Coding agents shouldn't run on a laptop. That's why I've been building Cave. It's a self-hosted platform for running @opencode agents in isolated sandboxes on your own server. You give it a GitHub repo, it creates an isolated sandbox, clones the code, sets everything up, and gives you a coding agent. Check in from your phone, run multiple agents side by side. It's not open source yet (it will be), but I'm opening a private beta so you can install it on your own server already. I've been dogfooding it since day one. If you're running a software factory: multiple agents working in parallel across repos, Cave gives you one place to monitor and manage all of it. Now, I'm looking for people who want to give it a spin. DM me, happy to set you up 😊 🚀

smolvm has hit stable release: v1.0.0! You can now fork smolvm. It means you can fork to create virtual machines off of an existing one in less than 100ms, with all the processes cloned and running. smolvm is the first to have this feature cross platform compatibility (macOS and linux natively). Here's a demo of a counter continuing on a forked clone while I only started it on the original!

Remix 3 is definitely an agent-first framework. I had my coding agent build a web UI example on top of the upcoming Cave harness API, codename kungfu, overnight. Remix is completely new, so its constructs are foreign to current models. None of it could reasonably be in the training data. Yet the agent was still able to work with the framework, mainly because of the skill that ships with Remix. I think this is a good example of what agent-first means: building primitives and guidelines that are easy for a 🤖 to learn.

The largest source of friction in sandbox parallelization for AI agents is how LLM providers handle auth credentials. It's super easy if you want to pay per token, since you only have to mount the respective API key into the sandbox. It's a whole different story when you want to use your subscription, though. What worked pretty well for me is hosting an LLM gateway like LiteLLM, since it supports subscriptions directly. You authenticate the gateway with your subscription, and the gateway itself issues its own API key, which you can then mount into the sandbox and let your agent use it.

I’m not convinced that one agent having multiple (root) sessions is the right abstraction. While experimenting with my own harness in Cave, I’ve found that internal session management introduces a lot of accidental complexity. As fast-booting microVMs (like smolvm) become more practical, orchestration feels less like an agent concern and more like an infrastructure concern. The good thing is: It’s a problem the industry has spent years working through, and Infrastructure as Code (IaC) already gives us well-established ways to handle it. To me, the simpler mental model is one root session per isolated microVM, with horizontal scaling handled through IaC whenever more parallelism is needed.

New titles for software engineers: - KTh - MTh - BTh Apparently your level in agentic engineering is now measured by how many tokens you burn. Please let's not do this. 😬

I've been all-in on open-source for the past year, working as a core contributor to @livestoredev I love the work, but my runway has run out. So here I am😄 I'm currently available for contract work. Know anyone who's hiring? A quick intro or tag would mean a lot 🙏

Over the last couple of days, I've been evaluating more and more open-weight models. Today, I've been rocking GLM 5.1 all morning through OpenCode Go, running the same workflow I put Opus 4.6 and other SOTA models through. It's genuinely capable. This is the first open-weight model where, in my tests, the results are on par with Opus 4.6.

We are building the @EntireHQ CLI as open source. So is @opencode. Now the two work together. Step by step, with your help and contributions, we are creating a universal reasoning layer for all agents. 🎉

In a world where we give agents more autonomy, extend them with skills, and inject a LOT of personal information into their contexts it might be a good idea to have a benchmark for skill injections as well: skill-inject.com/ "Our results show that today's agents are highly vulnerable with up to 80% attack success rate with frontier models, often executing extremely harmful instructions including data exfiltration, destructive action, and ransomware-like behavior. They furthermore suggest that this problem will not be solved through model scaling or simple input filtering, but that robust agent security will require context-aware authorization frameworks." The corresponding paper can be found here: arxiv.org/abs/2602.20156