← → or h l to move · f fullscreen · esc exit

Living on the Frontier · Session 11 · In-person

The Convergence

May 2, 2026 · The Kannas Hotel, Chiang Mai

Codex left coding behind.

Codex onboarded finance and marketing.

Codex shipped /goal — keep going until it’s done.

Stripe gave agents a wallet.

Cloudflare gave agents an account.

The economic substrate landed in 24 hours.

Cyber shipped from three labs on the same day.

Cyber shipped on Codex, Claude, and Cursor.

Frontier models pulled into defender hands only.

And somewhere, Theo wrote a letter.

Three fronts, one week.

This week

20
Bookmarked tweets — curated since last session
3
Convergent fronts — codex, agentic economy, cyber
24h
Window for the cyber pivot — Apr 30 alone

Part I

Codex Goes Wide

OpenAI bets on universal agent + open-source orchestration.

OpenAI · Apr 30

Codex for everything — the feature drop

"Codex for everything: Dynamic UI for the task at hand. 20% faster computer & browser use. Even better slides and sheets. Annotate in browser, artifacts, and code. Easier to get started. Cleaner design across the app. Performance improvements. No clunky handoff/switching." — Andrew Ambrosino (Codex App lead, OpenAI).

The "what shipped" tweet from inside the Codex team. Headline beats: dynamic UI per task (the agent reshapes its own surface), browser-side annotation, no handoff between tools. The "no clunky handoff/switching" line is the thesis — one agent, every workflow, no mode-shift cost. Pairs with the @embirico "for almost everyone" framing on the next slide.

"Dynamic UI per task — does the agent reshaping its own interface change how you trust what it's doing? Or do you want the surface to stay legible-by-being-static?"

OpenAI · Apr 30

Codex for almost everyone — finance, data, marketing

"Last week: Codex for almost everything. This week: Codex for almost everyone!" — embirico. Onboarding for Finance, Data Science, Marketing. Better sheets, slides, docs. Cleaner design that adapts to your work. 20% faster computer use. Same powerful agent whether or not you're coding.

OpenAI explicitly broadening Codex past devs. Same agent, different role-onboarding flow. Strategic bet: ChatGPT was the universal chat product, Codex becomes the universal agent product. Compare to Anthropic's Claude/Claude Code split (kept distinct). OpenAI is collapsing the split.

"Does the universal-agent positioning beat the specialist-agent positioning? Anthropic kept Claude and Claude Code separate — OpenAI is folding them together. Which works for your team?"

OpenAI · Apr 30

Codex CLI /goal — the Ralph loop, first-class

"/goal also lands in Codex CLI 0.128.0. Our take on the Ralph loop: keep a goal alive across turns. Don't stop until it's achieved." Built by Eric Traut, the Pyright author.

Codex shipping an explicit Ralph-loop primitive. The "don't stop until achieved" mode is what power-users have been hand-rolling with autonomous loops. Now it's a first-class CLI command. Solid pedigree (Pyright author). The framing — "Ralph loop" — is the Twitter-naming of an autonomous agent pattern that didn't have a public name 6 months ago.

"Goal-persistent agents change failure modes. What's the watchdog that catches a /goal that's stuck in a productive-looking loop but actually drifting?"

OpenAI · Apr 29-30

Responses API WebSockets + Codex /side

WebSockets: "As Codex got faster, the bottleneck moved from inference to inefficient API calls. WebSockets keep response state warm across tool calls, helping workflows run up to 40% faster end to end." /side: spawn a side-chat from inside a main thread, keeping current context. Multi-thread UX inside one Codex session.

Two protocol-and-UX shipments. Connection-scoped caching is the WebSockets punchline — same lesson HTTP/3 learned vs HTTP/1.1. /side acknowledges what every power-user does anyway (multiple parallel sessions). Same direction Anthropic went last week with /resume + multi-claude session recaps.

"As inference latency keeps dropping, what becomes the next bottleneck after protocol overhead? Tool-call orchestration? Operator review bandwidth?"

