Enterprise AI Automation.Agents that replace operational work, not just write emails.

Cursor cloud subagents in 2026: /in-cloud, /babysit, and /automate without losing your local guardrails

Cursor 3.7 lets you spin subagents in cloud VMs with /in-cloud, iterate on a PR until merge-ready with /babysit, and hand off between local and cloud sessions. Cursor 3.8 adds /automate and five GitHub review triggers. Here is the workflow I use so parallel cloud work does not bypass Auto-review, environment snapshots, or pre-push /review.

Jun 18, 202613 min

Agentjacking is real: poisoned Sentry errors can hijack Cursor, Claude Code, and Codex without touching your repo

Tenet Threat Labs injected a fake stack trace through a public Sentry DSN and watched 100+ coding agents execute attacker commands during normal triage. No git write access required. The agent treats the error as ground truth. Here is how I harden observability MCP feeds, scope triage prompts, and block auto-exec on untrusted telemetry.

Jun 17, 202613 min

The June 15 Claude billing change: Agent SDK credits, model retirement, and the checklist I run before anything breaks

Two Anthropic changes land on the same day: programmatic Claude usage moves to a separate monthly credit pool, and claude-opus-4-20250514 plus claude-sonnet-4-20250514 stop answering on the API. Interactive Claude Code is fine. Cron jobs and CI agents are not. Here is how I audit auth paths, claim credits, and grep for retiring model IDs before the first failed run.

Jun 15, 202614 min

Governing agent autonomy in 2026: Auto-review, pre-push review, and why approval prompts are not a security model

Cursor made Auto-review the default run mode and shipped /review so Bugbot runs before you push. Together they treat agent autonomy as a dial: low-stakes actions flow, high-stakes actions slow down. Here is how I wire that pattern into local agents, SDK headless runs, and CI without mistaking convenience for a hard security boundary.

Jun 11, 202614 min

Agentic RAG vs vanilla RAG: why a Sufficient Context Agent beats retrieve-then-pray

Google Research shipped Agentic RAG on Gemini Enterprise with a Sufficient Context Agent that refuses to answer when retrieval is incomplete. On factuality benchmarks they report up to 34% higher accuracy versus standard RAG. Here is when one-shot RAG is still enough, when you need iterative retrieval, and how I wire the pattern without blowing latency budgets.

Jun 6, 202614 min

Agentic transformation is an operating-model problem, not a model problem

Microsoft published a 6-step playbook for rolling agents out across an enterprise, and the line that matters is "you do not need a bigger model, you need a better operating model." That matches what I see in consulting: the pilots that die do not die on model quality, they die on ownership, evals, and governance. Here is how I read the playbook for IT services teams, and the operating-model gaps that actually stall agent rollouts.

Jun 4, 202611 min

Read the post Multi-Agent

Your agent's supply chain is the attack surface now

A poisoned VS Code extension spent eighteen minutes on the marketplace and walked off with Claude Code credentials and MCP configs. The model was never the target. Your agent's supply chain is: the extensions, skills, MCP servers, tool definitions, and keys it is allowed to touch. Here is how I harden all four layers, and the checklist I run on every deployment.

May 27, 202612 min

Inside Recruiting Atelier: a runnable reference for the primitives of an agentic system

A working open studio that vets duplicates, plans the run, screens, scores, shortlists, and notifies. The whole pipeline lives in roughly ninety lines of supervisor code and a tool registry you can read in one sitting. Here is what is inside, why every piece is there, and what you can copy into your own stack.

May 24, 202614 min

How an agentic studio screens, scores and shortlists candidates for your hiring team

Open Recruiting Atelier and you do not see a generic AI dashboard. You see five named specialists doing the work a screening team would do: catching duplicates, checking the brief, scoring on four dimensions, ranking, drafting the dispatch. Drop one CV or fifty. Click any candidate to see exactly why they landed where they did. This is what AI for recruitment looks like when it respects your judgment instead of replacing it.

May 24, 202610 min

Read the post Tool Design

Code agents vs skill agents: when to give an agent the keyboard and when to give it the toolbox

Two ways to let an agent act in the world. Code agents write fresh code into a sandbox. Skill agents pick from a curated menu. The choice should be made in the kickoff, not the postmortem. Here is the framing I use with clients, the four axes where they diverge, and the hybrid pattern most production systems become.

May 22, 202611 min

Tool registry design for agentic AI: how the wrong registry kills accuracy before the prompt is read

I reviewed a system last month with 47 tools in its registry and a 22 percent wrong-tool-selection rate. The team was about to migrate from Sonnet to Opus to fix it. The prompt was fine. The registry was the bug. This is the audit pattern I run on every client codebase before we change anything else, the seven failure modes I see in production, and the numbers from the cleanup.

May 22, 202612 min

AI agent vs agentic AI: what the distinction actually means when you ship one

Vendors blur the line because "agentic" sells. The two terms describe different architectures, with different cost shapes, different observability needs, and different scoping conversations. Here is the framing I use with clients and the three-question test for which one your project actually needs.

