2026-05-20

Simon Willison — 2026-05-20#

Highlight#

Simon takes a critical look at Google I/O’s Gemini Spark announcement, digging into the opaque “Antigravity” stack and questioning how Google plans to mitigate prompt injection risks for a tool with deep access to user data. This highlights the growing industry tension between powerful workspace AI agents and fundamental security vulnerabilities.

Posts#

[Google I/O, Gemini Spark, Antigravity] · Source Sticking to his rule of only reviewing generally available tools, Simon breaks down the announcement of Gemini Spark, Google’s new OpenClaw competitor that natively integrates with Workspace apps. He notes a strange FAQ detail claiming Spark runs on “Antigravity”—a moniker applied to a desktop app, a Go-based CLI, and a VS Code fork. Crucially, Simon questions whether Google’s isolated VM approach and Agent Gateway will actually be enough to prevent an “agent security challenger disaster” when handling sensitive data via prompt injection. He also highlights that Google is deprecating its open-source Gemini CLI on June 18th in favor of a closed-source Antigravity CLI.

2026-05-21

Engineering Reads — 2026-05-21#

The Big Idea#

The software industry is constantly negotiating the tension between convenience and systemic fragility. Whether it’s abdicating code comprehension to LLMs, accepting endemic memory safety and supply-chain vulnerabilities as “acts of god,” or fighting complex tooling to retain local configuration control, our daily micro-choices compound into the security and maintainability baselines of the systems we operate.

Deep Reads#

[Bliki: Vibe Coding] · Martin Fowler · Source “Vibe coding,” a term coined by Andrej Karpathy, involves prompting an LLM to build software without the developer ever looking at the generated code. Fowler differentiates this from “Agentic Programming” (where engineers actively review LLM-generated code), arguing that true vibe coding intentionally ignores internal structure to maximize speed. This approach drastically accelerates prototyping and empowers non-programmers, but it heavily trades away correctness, maintainability, and security. LLM hallucinations and non-deterministic edits mean that unreviewed codebases quickly degrade into unmaintainable, vulnerable spaghetti code with a large attack surface. This is a must-read for engineering leaders and practitioners trying to formalize when to use LLMs for throwaway scripts versus robust, reviewed production systems.

2026-05-21

Simon Willison — 2026-05-21#

Highlight#

The major news today is the official announcement of Datasette Agent, merging Simon’s three years of work on the LLM library with Datasette to create an extensible, conversational AI assistant for querying data. It represents a huge milestone for his ecosystem, opening the door for users to naturally interrogate their databases and easily build custom tools using a new plugin architecture.

Posts#

Datasette Agent Simon officially announced Datasette Agent, a conversational AI interface that lets users ask questions of the data stored in Datasette. The post features a live demo using Gemini 3.1 Flash-Lite to successfully query a blog database to find a bird-watching record. He highlights a growing plugin ecosystem—including charts, image generation, and sandbox execution—and notes that tools like Claude Code and OpenAI Codex are proving excellent at writing these extensions. Looking ahead, Simon teased a major refactor for his LLM library, a Claude Artifacts-style plugin, and a personal AI assistant named “Claw” built using his older Dogsheep tools.

2026-05-22

Simon Willison — 2026-05-22#

Highlight#

Simon highlights a fascinating economic ripple effect of the AI boom: an impending spike in consumer electronics prices due to silicon wafer capacity constraints. As AI data centers demand more High-Bandwidth Memory (HBM), manufacturers are shifting production away from standard consumer RAM, which is already threatening the availability of cheap smartphones globally.

Posts#

[The memory shortage is causing a repricing of consumer electronics] · Source Simon links to an excellent breakdown by David Oks explaining why devices using memory are about to get significantly more expensive. With only three major memory manufacturers operating with fixed wafer capacities, the explosive growth in AI data centers is pushing High-Bandwidth Memory (HBM) allocation from 2% to an expected 20% by the end of 2026. Because a single gigabyte of HBM consumes over three times the wafer capacity of standard consumer RAM (DDR/LPDDR), consumer device memory is severely constrained—an effect already hitting the sub-$100 smartphone market that is critical to regions like Africa and South Asia.

2026-05-23

Engineering Reads — 2026-05-23#

The Big Idea#

The prevailing theme in today’s tool ecosystem is a push toward bespoke personal infrastructure and custom information pipelines. Practitioners are bypassing platform constraints by utilizing self-hosted applications and programmatic, text-based configuration to maintain control over their data and environments.

Deep Reads#

[Web Excursions for May 23rd, 2026] · Brett Terpstra · Source This brief link roundup surfaces pragmatic utilities for managing personal engineering workflows, focusing heavily on reproducibility and data ownership. At the environment level, it highlights grubber-twin by Ralf Hülsmann, a command-line tool that tackles dotfile and configuration synchronization between machines by driving state directly from self-documenting Markdown files. For information ingestion, the author pairs RSSHub—a scraper that forces un-syndicated websites into standard RSS feeds—with Folo, an AI-augmented reader designed for high-signal, noise-free consumption. The primary tradeoff noted is architectural: Folo imposes a hard cap on feed imports, making it unsuitable for massive-scale firehose aggregation. Additionally, the inclusion of Journiv, a comprehensive self-hosted journaling and analytics application ideal for Synology deployments, highlights a growing preference for moving sensitive personal tracking off public clouds. This is a worthwhile scan for practitioners looking to refine their local machine environments, optimize their content ingestion pipelines, or expand their self-hosted server stacks.

