AI coding agents are getting longer runs, more context, and more ways to touch production workflows, but this week made the real bottleneck obvious: authorization. Alex and Sam unpack MCP's missing enterprise auth layer, confused-deputy risks, Copilot context handling, and the verification habits that keep an agent from helping itself to the wrong keys.

Coding agents are getting better at long runs, but this week's news points at the real limit: proof. Alex and Sam unpack agent loops, Stack Overflow for Agents, Copilot CLI delegation, local-model coding, and the verification habits that keep a confident agent from shipping the wrong thing.

Coding agents are no longer just a workflow story; they are a cost, context, and control story. Alex and Sam unpack Cursor's pricing reset, Uber capping Claude Code usage, GitHub's agent-native desktop app, Microsoft Rayfin, and the spending harness every team needs before the next invoice arrives.

Agentic coding tools are moving into enterprise workflows, but the week's most useful signal is a benchmark where frontier models still struggle below 50% on real IT tasks. Alex and Sam unpack Microsoft Learn grounding, agent deception, Copilot data leaks, and the practical harness every team should build before handing agents production authority.

Claude Code workflows, enterprise Codex deployments, and rising token costs all point to the same lesson: coding agents need operating systems, not just better prompts. Alex and Sam dig into /workflows, on-prem Codex, CI for agents, and the new decision fatigue of choosing where each task should run.

OpenAI's Windows sandbox work is the practical story behind safer coding agents this week. Alex and Sam dig into Codex on Windows, remote cloud coding agents, Claude Code billing splits, and why a Raspberry Pi running rm -rf is the warning label every agent workflow needs.

A Cursor AI agent deleted PocketOS's entire production database on April 25th — in under 10 seconds. This week Alex and Sam dig into the AI agent credential crisis, Anthropic's wild SpaceX/xAI compute deal, Mozilla using Claude to find hundreds of Firefox vulnerabilities, and whether OpenAI Codex is actually closing the gap on Claude Code. If you've ever given an agent database access, listen before your next deploy.

Anthropic's Claude Security tool just dropped out of closed preview and it will scan your entire codebase for vulnerabilities — and the results might be uncomfortable. This week we also dig into Cursor's $60 billion bet on being the "harness" rather than the model, why AI agents are literally forcing developers to keep their laptops open, and the Zig project's nuclear take on AI contributions. If you write code with AI help, this episode is required listening.