May 1, 2026 - 5 minute read

Agents Cannot Leak Keys They Never See

AI agents do not need your API keys. They need the ability to perform authorized actions. Those are not the same thing. If the model can read a secret, prompt injection can steal it, logs can preserve it, and a rogue agent can spray it anywhere on the internet. The winning architecture is simple: give the agent access to services without giving the agent access to secrets.

Apr 28, 2026 - 4 minute read

OpenClaw vs NanoClaw vs Hermes Agent: Which One Should You Run?

If you’re comparing personal AI agents in 2026, these are the three most interesting open-source options right now: OpenClaw, NanoClaw, and Nous Research’s Hermes Agent. They overlap just enough to create confusion. All three can act across chat interfaces, tools, and real systems. But they are not optimized for the same thing, which means the “best” one depends entirely on what you want the agent to optimize for.

Apr 21, 2026 - 4 minute read

Specification is the Bottleneck Now

Coding agents write the code. Engineering agents run the pipeline. The implementation bit — the part we used to pay senior engineers six figures to do — is mostly solved. And yet the software still doesn’t build itself. Because knowing what to build, with what, how it should work, and how it should be used is its own discipline. Agents didn’t kill specification. They exposed it as the real bottleneck.

Mar 25, 2026 - 5 minute read

Your AI Agent Needs a Menu, Not a Mystery

Every AI agent in 2026 ships with the same onboarding: a blank text box. No indication of what it can do. No signal when it learns something new. Users type “hi,” get a generic response, and never come back. We solved this for BrightHire’s Slack Hiring Agent with a capabilities registry — a single module that tells the user what the agent can do, tells the LLM what it can do, and forces the developer to describe every new feature. One source of truth, three audiences, zero drift.