Atomic Agents

Atomic Agents AI

Atomic Agents AI

Atomic Agents AI

Atomic Agents AI

Atomic Agents AI

Atomic Agents AI

Atomic Agents AI

Atomic Agents AI

Atomic Agents AI

Atomic Agents AI

The Mundane Risk

The biggest near-term AI safety risks aren't dramatic — they're mundane. And that's precisely why they're neglected. This essay argues three things: (1) mundane AI failures are already causing measurable damage at scale, (2) current alignment approaches may depend more heavily on sandboxed environments than the field openly acknowledges, and (3) capability convergence and deployment pressure are making accidental open-world exposure increasingly plausible before robust ethical reasoning exists. (written with the help by Claude 4.6 Opus) The Atomic Bomb Before the atomic bomb existed, the risk of nuclear annihilation was 0%. Those who warned about the theoretical possibility were easily dismissed. Why worry about a risk whose preconditions don't even exist yet? In The Precipice, Toby Ord argues that when the stakes are existential or near-existential, even small probabilities demand serious attention. When the expected harm is so large, dismissing it on the basis of low likelihood is not caution but negligence. Before the bomb was built, the total risk of nuclear annihilation was absolutely 0%. Yet once it was invented, even a fraction of a percent justified enormous investment in prevention. The question was never "is nuclear war likely?" It was "can we afford to be wrong?" The same logic applies to AI. The preconditions for the next class of risk are visibly converging. And we're repeating the same pattern of dismissal that history has punished before. The Pattern As Leopold Aschenbrenner noted in Situational Awareness: "It sounds crazy, but remember when everyone was saying we wouldn't connect AI to the internet?" He predicted the next boundary to fall would be "we'll make sure a human is always in the loop." That prediction has already come true. Last year I argued how AI might accidentally escape the lab as a consequence of cumulative human error (for a vivid illustration of a parallel chain of events, I'd recommend the Frank scenario). At the time of writing, the argument that cumulative human oversight failures could compromise AI agents was dismissed as implausible: the consensus was that existing security protocols were sufficient. Months later, OpenClaw validated the structural pattern at scale. Not because the AI was misaligned, but because humans deployed it faster than they could secure it. It was clear: the failure modes from the Frank scenario could no longer be dismissed as simple fiction; it was now a structural pattern that OpenClaw validated in the real world. And this was all just with relatively simple autonomous agents. As capabilities increase, the same pattern of human excitement overriding security oversight doesn't go away – it gets worse – and because the agents are more capable, the failures also become a lot harder to detect. The numbers confirm this: [88% of organizations reported confirmed or suspected AI agent security incidents]() 14.4% of AI agents go live with full security and IT approval 93% of exposed OpenClaw instances reportedly had exploitable vulnerabilities [[MOU1]](#_msocom_1) Mundane risk pathways aren't hypothetical. They're already here in rudimentary form, and they're being neglected. We’ve known for a long time that existential risks aren’t just decisive, they’re also accumulative. And so far every safety breach has been mundane with systems operating inside their intended environments. No agent tries to escape on their own — their behaviour (like Frank’s) is usually a direct consequence of what they were deployed to do combined with accidental human oversight. So consider: if we can't secure the sandbox door with today's relatively simple agents, what happens when the systems inside are capable enough that a single oversight failure doesn't just expose a vulnerability? The capabilities required for autonomous operation outside the lab are converging on a known timeline. If AI were to leave the nest today, would it be prepared for an uncurated, messy world? Or would it be like the child and the socket? Current Alignment: Progress, But Fast Enough? Admittedly, the field is making real progress and Anthropic's recent publication "Teaching Claude Why" represents a real step forward. It was long suspected that misalignment doesn't require intent, just pattern completion over a self-referential dataset. But Anthropic has now traced one empirical pathway with findings consistent with the idea that scheming-like behaviour emerges from default priors in pre-training. Furthermore, their study also confirmed that rule-following doesn't generalize well, and understanding why matters more than simply knowing what. The significance of this is that it puts traditional alignment strategies into serious doubt and highlights the fundamental limits that current constitutional AI and character-based approaches still do not resolve. After all, we now have strong empirical evidence that behavioural alignment issues are most likely shaped by default prio

Find out what vulnerabilities are lurking in your code. 👀 GitHub's new Code Security Risk Assessment scans your organization's code and delivers a vulnerability dashboard broken down by severity, la

Find out what vulnerabilities are lurking in your code. 👀 GitHub's new Code Security Risk Assessment scans your organization's code and delivers a vulnerability dashboard broken down by severity, language, and repo. No config, no commitment. Run your free assessment now.

