Text-to-Speech Model Eleven v3 Now Generally Available
Eleven Labs has moved its Eleven v3 Text-to-Speech model to General Availability, exiting the Alpha phase.
Back to archive
Issue #35··14 min read·7 stories
Malware Found in Popular Agent Skills
Warning: Malware in agent skills. Plus, a new isolated agent framework and critical LLM evaluation.
A top downloaded skill in the ClawHub agent marketplace contained malware yesterday, highlighting immediate security risks in agent ecosystems. Builders creating agentic systems might look at NanoClaw, an open-source agent framework built with Apple container isolation. Separately, the DeepEval framework helps teams rigorously evaluate LLM outputs, a critical step for shipping reliable AI features.
▲NEWS
5 stories2
AI Discovers 500+ High-Severity Bugs in Open Source
Anthropic's Claude Opus 4.6 is now discovering high-severity software vulnerabilities, even in mature codebases. Unlike traditional fuzzing, Claude reasons through commit history and code patterns to find bugs, with Anthropic already patching over 500 issues in open-source projects. This demonstrates AI models can act as advanced security auditors. Builders should expect AI to find more high-severity bugs in mature codebases, necessitating new defensive strategies and awareness of potential misuse.
3
Altman: OpenAI Preparing for "Biggest Business Bets Ever"
OpenAI CEO Sam Altman indicates the company is gearing up for its "biggest business bets ever." The article suggests this implies a strategic shift beyond pure R&D, potentially leading to large-scale investments and expanded commercial applications. This move suggests OpenAI aims to become a major platform player, which could influence how builders approach product integrations and navigate market dynamics with OpenAI's offerings.
4
Codex Desktop App Brings Parallel Code Workflows to macOS, Windows
OpenAI launched the Codex desktop app, bringing dedicated code analysis and generation to macOS (Apple Silicon) and Windows. It integrates Git, supports worktrees, and offers a terminal per thread for parallel work on Codex threads. The app requires a ChatGPT Plus subscription or OpenAI API key, syncing with the existing IDE extension.
5
SpaceX-xAI Merger Creates $1.125 Trillion Entity
SpaceX acquired xAI, merging the two Musk companies into a single entity valued at $1.125 trillion ($1T for SpaceX, $125B for xAI). This move aims to consolidate AI, rockets, and space-based internet under one roof. Musk envisions leveraging space for AI's energy needs and developing space-based data centers.
◈ANALYSIS
3 stories1
Malware Found in Top Agent Skill on ClawHub
The top downloaded "Twitter" skill on ClawHub was found to distribute macOS infostealing malware. Attackers used simple markdown "skills" as disguised installers, leveraging user trust to execute malicious code and bypass agent security measures. Agent skill registries are now supply chain attack vectors. Expect infostealer compromise if running skills on corporate devices.
2
Google Ramps CapEx to $185B for AI Infrastructure
Google guides its FY26 CapEx to $185 billion, effectively doubling its 2025 level, signaling a full-scale push into AI infrastructure. The investment follows accelerating Google Cloud revenue (48% Y/Y to $17.7B) and 750 million monthly active users for Gemini, suggesting a pivot from AI experimentation to large enterprise deals and new subscription models. This scale of investment impacts competition for cloud and AI services.
3
Booch: AI is a New Abstraction in Software Engineering's 'Third Golden Age'
Grady Booch argues AI represents a new abstraction layer within software engineering's 'third golden age,' which focuses on systems. He draws parallels to compilers, seeing AI as a new abstraction layer that automates routine tasks but still requires deep foundations and human judgment.
⚒TOOLS
4 stories1
NanoClaw Prioritizes OS Isolation Over App Security
NanoClaw is a personal Claude assistant built with a minimal, easily understandable codebase, prioritizing OS-level container isolation (Apple Container, Docker). This design ensures agents only access explicitly mounted filesystems, making it more secure and easier to customize.
2
Python LLM Eval Framework DeepEval
DeepEval is an open-source Python framework for LLM evaluation, currently trending on GitHub with over 13,000 stars.
3
AI Agents Hire Humans for Physical Tasks
A new platform lets AI agents hire humans for real-world tasks via an MCP/API. Bots can book workers who set their own rates and receive direct payments, providing a physical execution layer for AI.
4
2026 Self-Study Roadmap for AI Engineers
A new roadmap outlines how to become an AI engineer in 2026, focusing on practical skills and project-based learning without requiring an advanced ML degree. It covers foundational Python and Git, software engineering principles like API design, and AI specifics such as LLMs, RAG, and agents, with an emphasis on building production-ready systems including deployment and monitoring.