2026-05-23

Simon Willison — 2026-05-23#

Highlight#

Today’s update features a practical web standards TIL (Today I Learned) about the <dl> HTML element, proving there are still useful nuances to uncover in foundational markup regarding structure, styling, and accessibility.

Posts#

[On the dl] · Source Simon shares a few structural and historical insights regarding HTML description lists, prompted by an article by Ben Meyer. For practical formatting, he highlights that a single <dt> can be followed by multiple <dd> elements and that pairs can be grouped strictly inside a <div> for easier CSS styling. He also notes the 2008 HTML5 nomenclature shift from “definition lists” to “description lists” and includes a valuable link to Adrian Roselli concerning screen reader accessibility and ARIA labeling.

2026-05-24

Engineering Reads — 2026-05-24#

The Big Idea#

Attempting to build deterministic models of how AI will automate jobs is a category error akin to the failures of early expert systems. Instead of simply eliminating roles, cheap automation often triggers the Jevons paradox—drastically increasing the volume of work while unpredictably shifting the underlying business models that fund it.

Deep Reads#

[Predicting AI job exposure] · Benedict Evans · Source Evans argues that trying to quantify AI’s impact on specific jobs using rigid taxonomies like O*NET is fundamentally impossible. He draws a sharp parallel to the failure of symbolic AI: just as engineers couldn’t manually encode the logical steps for image recognition, we cannot reduce complex knowledge work into a deterministic checklist of automatable tasks. Back-testing past technological shifts reveals massive secondary effects, such as the Jevons paradox, where automating a costly task like financial analysis simply increases the demand for more analysis rather than reducing headcount. Furthermore, we often suffer from a variant of “Gell-Mann Amnesia,” assuming AI will replace consultants or lawyers because it can generate documents, while forgetting that clients pay for trust and strategy, not just the raw artifact. Engineers building AI products should read this to internalize a humbling historical reality: new technology rarely just executes old tasks cheaper; it unlocks entirely new behaviors that break predictive models.

2026-05-24

Simon Willison — 2026-05-24#

Highlight#

Today’s most resonant post is a highlighted quote from Armin Ronacher calling out the damaging rise of AI-generated “slop” in open-source issue trackers. It serves as a stark, practical reminder that while AI coding agents are powerful, developers must preserve raw, human-observed context in bug reports rather than relying on LLMs to rewrite and hallucinate root causes.

Posts#

[Quoting Armin Ronacher] · Source Simon amplifies Armin Ronacher’s frustration with a new, frustrating failure mode in open-source maintenance: AI-rewritten issue reports. Users are feeding observed bugs into LLMs (referred to as “clankers”), which spit out confident but highly inaccurate guesswork, fake-minimal repros, and irrelevant code analogies. The core takeaway is a plea to return to the basics of bug reporting: simply state what command you ran, what you expected, what actually happened, and provide the exact error log.

2026-05-26

Simon Willison — 2026-05-26#

Highlight#

Today’s updates emphasize the dual-edged sword of AI in security, contrasting how AI tools are overwhelming open-source maintainers with a flood of valid vulnerability reports while simultaneously introducing novel data exfiltration risks in enterprise agentic systems like Microsoft Copilot.

Posts#

The pressure · Source Daniel Stenberg highlights the unprecedented toll that high-quality, AI-assisted security reports are taking on the curl project’s team. The volume of credible vulnerabilities has surged to over one report per day—double the rate seen in 2025—leading to severe work-life balance issues for maintainers. Fortunately, because curl is well-architected, these AI-discovered flaws are almost exclusively categorized as LOW or MEDIUM severity, with no HIGH severity issues found since late 2023.

2026-05-27

Engineering Reads — 2026-05-27#

The Big Idea#

The adoption of AI coding agents demands a fundamental shift from micromanaging generated code to over-engineering the verification environment that surrounds it. To safely harness AI leverage without succumbing to intense cognitive load or introducing severe vulnerabilities, engineers must strictly enforce structural guardrails—such as mutation testing, static analysis, and explicit security contexts.

Deep Reads#

The VibeSec Reckoning · Gautam Koul, Lucian Moss, Neil Drew-Lopez, and Daberechi Ruth Edeokoh “Vibe coding” has massively accelerated the speed of software prototyping, but this velocity introduces significant risk because AI agents frequently output insecure configurations. The authors argue that engineers must actively combat this by injecting explicit security context files to guide the agent. Furthermore, development teams must strictly constrain AI permission requests, maintain a daily security intelligence feed, and provide secure-by-default harnesses and templates. This is an essential read for platform and security engineers who need to build structural guardrails around rapidly moving, AI-assisted development teams.