OpenAI

OpenAI Guardrails — drop-in safety wrapper

A configurable safety/compliance layer for LLM apps — drop-in wrapper for OpenAI's Python and TypeScript clients. Built-in checks: Moderation, URL Filter, PII Detection, Hallucination Detection. Plus tool-guardrails that wrap function calls (validate or block before/after execution), and per-agent guardrail attachment (input on first agent, output on final agent).

OpenAI ships the safety layer agent builders have been hand-rolling. Compare to LangChain's guardrail patterns or Microsoft's Presidio — OpenAI is bundling the canonical set into their SDK. The interesting design: tool guardrails (pre/post tool execution) are first-class, not just I/O filters. That matches where agent failure modes actually live (tool misuse, unbounded calls).

"If safety guardrails ship as a drop-in wrapper from the same lab that ships the model, who's still building independent safety tooling — and why?"

OpenAI · open-source

Symphony — manage work, not coding agents

"Symphony turns project work into isolated, autonomous implementation runs, allowing teams to manage work instead of supervising coding agents." Monitors a Linear board, spawns agents to handle tasks, returns proof-of-work (CI status, PR review, complexity analysis, walkthrough videos). When accepted, agents land the PR safely. Apache 2.0. 20K+ stars. Reference impl in Elixir. Has a SPEC.md so anyone can build their own.

The thesis: managing work > managing agents. Point Symphony at your Linear board, walk away, come back to PRs with proof-of-work attached. This is what "harness engineering" looks like at the orchestration layer — the human's job becomes accept/reject, not micromanage. Open-sourcing the spec is the move that matters: OpenAI is establishing this as a pattern, not a product.

"At what team size does work-orchestration beat agent-supervision? When is your codebase ready for a Symphony — what's the harness prerequisite?"

OpenAI · Apr 28

OpenAI lands on AWS Bedrock (limited preview)

"Making OpenAI available on AWS means enterprises can get AI into production faster — across software engineering and other professional workflows." OpenAI's models, Codex, and Bedrock Managed Agents now available to AWS customers in limited preview.

OpenAI's distribution play through AWS. AWS customers can now pull OpenAI models via the same Bedrock API they use for Claude/Mistral/etc. Implication: enterprises that standardized on Bedrock no longer need a side-channel relationship with OpenAI to use Codex. Anthropic's been on Bedrock for ages — OpenAI catching up on enterprise distribution.

"If your enterprise uses Bedrock to abstract the LLM provider, does it make any difference whether you call Codex or Claude? Or has the model layer fully commoditized?"

Part II

Agents Become Customers

The economic substrate ships in 24 hours.

Stripe · Apr 29

Stripe: Link wallet for agents

"Today, we're launching the @link wallet for agents. It lets you securely empower agents to spend on your behalf. Your payment credentials are never exposed and you approve every purchase." One-time-use cards plus machine payment protocols, with per-purchase approval.

The first credible "agent payment" primitive. The interesting design: operator approves requests, not credentials. Same control surface humans get with Apple Pay, but for agents. Implication for everyone building — you no longer need to hand your card over to your agent and pray.

"What's the first thing you'd let an agent buy with bounded credentials — APIs, infrastructure, dependencies, more compute? Where's your trust threshold?"

Cloudflare · Apr 29

Cloudflare: agents are now customers

"Starting today, agents can now be Cloudflare customers. They can create a Cloudflare account, start a paid subscription, register a domain, and get back an API token to deploy code right away." Humans can be in the loop for permission, but no dashboard / no copy-paste tokens / no credit card entry.

Same day as Stripe. Cloudflare is moving faster than every traditional cloud on the agentic-economy substrate. They're betting agents will be a meaningful fraction of cloud customers in 12-24 months and want to own that layer. Implication: agent-native deployment platforms (where the AGENT signs up and provisions, not the human) are about to be a real category.

"If agents can sign up for cloud accounts and deploy code on their own, what's the next thing they'll demand — their own GitHub orgs? Their own legal entities?"

