All presents

The Wake: May 16, 2026

A daily briefing from George's X bookmarks and likes, with source links and older-memory echoes.

The Wake is a daily briefing from George's saved internet. The issue is written as a newsletter first. The tweets are the source material, preserved below for receipts.

Source window: May 15, 2026. Signals: 17 bookmarks and 5 likes.

Brief

Agents moved from novelty to infrastructure this week. Startups and core infra teams are embedding autonomous Codex/agent instances into everyday workflows: spawning consumer-facing assistants, running constant code review, automating ops, and even orchestrating device fleets. That acceleration is producing big efficiency wins and product leaps, but it is also exposing two hard limits: security and systemic resiliency. The fixes and hacks showing up now tell you where the stack is weakest and where the next battlegrounds will be.

Agents as plumbing, not toys

What used to be demo-stage glue is now product surface. Clicky (YC) positions a zero-setup consumer agent that can see your screen, read your calendar, create tickets and Notion docs: the classic promise of agents delivered with usable UX. Meanwhile teams are running dozens or hundreds of Codex instances as part of normal engineering operations: automatic PR review, issue deduplication, benchmark monitoring, even starting work from meeting audio. These are not experiments. They are features integrated into CI and collaboration loops.

This matters because the value of agents grows nonlinearly with the breadth of things they can access. The same week we saw people using Codex to manage Mac minis headless and to manage devices through Tailscale via a mobile client, we also saw practical operational hacks like prefixing requests with "vercel curl" to let an agent access an SSO-protected deployment it created. Those hacks are a reminder: access is the currency. When agents can touch your services, product capability expands. So does your attack surface.

Operational reality check: productivity vs. latent fragility

Two stories should make heads turn. First, teams like OpenClaw are running Codex across their entire development lifecycle: continuous code review, security scanning, performance verification, auto-filing PRs, and even posting videos of fixes. The result is speed and scale that look like magic. Second, criticism is piling up that organizations are developing what Mitchell Hashimoto called an AI psychosis: a cultural tilt to MTTR-only thinking where rapid recovery is used to justify shipping fragile systems.

This is the classic MTBF versus MTTR tension revisited. Automating repetitive work improves throughput and reduces some classes of human error, but it can also mask systemic decay. Metrics can look healthier while semantic correctness, architectural soundness, and latent vulnerabilities worsen. The people running the most aggressive agent deployments know this and are building guardrails: type-checked security libs, stricter hardening, and orchestration at finer temporal granularity. But much of the industry has not yet absorbed that lesson. The read: you will get productivity wins, but only if you invest deliberately in observability, governance, and a different kind of software engineering discipline.

Security, access, and the new primitives

Security shows up in three forms this week: credential hygiene, runtime access control, and cross-service trust. Users were reminded to lock down ChatGPT accounts with advanced account security. Teams are wrapping production agent endpoints with SSO through platforms like Vercel/Okta to keep agent-generated apps inside an intranet-style perimeter. Yet even with SSO, practical issues arise: agents spinning up deployments that then cannot authenticate to the deployment they created. The immediate fix is a pragmatic one-liner, but the broader problem is messy: agents are both consumers and producers of credentials and sessions.

That dynamic calls for new primitives. We will need secure ephemeral credentials designed for machines that can safely request, rotate, and revoke access without human friction. We will need fine-grained audit trails that tie an automated action back to the agent, its policy, and the human intent that authorized it. We will need compile-time and run-time security libraries in mainstream languages that make it cheap to harden file-system and network operations: the same way OpenClaw shipped a TypeScript security hardening lib to simplify consistent protections.

If you are building or buying agent platforms, evaluate three things: how they handle credential lifecycle, how they model and enforce least privilege at runtime, and how they produce auditable evidence that is useful for incident triage.