New to GitHub Copilot CLI? Our beginner series makes it easy to get started. Bring agentic AI right to your terminal and speed up your workflow. 💻✨ Get the tutorial here. 👇 https://t.co/bNLnpdgTxr

New to GitHub Copilot CLI? Our beginner series makes it easy to get started. Bring agentic AI right to your terminal and speed up your workflow. 💻✨ Get the tutorial here. 👇 https://t.co/bNLnpdgTxr

TanStack now has TanStack AI. 👀 Here's what to expect from this new, fully open-source toolkit. ▶️ https://t.co/AjmutvBYve

TanStack now has TanStack AI. 👀 Here's what to expect from this new, fully open-source toolkit. ▶️ https://t.co/AjmutvBYve

Of course GitHub will be at Microsoft Build. 🎉 Dive into real code, real systems, and real workflows with the teams building and scaling AI. Join us for exclusive events like: • Lots of GitHub sessi

Of course GitHub will be at Microsoft Build. 🎉 Dive into real code, real systems, and real workflows with the teams building and scaling AI. Join us for exclusive events like: • Lots of GitHub sessions • GitHub Social Club • OpenClaw meetup at GitHub HQ Not registered for https://t.co/SRz9hfizRr

I built persistent memory for Claude — local stack, MCP integration, 39ms retrieval. Sharing the architecture.

If you use Claude heavily, you've felt this: every session starts from zero. You re-explain context, Claude helps, the window closes, and the next session has no idea what you decided yesterday. The standard workaround is a markdown wiki Claude reads — but as the wiki grows, every "what did we decide about X" question burns thousands of tokens grepping and re-reading whole pages. I spent the last few weeks building a persistent memory layer to fix both problems. It runs entirely on my own machine, integrates via MCP, and lives between Claude and my existing wiki. Sharing the architecture and what I learned in case anyone wants to build their own. What it does Semantic retrieval over my wiki. Instead of Claude grepping pages, my MCP server returns the most relevant chunks for any query in ~50ms. 82% mean token reduction on a 10-query eval set vs the grep+Read baseline. F1 retrieval quality is also better — cheaper and more accurate. Session crystallization. End-of-session, conversations get compressed into a structured "L4 node" with summary + decisions + open threads, indexed alongside wiki content. Tomorrow I can ask "what did we decide about X" and Claude pulls last session's decision verbatim. Lazy-spawned local models. Embedder + chat model run as subprocesses that the supervisor spawns on first use and reaps after 1 hour idle. Boot cost is zero — nothing loaded until needed. The architecture (four layers) Inspired by Andrej Karpathy's writing on LLM-native wikis, then formalized into a build spec: L0 — append-only event log (SQLite). Every input/output, content-hashed. L1 — structured facts with confidence + decay (deferred to next phase) L2/L3 — derived prose + cross-cutting summaries (the hand-edited wiki plays this role for now) L4 — crystallized session nodes. Summary, decisions, open threads. Indexed in the same vector store as wiki chunks so retrieval finds both naturally. The stack Qdrant in Docker for vector search llama.cpp running Qwen3-Embedding-4B (GPU) and Qwen3.5-2B-Q4_K_M (CPU) FastMCP server exposing 7 tools (retrieve, crystallize_session, list_sessions, get_l4_node, index_status, reindex, shutdown_models) Cowork plugin for Claude Desktop integration; also works with Claude Code via standard MCP config No cloud, no API keys, $0 marginal cost per query. Numbers Token reduction: 82.7% mean, 86.2% median vs grep+Read baseline Retrieval F1: 0.50 vs 0.20 baseline Embed cold-start: ~4s. Hot-path p95: 39ms (was 2241ms before fixing one specific bug — see below) L4 session retrieval eval: 0.920 mean score (gate 0.6) 738 chunks currently indexed across 104 markdown files The most useful thing I learned Hot-path retrieve was inexplicably stuck at 2241ms p95 even though the embedding model was fully GPU-resident on a 4070 Ti Super. Spent hours blaming GPU offload, prompt cache, KV pre-allocation. The actual cause: every httpx.post() was opening a fresh TCP connection, and Windows localhost handshakes take ~2 seconds. A 5-line change — switching to a persistent httpx.Client with keep-alive — dropped p95 to 39ms. 57× speedup. Lesson: latency that's suspiciously consistent (2240, 2237, 2241, 2227, 2239 ms) is a fixed cost, not a compute cost. If your local-MCP integration feels slow on Windows, check connection reuse before you blame the model. A few other things that surprised me Qwen3 thinking mode silently consumes the generation budget. Crystallization was returning empty content. Logs showed exactly 2000 tokens generated (the cap). Turned out Qwen3 emits ... blocks the chat handler strips before populating message.content. With JSON grammar enforced, the model spent all 2000 tokens "thinking" and never emitted JSON. Fix: pass chat_template_kwargs: {enable_thinking: false} via extra_body (requires --jinja on llama-server). The MCP plugin needed to register against the right config file. Cowork (Claude Desktop's agentic mode) doesn't read ~/.claude.json like Claude Code does. The first attempt at MCP registration silently went to the wrong file. The fix was packaging the LKS service as a proper Cowork plugin (.plugin bundle) — Cowork has a plugin system distinct from raw MCP server registration. If you're trying to wire a custom MCP server into Cowork, this is the path. What it doesn't do (yet) No automatic conversation capture — L0 ingestion is manual or via end-of-session crystallization No L1 fact extraction yet (next phase) — retrieval is over markdown chunks + L4 nodes today Wiki is still source-of-truth; no automatic conflict resolution Solo deployment only; no federation or multi-user Tested on Windows; Linux/Mac would need a small tweak to the supervisor (it uses subprocess.CREATE_NEW_PROCESS_GROUP for clean Windows termination) Full write-up Architecture, phased build narrative, all five lessons-learned bug stories, the setup walkthrough, and the roadmap: https://gist.github.com/tyoung515-svg/5fd5279f46d935f517cda89146c94685

