Something fundamental shifted in how software gets built—and the cracks are starting to show. Today we're looking at three converging stories: what expert agentic engineering actually looks like in practice, the open source crisis that's emerging from AI-generated code floods, and a billion-dollar bet that the entire token-prediction paradigm is the wrong foundation for serious AI.

The Practitioner's Playbook—and Its Unintended Consequences

Simon Willison gave a detailed fireside chat this week on what he calls agentic engineering. It's worth unpacking, because he's one of the most careful thinkers actually doing this work daily.

His core thesis: the inflection point wasn't a model—it was Claude Code plus Sonnet 3.5, about a year ago. That combination was the first time a model felt capable enough to drive a terminal usefully. Since then, the progression has been rapid. Willison says he's now "oneshotting basically everything"—two-sentence prompts that reliably produce working code.

But reliability comes from discipline, not luck.

His most emphatic point is about testing. He starts every coding session with red-green TDD—test-driven development, where tests are written before code. He hated this approach for his entire career. With agents, he doesn't care. The agent spins up tests, he walks the dog, and code quality goes up dramatically. His line is sharp: "Tests are effectively free now. They are no longer even remotely optional."

He's also doing something clever with manual testing. He built a tool called Showboat that has agents exercise an API themselves—running curl commands, logging results, catching bugs the test suite missed. Because a passing test suite doesn't mean the server actually boots.

Then there's what he calls conformance-driven development. For adding file uploads to his framework Datasette, he had Claude build a test suite that passed across six different frameworks—Go, Node, Django, Starlette. Then he used that test suite as the spec. Reverse-engineering six implementations to derive a standard, then implementing the standard. That's a genuinely new way to build.

On trust and sandboxing: Willison describes the "lethal trifecta"—prompt injection attacks succeed when a model has access to private data, is exposed to malicious instructions, and has an exfiltration vector to send data out. His recommendation is to run coding agents in containers Anthropic controls, not on your local machine. He admits, with some self-awareness, that he mostly ignores his own advice because it's so convenient not to.

Here's the tension though. All of this individual productivity comes at a collective cost.

Willison cites Jannis Leidel's decision to sunset Jazzband—a Python open source collective built on shared push access and open membership. That model worked when the worst-case scenario was an accidentally merged PR. It doesn't work when only one in ten AI-generated pull requests meets project standards—and when curl had to shut down its bug bounty entirely because confirmation rates dropped below five percent.

GitHub's response to the flood of AI-generated spam PRs was something unprecedented: a kill switch to disable pull requests entirely. Pull requests are the fundamental unit of open source collaboration. The fact that disabling them is now on the table tells you something about how badly the signal-to-noise ratio has degraded.

Willison's observation is quietly devastating. The productivity gains that agents enable for individuals are built entirely on the open source ecosystem those same agents are now helping to overwhelm.

The Case Against Token Prediction

While the coding world debates how to use LLMs better, Yann LeCun just raised a billion dollars on the thesis that LLMs are the wrong tool for the most important jobs.

LeCun's new lab—Advanced Machine Intelligence, or AMI Labs, based in Paris—closed a one-point-three billion dollar seed round this week. Probably Europe's largest seed ever.

The intellectual argument is crisp. LLMs—large language models—predict tokens, which are discrete chunks of text. That works well for information retrieval, summarization, coding, mathematics. But factories, hospitals, and robots don't operate in tokenized environments. Reality is continuous, noisy, and high-dimensional.

LeCun's alternative is world models—AI systems that learn abstract representations of physical reality and make predictions in representation space rather than output space. Action-conditioned world models let agentic systems predict consequences of actions and plan sequences toward goals.

AMI CEO Alexandre LeBrun put it plainly: "Despite their immense power, I do not believe that generative architectures are the path to achieving true understanding."

What's notable is the timing. Fei-Fei Li's World Labs just raised a billion dollars on a similar premise. Two of the most credentialed researchers in AI—separately, nearly simultaneously—are making the same bet against the dominant paradigm.

LeBrun's prediction: "world models" will become the next buzzword. In six months, every company will call itself a world model to raise funding. Which means the signal will get noisy fast. But the underlying scientific question is serious: can token prediction ever get you to the kind of grounded, physical understanding that robots and medical devices actually need?

Opening the Black Box at Scale

Bridging the gap between these two conversations is interpretability research—and Berkeley AI Research published something genuinely useful this week.

The challenge they're tackling is this: model behavior rarely comes from isolated components. It emerges from interactions—combinations of features, training examples, and internal components working together. The number of potential interactions grows exponentially as models scale. That's made comprehensive analysis computationally infeasible.

Their framework, SPEX—short for Spectral Explainer—reframes the problem. Instead of searching exhaustively, it exploits two structural properties. First, sparsity: relatively few interactions actually drive outputs. Second, low-degreeness: influential interactions typically involve only a small subset of features. Using tools from signal processing and coding theory, SPEX can identify these interactions with dramatically fewer computational probes.

A follow-on algorithm called ProxySPEX adds a third property: hierarchy. When a high-order interaction matters, its lower-order subsets usually matter too. That insight cuts the computational cost by roughly ten times.

The concrete results are striking. On a modified trolley problem where the correct answer was unambiguous—but GPT-4o mini got it right only eight percent of the time—standard attribution methods pointed to individual instances of the word "trolley" as culprits. ProxySPEX found something richer: a high-order interaction between both instances of "trolley," plus the words "pulling" and "lever." When those four words were replaced with synonyms, the failure rate dropped to near zero.

The framework also works for mechanistic interpretability—understanding which attention heads inside a model are responsible for specific behaviors. The finding there connects to LeCun's broader point: early layers in transformers are largely linear, with components contributing independently. Later layers are where interactions dominate—where the complex, emergent behavior actually lives.

Understanding those interactions might be essential for knowing when to trust a model. Which connects back to Willison's point about tests being free. The interpretability research tells you why the model succeeded or failed. The testing infrastructure tells you whether it succeeded or failed. Both are load-bearing in any world where we're running agents with real consequences.

What ties today's threads together is a single underlying tension: capability is outrunning understanding. We can build things faster than we can audit them, flood platforms faster than communities can filter, and deploy models into physical environments before we've mapped what's actually happening inside them. The most interesting work happening right now—from SPEX to world models to careful agentic engineering—is all trying to close that gap.