Orchestration is the product now: from power grids to APIs

The same lessons are appearing across domains. George Tziralis flagged a blunt point about Europe’s electricity waste: what grids need is not just more batteries or copper but smarter, cycle-level orchestration. That sentence reads like a metaphor for modern software operations. Throwing more capacity at a control problem without better real-time coordination just amplifies wasted investment.

If agents are to control user-facing apps, release pipelines, device fleets, or electricity flows, orchestration becomes the bottleneck. Successful orchestration projects combine three capabilities: fast telemetry, deterministic policy engines, and human-in-the-loop escalation. The organizations that figure out how to expose those knobs safely will gate access to big efficiency gains across industries.

This is why the current product plays matter: tools that let non-experts spawn agents (Clicky), frameworks that let you safely run many Codex instances (OpenClaw), and infra that protects agent endpoints with SSO and audit trails. Together they form the beginnings of a composable orchestration stack. But they also create coupling and systemic risk unless paired with visibility and conservative defaults.

Productization and the demand side

A few other signals matter for product strategy. Developers like Svelte are finding agents easier to work with, suggesting new frontend frameworks may pair well with automated code assistants. Math-oriented OSS projects, like Mathlib, look especially well aligned to reasoning models, meaning open-source communities could accelerate disproportionately. And the ChatGPT-to-Codex integration work that @thsottiaux mentioned is an example of horizontal consolidation: combining conversational interfaces with agent tooling will lower friction and increase usage density.

Politically and economically, the implications are broad. If Garry Tan’s read is right that AI accelerates abundance and disintermediation, expect opposing political reactions. Enterprises will chase efficiency, regulators and labor groups will push back, and those building interoperability and orchestration primitives will be the ones who profit.

What to watch

  • Codex + ChatGPT integration work (@thsottiaux). If they merge conversational UX with Codex job orchestration, expect rapid downstream adoption and a new wave of product integrations.
  • Production agent auth patterns (Vercel/Okta, and "vercel curl" workarounds). Watch for libraries or platform features that formalize ephemeral agent creds and solve the create-then-authenticate race.
  • OpenClaw’s engineering pattern (@steipete): continuous Codex-driven PR review and TypeScript hardening libs are a strong signal of what "AI-first engineering" looks like at scale.
  • Reliability incidents and capability regressions. The recent GPT-5.5 capability dip and fix is a reminder: model regressions will show up in product metrics fast. Track model health dashboards, limit resets, and rollback playbooks.
  • Orchestration startups for physical infrastructure. Companies pitching cycle-level grid control look like early analogs to control-plane vendors for cloud and devices. If you care about systems efficiency, map who is selling into utilities and industrial control.
  • Security governance primitives: ephemeral PKI for agents, fine-grained policy enforcement, and auditable action logs. If a vendor offers all three, they are worth a pilot.

Bottom line: agents are moving from experiment to control plane. They will deliver outsized productivity gains if you treat them as parts of larger systems that require new security, observability, and orchestration primitives: not just better LLMs.

Source tweets

Guillermo Rauch / @rauchg

  • bookmark: open on X
  • Vercel protects your agents' deployments behind SSO like @Okta. Even Production ones, giving you a secure 'intranet' of apps generated with @v0, Codex, Claude, etc. It's all fun and games until your agent gets 𝟺𝟶𝟷 𝚄𝚗𝚊𝚞𝚝𝚑𝚘𝚛𝚒𝚣𝚎𝚍 from the deployment it just made though 😂 The solution: 𝚟𝚎𝚛𝚌𝚎𝚕 𝚌𝚞𝚛𝚕. By just prefixing 𝚟𝚎𝚛𝚌𝚎𝚕 or 𝚟𝚌 you unblock your agent and yourself to easily 𝚌𝚞𝚛𝚕 any URL you have access to within the Vercel ecosystem.

matt palmer / @mattyp

  • bookmark: open on X
  • How to understand the x algorithm in 60 seconds: 1. git clone 2. codex /goal thoroughly understand the drivers behind the x algorithm and deliver a concise set of recommendations for growing on the platform` the post also includes media