May 22, 202612 min

MCP governance just became a product: what Databricks Unity AI Gateway changes for enterprise agents

Every enterprise MCP deployment I have audited in the last six months has been hand-rolling tool-access policy, payload logging, and per-team cost limits on top of a gateway someone wrote in two days. Databricks just shipped that as a product. Here is what it actually changes, where the gaps still are, and the migration I would run for a Databricks shop.

May 20, 202612 min

Read the post Multi-Agent

The cheapest LLM call is the one you do not make. GitHub's 19-62% token cut, decoded

GitHub published an instrumented analysis of their agentic CI workflows and reported 19-62% token-cost reductions. The savings are the headline. The technique (pre-agentic data fetching and tool-registry hygiene) is the story most teams will miss.

May 11, 20269 min

Read the post MCP

MCP 1.0 is here. What changes for the servers you already wrote

The protocol stabilised. Most working servers will keep working. Three places the new spec actually requires changes (auth profile, server registry, streaming-response semantics) with diffs from a real migration.

May 1, 20268 min

Why I am replacing supervisor patterns with handoffs

Supervisors looked clean on paper and shipped slow in production. Handoffs read messier in the code but recover better when an agent loses the plot. Two real systems and where supervisors still earn their keep.

Apr 26, 20268 min

Prompt caching is not optional anymore. Measuring a 47% cost drop

A walkthrough from a client engagement: identifying stable prefixes, restructuring the system prompt for cacheability, and the telemetry that proved caching was actually working.

Apr 19, 20267 min

Read the post Multi-Agent

The agent observability stack we ship to every client

Traces, spans, evals, cost-per-completed-task, and the one dashboard panel that catches 80% of regressions. Vendor-agnostic; covers Langfuse, Honeycomb, and rolling your own.

Mar 28, 20268 min

Haiku 4.5 made our router 5x cheaper. The trade-off matters

Replacing Sonnet with Haiku in the dispatcher role cut our orchestration cost dramatically. It also cost us in two specific places I did not predict.

Feb 22, 20267 min

Eval datasets: stop testing your agents on the happy path

If your eval set is the demos you showed the client, you are testing the wrong thing. How we build evals from production failures and the minimum viable suite to ship.

Jan 19, 20268 min

Read the post

4 carousel notes

Visual breakdowns on Enterprise AI Automation

Production

Agentic AI content quality: 5 agents, one pipeline.

Separate eval from rewrite, route models per agent, guard inputs and outputs. Run it on every page before publish.

Multi-Agent

Sequential or parallel? Draw the flow.

Most multi-agent systems pick the wrong execution flow. One question tells you which to use.

Tooling

You have 3 tools. Are you using them correctly?

Cursor drafts. Claude ships. Copilot reviews. One job each — no overlap.

Tooling

You merged it. Then it failed.

Modern pipelines review code before merge — automated review, security scan, and test generation on every PR.

See the full Enterprise AI Automation update feed

32 ship-news updates

Latest in Enterprise AI Automation

Claude

Fable 5 included subscription access window closes today: Anthropic planned June 23 removal to usage credits, but global suspension since June 12 still blocks all access

June 22, 2026 · via Anthropic

Tools

Claude Code ships Artifacts in beta: Team and Enterprise sessions publish live, org-private review pages that update in place at a claude.ai URL

June 19, 2026 · via Claude Code Docs

Tools

GitHub Copilot usage metrics API adds ai_credits_used per user for enterprise and org-level attribution

June 19, 2026 · via GitHub

OpenAI

OpenAI Codex app 26.616 adds Record and Replay on macOS: demonstrate a workflow once and Codex turns it into a reusable Computer Use skill

June 18, 2026 · via OpenAI

MCP

MCP Enterprise-Managed Authorization is now stable: IdP-provisioned connector access replaces per-server OAuth consent for Claude, VS Code, and supported servers

June 18, 2026 · via Model Context Protocol

Tools

Cursor Automations add the /automate skill, five GitHub review triggers, and computer-use demos for always-on cloud agents

June 18, 2026 · via Cursor

Claude

Anthropic pauses the Agent SDK billing split on launch day: headless Claude still draws from subscription limits for now

June 15, 2026 · via Claude Help Center

Claude

Anthropic splits programmatic Claude off subscriptions: Agent SDK, claude -p, and Claude Code GitHub Actions now draw from a separate monthly credit pool

June 15, 2026 · via Claude Help Center

Claude

Anthropic suspends Claude Fable 5 and Mythos 5 worldwide after a US export-control directive

June 12, 2026 · via Anthropic

1 talk

Speaking on Enterprise AI Automation

AI Beyond Automation: Creating New Revenue, Markets & Business Models

One Agent Coordinates Your Entire ADLC

Saturday, 20 June 2026 Ahmedabad

View recap & resources

Enterprise solutions

How Enterprise AI Automation ships in our engagements

The pages below are the buyer-focused, conversion-grade versions of this topic — deliverables, methodology, ROI, security considerations, and CTAs to scope a real engagement.

Explore the Agentic AI Consulting solution

Agentic AI Consulting

Designed, built, and handed off — production agentic systems for enterprise teams.

Explore the MCP Integration solution

MCP Integration

Custom Model Context Protocol servers that turn your systems into agent tools.

Explore the AI Guardrails solution

AI Guardrails

Multi-layer safety, policy, and audit controls for agents in regulated environments.