ellul

Agentic · 2026-05-01

Agentic coding: a working definition for 2026

Half the industry has adopted the term and almost nobody agrees on what it means. A definition that lasts, the spectrum from chat assistance to autonomous agent, the four runtime properties that separate real agentic coding from the marketing version, and where the current tools sit on the line.

Agentic · 2026-05-01

Designing agentic workflows that work for days

A workflow is not a prompt. It's a loop with a trigger, a context, an action, and a verification step. The anatomy of a workflow that works, three concrete worked examples, an opinionated take on orchestration, and the failure modes that show up the moment workflows leave a happy path.

Security · 2026-05-01

AI agent security in 2026: the real threats

Threat-modeling AI coding agents is not the same as web-app security. The agent has a shell, holds your credentials, and reasons about prompts that may be hostile. A working threat model covering prompt injection, ambient credentials, tool misuse, and exfiltration, plus a runtime checklist that maps the threats to mitigations engineers can actually implement.

Agentic · 2026-05-01

AI pair programmer: how the term aged from 2022 to 2026

'AI pair programmer' was always a strained metaphor, since pair programming is a humans-only practice. The term carried real meaning in the Copilot era, less in the Cursor era, and almost none now that agents run for hours alone. A short essay on what 'pair' should mean today.

Comparisons · 2026-05-01

Cursor alternatives in 2026: when to pick what

The 'Cursor alternative' search has become three different questions hiding under one phrase: editor alternatives, agent alternatives, and runtime alternatives. A category-first map of the space, an honest decision tree, and the cases where Cursor is still the right answer.

Comparison · 2026-05-01

Cursor vs Windsurf in 2026: editor wars year two

Cursor and Windsurf are both VS Code forks with an agent baked in. After a year of feature parity, the meaningful differences in 2026 come down to indexing, MCP defaults, pricing, release cadence, and one question neither product answers.

Hardware · 2026-05-01

AI agents on a Mac mini vs cloud: the numbers

An M4 Mac mini at $599 looks like a free agent runtime. Add power, downtime, no remote access, no passkey gate, and two years of opportunity cost, and the math gets less clean. A worked TCO comparison and a take on when each one wins.

Comparison · 2026-05-01

Managed AI agents vs your-own-agent on a workstation

Two product shapes have emerged. Vendor-managed agents (Devin, Manus) where the platform owns the agent and the runtime, and bring-your-own-agent runtimes where the platform owns the runtime and you bring your CLI. A breakdown of cost, lock-in, and when each is right.

Agentic · 2026-05-01

Building multi-agent systems: what works in 2026

Three architectural patterns for multi-agent systems (pipeline, supervisor, peer) and where each one falls apart in production. A practical builder's view of orchestration, handoff, and the runtime properties you need under any of them.

Architecture · 2026-05-01

Persistent vs ephemeral sandboxes for AI agents

Two architectures dominate the agent-runtime space: ephemeral sandboxes that spin up per session and die at the end, and persistent workstations that exist for the agent's lifetime. They solve different problems, fail in different ways, and are increasingly converging on a hybrid pattern. The honest decision tree.

Deploy · 2026-05-01

Preview deployments for AI agents: live per-branch URLs

When an agent is the one shipping, humans review at the URL, not the diff. Three approaches to preview deployments (Vercel-style ephemeral, Cloudflare Workers, persistent-runtime) and where each one fits.

Engineering · 2026-05-01

Running Claude Code overnight: a practical guide

How to set up Claude Code so a long task (a 6-hour refactor, a dependency upgrade pass, a test-suite migration) runs unattended through the night with passkey-gated git push at the end. The walkthrough, the cost model, and the failure modes that actually show up at 3am.

Sovereignty · 2026-05-01

Sovereign AI: what it actually means for engineers in 2026

The phrase has been hijacked by trade-policy threads about which country trains the next foundation model. For engineers, sovereign AI is the runtime question: who owns the credentials, the context, and the compute the agent runs inside. A working definition, the failure modes that show up when sovereignty is missing, and what the runtime answer looks like.

Architecture · 2026-05-01

Peering: cross-sandbox access without cross-trust

Multi-agent setups want one agent to read another's source code without inheriting that agent's credentials. Most platforms get this wrong by mounting the whole project, .env files included. The peering primitive lets parallel agents collaborate without becoming each other's attack surface.

Agentic · 2026-05-01

Vibe coding tools: a 2026 field guide

Vibe coding has split into two distinct flavors with very different tools: laptop-IDE-with-AI on one side, persistent-agent-on-runtime on the other. The field guide covers what each flavor is good for, the hidden costs nobody talks about, and the moment to graduate from vibe coding to engineering work.

Security · 2026-05-01

Zero-knowledge BYOK: keys the platform can't see

Most BYOK products store your API key encrypted at rest, decrypt it on use, and trust their own infrastructure. Zero-knowledge BYOK removes the trust step entirely. The platform stores ciphertext only, the key is encrypted client-side with a passkey-derived secret, and the server never has plaintext access to the key. The pattern, the cryptographic primitives, the limits.

Engineering · 2026-04-30

Claude Code vs Cursor in 2026: it's the wrong question

Most Claude Code vs Cursor comparisons miss the real problem: both run on your laptop. A senior engineer's take on the agent quality, the editor experience, and why the right answer is to put either of them on a workstation that doesn't sleep.