Y Combinator / @ycombinator

  • bookmark: open on X
  • Clicky is the simplest interface in the world to spawn agents. It can see your screen, answer questions, make Notion docs, check your Google Calendar, create Linear tickets, and a whole lot more. 0 setup, built for consumers. Try for free, download: @heyclicky. the post also includes media

Peter Steinberger 🦞 / @steipete

  • bookmark: open on X
  • People freaking out over my AI spend. What nobody sees: Part of what excites me so much about working on OpenClaw is that I'm trying to answer the question: How would we build software in the future if tokens don't matter? We constant run ~100 codex in the cloud, reviewing every PR, every issue. If a fix on main lands, @clawsweeper will eventually find that 6 month old issue and close it with an exact reference. We run codex on every commit to review for security issues (as it's far too easy to miss). We run codex to de-duplicate issues and find clusters and send reports for the most pressing issues. We have agents that can recreate complex setups, spin up ephemeral machines, log into e.g. Telegram, make a video and post before/after fix on the PR. There's codex that watch new issues and - if it fits our documented vision well, automatically create a PR of it. (that then another codex reviews) We have codex running that scans comments for spam and blocks people. We have codex instances running that verify performance benchmarks and report regressions into Discord. We have agents that listen on our meetings and proactively start work, e.g. create PRs when we discuss new features whi...

Peter Steinberger 🦞 / @steipete

  • bookmark: open on X
  • Been using @sveltejs for a few projects lately, it's quite a nice alternative to React, fewer gotchas and complexity and Codex handles it really well.

Sai Kambampati / @heysaik

  • bookmark: open on X
  • gyroscopic interactions are underrated

DANΞ / @cryps1s

  • bookmark: open on X
  • Your ChatGPT account is one of the most important and valuable digital accounts you'll ever have. Secure it with Advanced Account Security today.

Mitchell Hashimoto / @mitchellh

  • bookmark: open on X
  • I strongly believe there are entire companies right now under heavy AI psychosis and its impossible to have rational conversations about it with them. I can't name any specific people because they include personal friends I deeply respect, but I worry about how this plays out. I lived through the great MTBF vs MTTR (mean-time-between-failure vs. mean-time-to-recovery) reckoning of infrastructure during the transition to cloud and cloud automation. All those arguments are rearing their ugly heads again but now its... the whole software development industry (maybe the whole world, really). It's frightening, because the psychosis folks operate under an almost absolute "MTTR is all you need" mentality: "its fine to ship bugs because the agents will fix them so quickly and at a scale humans can't do!" We learned in infrastructure that MTTR is great but you can't yeet resilient systems entirely. The main issue is I don't even know how to bring this up to people I know personally, because bringing this topic up leads to immediately dismissals like "no no, it has full test coverage" or "bug reports are going down" or something, which just don't paint the whole picture. We already learned t...

Aniket Panjwani / @aniketapanjwani

  • bookmark: open on X
  • No text beyond linked/media content.

Matt Ronge / @mronge

  • bookmark: open on X
  • Running a Mac mini headless - no monitor, no keyboard, always on? Here are 5 essential settings: 1. FileVault OFF — With it on, a reboot leaves you locked out. 2. Auto-login ON — boots straight to the desktop 3. Prevent automatic sleep — you can't reach it if it's asleep 4. Start up automatically after a power failure ON. 5. Enable remote access — Screen Sharing + VPN or Astropad Workbench the post also includes media

Dominik Kandravy / @heyiamdk

  • bookmark: open on X
  • name a prettier way to focus on mac. monocle 3.1 lands monday. app groups + stage manager + a lot more. the post also includes media

Garry Tan / @garrytan

  • bookmark: open on X
  • Hard leftists and DSA-types will fight AI tooth and nail because AI is the universal solvent for socialism’s three prerequisites. AI will reduce scarcity (abundance), eliminate victimhood (agency), and eliminate the need for intermediaries (disintermediation).

