Agents

• Building Your AGENTS.md: The File That Makes AI Actually Work March 6, 2026

  The AGENTS.md file is becoming the single most important piece of configuration in any AI-assisted project. How to write one, what to put in it, and why it matters. Updated with two incidents in two days: Clinejection and Claude Code wiping a production DB via Terraform -- both traceable to constraints never written down.

• Building Agents That Can't Go Rogue: A Practical Safety Guide March 6, 2026

  Practical safety engineering for AI agents -- not theory. Covers real incidents, the accountability gap, kill switches, constraint patterns, and what responsible agent deployment actually looks like. Updated 6 March 2026: MIT/Cambridge survey of 30 agentic systems finds systemic lack of risk disclosure. McKinsey: 80% of orgs have encountered risky agent behaviour.

• The Agentic Turn: Personal AI Agents Are Becoming Infrastructure March 6, 2026

  Personal AI agents are becoming infrastructure, not novelty. Clinejection compromises 4,000 developer machines via prompt injection. OpenAI hires OpenClaw's creator. Cursor Automations goes always-on.

• Clinejection: How a GitHub Issue Title Took Down a 5 Million User Tool March 5, 2026

  In February 2026, an attacker used a GitHub issue title to hijack Cline's AI triage bot, poison its Actions cache, and publish a malicious npm package to 5 million developers. Every failure point was a documented misconfiguration. This is what went wrong, and what you do differently.