially.

Deals

• Oasis Security ($120M) - agentic access management
• Sycamore ($65M) - enterprise agent platform
• Sett ($30M) - ad campaign agents
• Variance ($21M) - investigative compliance agents
• Krane ($9M) - construction management agents
• Nyne ($5M) - agent human context
• Nexus ($4M) - enterprise agent deployment
• Galtea ($3M) - testing enterprise agents
• Forethought acquired by Zendesk

While enterprise agent platform companies keep getting funded, there are more and more agent startups for specific verticals and agent infrastructure startups solving production problems. Specialization is trending.

Articles

• We Need to Talk About Agents by EUCLID Ventures
• Open models have crossed a threshold by LangChain
• AI agents are running wild, causing chaos – so why isn’t anyone stopping them? in The Independent
• America’s HR Leaders Say We’re Thinking About AI Agents All Wrong in WSJ
• Securing the next generation of AI agents by JPMorgan Chase
• AI Agents Act a Lot Like Malware. Here’s How to Contain the Risks in HBR
• Rethinking enterprise architecture for the agentic era by McKinsey
• AI agents are quietly rewriting prediction market trading by CoinDesk
• Building a Digital Doorman by George Larson
• Unix Isn't for Agents by Patrick White
• To Scale AI Agents Successfully, Think of Them Like Team Members in HBR
• Welcome to the weird world of AI agent teams in Science News
• What’s coming next for LLMs and AI agents? in Computerworld
• My AI Agent ‘Cofounder’ Conquered LinkedIn. Then It Got Banned in WIRED

One thread running through recent articles about agents is the idea that they're not exactly replacements for people, that they are something qualitatively distinct. They require a bottom-up reconsideration of how businesses are built, both inside and outside.

Projects

• Open Agent Spec - agent configuration language
• OpenSpace - making agents smarter
• TigerFS - filesystem on PostgreSQL
• OpenShell - safe agent runtime
• AutoAgent - autonomous harness engineering

Lots of "Open" projects appearing lately as people scramble to own the real estate in the standards of the next generation of agents. I suspect we're still very far from a stable ecosystem where standards can be established.

Learning

• A Taxonomy of RL Environments for LLM Agents
• Agent Memory: Building Memory-Aware Agents
• Inside AWS Security Agent: A multi-agent architecture for automated penetration testing
• Pentesting a pentest agent - Here's what I've found in AWS Security Agent
• VulnVibes: Building an AI Agent That Reasons Across Microservices to Find Real Vulnerabilities
• Build reliable AI agents with Amazon Bedrock AgentCore Evaluations

Using agents for security (especially offensive security) has been a massive trend lately. I wonder if there is an opportunity here to actually prove a system is secure, by continuously and dynamically trying to attack it.

Research

• AutoHarness: improving LLM agents by automatically synthesizing a code harness
• From Static Templates to Dynamic Runtime Graphs: A Survey of Workflow Optimization for LLM Agents
• Meta-Harness: End-to-End Optimization of Model Harnesses
• AI Agents Can Already Autonomously Perform Experimental High Energy Physics
• Towards Verifiably Safe Tool Use for LLM Agents
• AgenticTagger: Structured Item Representation for Recommendation with LLM Agents
• AgentLAB: Benchmarking LLM Agents against Long-Horizon Attacks
• Memory for Autonomous LLM Agents: Mechanisms, Evaluation, and Emerging Frontiers
• AI Planning Framework for LLM-Based Web Agents
• SAGE: Multi-Agent Self-Evolution for LLM Reasoning
• Brain-Inspired Graph Multi-Agent Systems for LLM Reasoning
• How Vulnerable Are AI Agents to Indirect Prompt Injections?
• Retrieval-Augmented LLM Agents: Learning to Learn from Experience
• A Subgoal-driven Framework for Improving Long-Horizon LLM Agents
• On the Reliability Limits of LLM-Based Multi-Agent Planning
• AgentSwift: Efficient LLM Agent Design via Value-Guided Hierarchical Search

Dynamic agent design, whether through optimization or evolution or search, seems like an approach with huge potential if it can be done right. Earlier papers discussed the abstract idea of agents building agents, but now there are practical implementations that can be developed further and produce real world results.

Comments, suggestions? Reply to this email, let me know what you think!