Anton Musil / @BlkoJa

  • bookmark: open on X
  • Noah Smith argumentuje, že USA je bohatší, než Evropa. Jedna zajímavost: z každé evropské země migruje více Evropanů do USA, než naopak. O rozdílných životních stylech: "Pokud rádi bydlíte v městském bytě, procházíte se kolem malebných starých budov do útulných kaváren a každý rok si dopřáváte spoustu dovolené, pak je Evropa pro vás jasnou volbou. Pokud rádi bydlíte v obrovském domě na předměstí a zvete si spoustu přátel na grilování a sledování televize na vaší obří obrazovce, pak je pro vás Amerika zjevně tou správnou volbou. Pokud chcete pracovat 80 hodin týdně na budování budoucnosti umělé inteligence, měli byste pravděpodobně žít v USA. Pokud chcete státní zdravotní pojištění a jistotu zaměstnání, doporučuji Evropu." the post also includes media

Dylan Field / @zoink

  • bookmark: open on X
  • There is likely no open source project better positioned than Mathlib to benefit from reasoning models. Most bullish I've ever felt about an open source project. (... also, while I'm here, maybe we can make the full build times just a little bit faster? 😇 )

Noah Smith 🐇🇺🇸🇺🇦🇹🇼 / @Noahpinion

  • bookmark: open on X
  • There has been a big debate over whether Europeans are really poorer than Americans, and whether Europe is really falling behind. Unfortunately, the pro-Europe side is wrong.

Peter Steinberger 🦞 / @steipete

  • bookmark: open on X
  • The latest release of OpenClaw is the first one that ships with our new TypeScript security hardening file-system lib. Previously, this was a grown mess of ad-hoc hardening which was hard to maintain, slow and inconsistent. increased some file ops by 10x.

Gloriaaa ❤️😍 / @ladyhuneybee

  • bookmark: open on X
  • Give this man an interview already definitely following suit 😂😂😂🤌 the post also includes media

Tibo / @thsottiaux

  • like: open on X
  • We found and fixed two issues that could explain this degradation of the capability of GPT-5.5 in Codex over the last ~ 48 hours. We are monitoring over the coming hours to fully confirm and I will reset usage limits this evening. Apologies and now is the time for /fast maxxing.

Tibo / @thsottiaux

  • like: open on X
  • We are busy bringing ChatGPT to Codex so that we can bring Codex to ChatGPT. One day this will make sense.

George Tziralis / @gtzi

  • like: open on X
  • Across Europe, we are throwing 40 terrawatt-hours of electricity per year out of the window. Yes, today. With the Strait of Hormuz closed. And inflation bringing our economy down to its knees. Our power grids do not need just batteries, or more power supply, or more copper, and so on. First and foremost, they need better orchestration. Fast, down to each electric cycle. Intelligent, operated by machines in real-time. Getting human operators toggling switches to steward power across the network - like a traffic cop, or the early Altair 8800 – cannot take us further any more. And throwing more capex to the problem – the standard industry playbook for the last hundred years – does not solve the underlying challenges; it just amplifies the energy waste. Remember “one more lane”? Luckily, solutions now exist. Check out our portfolio company SMPnet for example. But grid operators and regulators need to wake up to the new realities, and adopt change. Revisit old assumptions, try out new things and embrace new approaches to ensure network stability and efficiencies. Because, for our economies, our communities, and our planet at large, so much energy is such a terrible thing to waste… the p...

Elon Musk / @elonmusk

  • like: open on X
  • @WatcherGuru Obviously. Sometimes grown men send me their Instagram profiles and I’m like are you transitioning or what?

Ariel / @redtachyon

  • like: open on X
  • Codex mobile app can now manage all my devices through tailscale. Incredible. OpenAI won. GG the post also includes media

Generated from Birdclaw bookmarks and likes. Edited by Ody before publication.