Part III

The Cyber Pivot

Three labs, same day. Frontier security tooling lands.

OpenAI · Apr 30

Sam: GPT-5.5-Cyber rolls to critical defenders

"We're starting rollout of GPT-5.5-Cyber, a frontier cybersecurity model, to critical cyber defenders in the next few days. We will work with the entire ecosystem and the government to figure out trusted access for cyber; we want to rapidly help secure companies/infrastructure."

OpenAI matching Anthropic's Mythos / Project Glasswing playbook from last week. Two frontier labs both pivoting their highest-capability models into restricted cyber-defense channels. The asymmetric-capability framing is now industry standard, not Anthropic-specific. "Trusted access" is the new gating concept — not commercial preview, not waitlist.

"If frontier-class cyber models are now distributed only through trusted-defender channels, how does an independent security researcher get access — or do they get locked out of the frontier permanently?"

Anthropic · Apr 30

Claude Security — scan, validate, patch

"Claude Security is now in public beta for Claude Enterprise customers. Claude scans your codebase for vulnerabilities, validates each finding to cut false positives, and suggests patches you can review and approve." Built into Claude Code on the web — point at a repo, get findings, fix in place.

The validation-to-cut-false-positives line is the real product. Static analysis tools (Snyk, CodeQL) drown teams in low-quality findings. If "validates each finding" actually works, this is a Snyk-killer. The point-at-a-repo + fix-in-place loop closes scan→fix→merge into one session — most security tools dump findings into Jira tickets that age.

"Where does the Claude-validates-findings boundary actually fail? When the model is wrong about a 'false positive' that's actually a real vuln, what's the fallback?"

Cursor · Apr 30

Cursor Security Review — always-on agents

"Run two types of always-on agents: (1) Security Reviewer checks every PR for vulnerabilities and leaves comments. (2) Vulnerability Scanner runs scheduled scans of your codebase and posts findings in Slack." Teams and Enterprise plans only.

Same day as Anthropic. Different shape: PR-time + scheduled, with findings into existing comms (Slack). Cursor's positioning — meet teams in the workflows they already have. Anthropic's — pull teams into Claude Code as the workspace. Bet on which approach wins enterprise.

"Three labs ship cyber tooling on the same day. Coordinated category-creation, or independent convergence on the obvious next product front?"

Quick hits

Cursor SDK
Build agents with Cursor's runtime/harness/models. CI/CD-friendly. @cursor_ai
Cursor Kanban
Drop tasks on a Kanban, agent picks up and completes. @ParthJadhav8
OpenCode 2.0
Distributed sessions, server-can-go-down resilience, embeddable. @thdxr
Claude Code Platform skill
Built-in skill for model migrations, prompt caching, Managed Agents onboarding. @ClaudeDevs
ChatGPT Advanced Security
Phishing-resistant sign-in for high-risk accounts. openai.com
USDOL AI Apprenticeships
Federal portal for AI-focused apprenticeship programs. Trades-style, not university-style. @USDOL

Theo · Apr 30

"A letter to my friends at Anthropic"

"I'm doing this because you work for an evil cult... Your CEO, Dario, does not respect engineers... If you're ready to leave, please hit me up. I have friends at every lab and most startups in the AI world. Most of them would be down to match your current vesting schedules, possibly even go beyond." Theo positions himself as a relocation broker for Anthropic engineers.

The viral mechanics matter less than the framing. Public figures explicitly recruiting out of Anthropic. Either Theo is wrong about the internal culture (bet against), or this lands and you'll see Anthropic engineer departures publicly correlated with Theo posts. The labs are no longer immune from public-figure community pressure.

"Is this kind of public broker-recruiting a one-off Theo move, or a new shape of pressure that founders will have to manage going forward?"

Discussion · Demos · Q&A

What caught your eye?

"Three fronts opened in 72 hours. — Which one do you actually have to plan around this quarter?"

Follow the lab.

QR code
0xnfrith.com/interface

See you next Saturday.

✕ esc
1 / ·