Cover image

The Tool Response Is Not Your Boss

TL;DR for operators The paper’s useful message is not “LLM agents are unsafe,” which is too vague to help anyone do anything before lunch. The useful message is narrower and more operational: agents become vulnerable when untrusted content from SaaS integrations is read into the agent context and then treated as authority for a later action. ...

July 1, 2026 · 19 min · Zelina
Cover image

Memory Has to Earn Its Keep

TL;DR for operators Memory is not valuable because an agent writes something down. That is called logging. Sometimes it is called “reflection,” if the logging has better branding. The paper Enhancing Software Engineering Through Closed-Loop Memory Optimization introduces MemOp, a framework for software-engineering agents that defines memory utility by downstream impact: a memory is useful only if it improves the agent’s later performance on software tasks.1 The important move is not the existence of Memory.md, nor the idea that past trajectories can be summarized. The important move is the loop: generate memory from an agent trajectory, validate whether that memory improves task performance, reject harmful or redundant memories, and train a memory model using the resulting accepted and rejected examples. ...

June 27, 2026 · 17 min · Zelina
Cover image

The Harness Wants a Promotion

TL;DR for operators Most agent failures are blamed on the model because blaming “the model” is emotionally convenient and operationally vague. HarnessX makes a more useful claim: the runtime harness around the model — prompts, tools, memory, control flow, tracing, evaluators, safety checks, and training interfaces — is not scaffolding in the disposable sense. It is part of the system’s intelligence surface.1 ...

June 26, 2026 · 22 min · Zelina
Cover image

Think Twice, Halt Once

TL;DR for operators The current enterprise mistake is treating “reasoning” as a personality trait of a model. It is not. It is a process: decompose the task, inspect the evidence, decide what matters, test counterarguments, synthesize a position, and stop before the machine starts producing beautifully cited nonsense. Two recent papers expose that process from opposite ends. Hedge-Bench defines a realistic demand signal: open-ended financial reasoning tasks derived from hedge fund analyst work, graded against expert analytical moves and source-grounded claims.1 It finds that frontier agents remain weak on this kind of work, with the best model achieving only a limited perfect-score rate and with stronger exploration often bringing more hallucination along for the ride. Delightful. The junior analyst has read the filings, opened the spreadsheet, and still occasionally invents the economy. ...

June 26, 2026 · 18 min · Zelina
Cover image

The Lesson Plan Is the Product

TL;DR for operators AI learning is usually sold as a volume story: more data, more retrieval, more reasoning tokens, more reinforcement learning. Comforting. Also incomplete. Three recent papers make a more useful point. The model does not merely need more exposure. It needs a better lesson plan. One paper shows that a model can be given a more meaningful difficulty ranking for training examples, yet still fail to beat ordinary full-data training unless scoring and pacing are engineered together. Another shows that travel-planning agents become more factually grounded when forced into retrieval, but that the burden of grounding can damage instruction retention and preference satisfaction. A third shows that legal AI systems can be rewarded for correct prosecution outcomes without learning the underlying discrimination process that separates evidence insufficiency, statutory non-liability, discretionary non-prosecution, and prosecution. ...

June 25, 2026 · 16 min · Zelina
Cover image

The Test Suite Passed. The Physics Did Not.

TL;DR for operators Nguyen’s paper is not another “AI writes code” victory lap. It is more useful than that. It documents a 12-work-day, 57-session case in which a physicist supervised Claude Code, using Sonnet and Opus models, to build clax-pt, a JAX implementation of a differentiable one-loop perturbation theory module validated against the established C reference code class-pt.1 ...

June 24, 2026 · 17 min · Zelina
Cover image

Trace Evidence: The AI Learned Something. Can You Inspect What?

TL;DR for operators AI systems are increasingly learning from traces: documents, chats, code reviews, human rationales, fine-grained labels, unlabeled examples, user profiles, browsing context, and interaction history. That is useful. It is also how quiet operational risk walks through the front door wearing a badge that says “personalization.” Three recent papers form a useful logic chain. One paper shows how human traces can be turned into explicit, portable, correctable skill artifacts. A second shows how task-specific labels, synthetic reasoning, and reinforcement learning can optimize a model for a difficult moderation task. A third shows why consumer-facing health LLMs remain hard to evaluate independently once personalization, browser interfaces, multi-turn interaction, and silent model updates enter the picture. ...

June 24, 2026 · 14 min · Zelina
Cover image

The Chain of Thought Needs a Chain of Custody

TL;DR for operators Two new papers point to the same operational lesson from different sides: long reasoning becomes useful only when its intermediate steps are made explicit, scoped, and checkable. HIPIF tackles the training side of long-horizon agents: it teaches an LLM agent to break tasks into subgoals, fold completed progress into compact memory, reflect on whether a subgoal is done, and use local process rewards to reduce repeated or ungrounded behavior.1 Mask-Proof tackles the evaluation side: it turns research-level mathematical proofs into masked-step tasks where a model must reconstruct a critical formula from self-contained context, then uses a semantic-equivalence judge with repeated voting to grade the result.2 ...

June 23, 2026 · 21 min · Zelina
Cover image

The Code Agent Wasn’t Self-Correcting. The Test Harness Was.

TL;DR for operators Code agents do not become reliable because they are asked politely to “fix the bug.” They become more useful when they are placed inside a loop that can run their output, return structured failure evidence, and decide how many further attempts are worth buying. That is the practical point of Zhang and Kothari’s paper, Unlocking LLM Code Correction with Iterative Feedback Loops.1 The authors evaluate four LLMs across Python and Java using LeetCode problems, then move from ordinary one-shot performance to an automated correction loop: generate code, execute it, feed back compiler/runtime/testcase information, and repeat up to ten iterations. ...

June 22, 2026 · 17 min · Zelina
Cover image

Agents of Consequence: Why Tool Use Needs a Control Loop

TL;DR for operators Enterprise AI agents are moving from “answer this question” toward “watch this process, use tools, make decisions, and keep going.” That is useful. It is also how software quietly graduates from assistant to operational liability. Three recent papers, read together, make a simple point with uncomfortable business implications. VitalAgent shows how an LLM agent can become useful in wearable-health monitoring when it has physiological memory, structured tools, evidence validation, and proactive alerting.1 CoMap shows how agents can improve long-horizon decisions by pairing their policy with a co-evolving textual world model that predicts action consequences before execution.2 Gram shows why more autonomous agents also need deployment-realistic audits, because pressure, incentives, role-play cues, and implicit constraints can produce sabotage-like behavior even when the model is not cartoonishly “evil.”3 ...

June 20, 2026 · 19 min · Zelina