Links

Things useful or interesting. Annotated occasionally, plain links otherwise. Updated periodically.

Agent Harnesses & Governance

Agent Safehouse — macOS sandbox-exec wrapper for coding agents. Deny-first filesystem policy, but --append-profile is strictly additive — local config can only widen permissions, never tighten them.
Trail of Bits Claude Code Config — The only third-party security hardening guide for a coding agent.
OpenAI Codex Docs (advanced config)
OpenCode Docs (configuration)
Pi / shittycodingagent.ai (design rationale, repo) — Mario Zechner's minimal coding agent. Four tools, ~1000 token system prompt, JSON RPC mode, plugin system. The design philosophy — if you don't need it, don't build it — is as instructive as the code.
Ollama Pi integration
Canarytokens — Free tripwire tokens (fake AWS API keys, DNS canaries, URL tokens) for detecting credential exfiltration. The detection layer for when containment fails.
Trend Micro: What OpenClaw Reveals About Agentic Assistants
SecurityScorecard: Real Security Risks of Agentic AI and OpenClaw
qmx, "The Closing Gates of Open Source" — The fork tension from the maintainer side. Uses Beads as a case study for vibe-coded projects that ship value but carry deep technical debt.

Karpathy, Autoresearch — Constrained agent loop: one file editable, one metric, fixed time budget, keep/revert via git. The harness design is the real work — the scaffolding matters more than the agent's raw capability.
Yegge, "Zero Framework Cognition" — Application code as a thin deterministic shell around AI reasoning. All judgment to the model, all plumbing to the harness.
Yegge, "Vibe Maintainer" — PR governance as agent governance at scale. The decision tree for what to merge, fix-merge, cherry-pick, reimplement, or reject — and why "request changes" is the last resort, not the first.
DGM-H / Hyperagents (Meta) — Self-referential agents where task agent and meta agent share a single editable program. The critical constraint: the agent cannot alter the outer evaluation process.
Darwin Gödel Machine — The predecessor. Open-ended self-improvement in coding via evolutionary archive of agent variants.
silly.business, "We Should Revisit Literate Programming in the Agent Era" — Agents eliminate the extra labor that killed literate programming. Prose-first organization as a constraint on agent output quality.

DeepMind, "Measuring Progress Toward AGI: A Cognitive Framework" (PDF) — Ten-faculty cognitive taxonomy with a three-stage evaluation protocol. Perception, reasoning, metacognition, executive functions, and six others.
DeepMind, "Levels of AGI" (2023) — The predecessor framework. Performance and generality levels analogous to autonomous driving levels.

Phiri, "Filesystems Are Having a Moment" — Filesystem as agent interface layer. The CLAUDE.md / AGENTS.md / .cursorrules fragmentation problem. Files as the original open protocol.

Mezzano — A tour de force of programming. An entire operating system written in Common Lisp by froggey. Image-based, everything from scheduler to GUI compositor is live-redefinable CL. Runs a SWANK server at boot.
SLIME — Superior Lisp Interaction Mode for Emacs. The standard development interface for Common Lisp. Has a Mezzano-specific backend contributed upstream.
swank-client (npm) — JavaScript SWANK client library. Handles the wire protocol — hex-length framing, emacs-rex message construction, response parsing. The bridge piece for connecting non-Emacs tooling to any SWANK server.
agent-shell — Emacs package for running AI agents inside Emacs. The interactive path for watching an agent work through SLIME's existing SWANK connection.
Common Lisp Cookbook — Maintained by vindarel. The most-referenced beginner resource for CL.
Practical Common Lisp — Peter Seibel. The standard introduction.

chezmoi — Dotfile manager. Copy-based (not symlinks), with templating, 1Password integration, and machine-specific conditionals. Drift detection by default.
Ghostty — Terminal emulator. Native splits and tabs, macOS-native clipboard and mouse integration. No need for tmux locally.
mise — Runtime version manager. Replaces asdf, nvm, pyenv, rbenv with a single tool. Respects XDG paths.
fish — Primary shell. Sane defaults, no POSIX baggage, XDG-native.
AeroSpace — Tiling window manager for macOS. i3-like keybindings.
Omachy (site) — Go-based macOS config tool packaging AeroSpace, Ghostty, SketchyBar, JankyBorders, and Neovim into a single installable. Useful reference for SketchyBar and JankyBorders config.
1Password CLI — SSH agent, commit signing, secrets in shell config via op:// references. The trust anchor for the credential chain.