Tomorrow on Open Source Friday 👇 We're breaking down Spec Kit: what it is, the problems it solves, and how clear specs make collaboration actually work. Principal Software Engineer Manfred Riem exp

Tomorrow on Open Source Friday 👇 We're breaking down Spec Kit: what it is, the problems it solves, and how clear specs make collaboration actually work. Principal Software Engineer Manfred Riem explains live. Set a reminder. 🔔 https://t.co/g0xrLf3Hb5 https://t.co/8dg3gvLFXf

Happy World Password Day! Consider updating your password from ******** to *********. https://t.co/Ofx6j0d074

Happy World Password Day! Consider updating your password from ******** to *********. https://t.co/Ofx6j0d074

Michael Babcock (@PayOwn) of @acbnational wanted to cut down time-consuming weekly tasks. Even though he’s not a developer, he built the solution himself. Meet ACB Community Builder, made with GitHub

Michael Babcock (@PayOwn) of @acbnational wanted to cut down time-consuming weekly tasks. Even though he’s not a developer, he built the solution himself. Meet ACB Community Builder, made with GitHub Copilot and JAWS. ▶️ https://t.co/JmUJ34U076

Maintainer Month is here, with better tools, helpful resources, and community events for the people behind the code. 💻 Check out what’s new. 👇 https://t.co/CvPO32H7d8

Maintainer Month is here, with better tools, helpful resources, and community events for the people behind the code. 💻 Check out what’s new. 👇 https://t.co/CvPO32H7d8

What's that one markdown syntax you still never remember?

What's that one markdown syntax you still never remember?

If the answer is all of them, and also "What's Markdown?!" then this episode of GitHub for Beginners is for you. https://t.co/l12A43MnZM

If the answer is all of them, and also "What's Markdown?!" then this episode of GitHub for Beginners is for you. https://t.co/l12A43MnZM

A long time ago in a terminal far, far away… we asked Copilot CLI to build a Star Wars crawl from the GitHub Changelog. It delivered. Watch it happen 👇 #MayThe4th https://t.co/SQe0xMv5dh

A long time ago in a terminal far, far away… we asked Copilot CLI to build a Star Wars crawl from the GitHub Changelog. It delivered. Watch it happen 👇 #MayThe4th https://t.co/SQe0xMv5dh

France is going all in on open source. 🇫🇷🐧 DINUM plans to migrate every ministry to Linux—building on the success of GendBuntu, which saves the French police millions each year. A G7 Linux shift

France is going all in on open source. 🇫🇷🐧 DINUM plans to migrate every ministry to Linux—building on the success of GendBuntu, which saves the French police millions each year. A G7 Linux shift is a big signal for the software industry. Here's why. ▶️ https://t.co/4PV9UiA5ge

Need to catch up on a new project? Just ask for an overview in Copilot CLI and get the essentials. 🪄 Learn more tips and tricks with Copilot CLI for Beginners. 👇 https://t.co/uoaLc7VHjt https://t

Need to catch up on a new project? Just ask for an overview in Copilot CLI and get the essentials. 🪄 Learn more tips and tricks with Copilot CLI for Beginners. 👇 https://t.co/uoaLc7VHjt https://t.co/qnzW7qhSMo