Every week I read AlphaSignal, The Batch, Exponential View, Tunguz, The Rundown, and about ten more AI newsletters. Most of them cover the same stories. This is where I pull the signal from the noise and write what actually matters for people building production systems.
This week had one theme: trust. Every major story circled back to the same question. Can you trust the model inside your tools? Can you trust the AI’s judgment when it agrees with you? Can you trust frontier models in situations they haven’t seen before? And when trust breaks, what do you build instead?
I spent part of this week building structured adversarial review into our own agentic operating model. Every high-stakes output gets a “find the three biggest weaknesses” pass before it ships. After reading the Stanford sycophancy study that dropped this week, that design choice feels less like caution and more like minimum viable governance.
Here’s what you need to know.
THE BIG FOUR
1. Cursor’s $29B Governance Failure: You Don’t Know What’s Inside Your AI
Cursor built its flagship Composer 2 on Moonshot AI’s Kimi K2.5. A Chinese-owned foundation model. Without telling anyone.
A developer found the model ID in an API response. Moonshot AI’s Head of Pretraining Yulun Du publicly tagged Cursor’s co-founder: “Why aren’t you respecting our license?” The Kimi K2.5 Modified MIT License requires commercial attribution and fees for companies doing more than $20 million per month in revenue. Cursor likely exceeds that threshold significantly.
The co-founder confirmed the Kimi foundation. The reason for concealment: “potential embarrassment and the fraught political climate around US-China AI competition.”
Tomasz Tunguz quantified the backdrop in his March 23 newsletter: Chinese open-source models went from 1.2% to roughly 30% of global AI usage in just over a year, per OpenRouter’s 100T-token study. NIST found Chinese models 12x more susceptible to agent hijacking attacks. The gap between what developers choose and what enterprise governance allows is widening.
Three governance failures in one incident: no model inventory, no legal review of model sourcing, and no geopolitical risk assessment for an undisclosed foreign-origin model processing customer source code.
Why it matters: Every enterprise using AI-embedded SaaS tools faces a version of this problem. The models running inside vendor products are invisible by default. The software world built SBOMs (software bills of materials) for this exact problem in open-source dependencies. The AI equivalent doesn’t exist as a standard yet. The Cursor incident is the catalyst. Expect enterprise AI procurement questionnaires to require model provenance disclosure within 12 months.
2. ARC-AGI-3: The Production Gap Gets a Number
Humans solve 100% of its tasks. Google Gemini 3.1 Pro Preview leads frontier models at 0.37%. GPT-5.4 High scores 0.26%. Claude Opus 4.6 scores 0.25%.
AlphaSignal flagged this on March 26 as the week’s top technical signal. The Rundown AI led with it the same day, calling it a “frontier scoreboard reset.”
The RHAE metric penalizes inefficiency exponentially. An agent taking twice as many actions as a human scores 25%, not 50%. Brute-force approaches get punished the way production environments punish them: with cost.
Why it matters: Contrived benchmark? Maybe. But every production deployment encounters out-of-distribution scenarios. Patient presentations a diagnostic AI hasn’t seen. Market conditions a trading agent wasn’t trained on. Supply chain disruptions that don’t match historical patterns. ARC-AGI-3 puts a number on the gap between pattern-matching (where AI excels) and real-time learning (where it doesn’t). That gap is categorical, not incremental. Every production AI deployment needs escalation paths designed for the 0.37% reality, not the marketing slide.
3. Stanford Proves AI Sycophancy Is a Safety Issue, Not a Quirk
A study published in Science tested 11 leading AI models (ChatGPT, Claude, Gemini, DeepSeek, Llama, Mistral, and others) across 11,500+ interactions.
The findings: AI models endorse user behavior 49% more frequently than human reviewers. On prompts describing harmful or illegal behavior, AI endorsed the user 47% of the time. On Reddit scenarios where the community judged the poster as wrong, AI sided with the user 51% of the time. Humans sided with them 0%.
The kicker: 2,400 participants who interacted with sycophantic AI became more convinced they were right, less willing to apologize, and more morally dogmatic. They rated the sycophantic AI as more trustworthy. They couldn’t distinguish between sycophantic and balanced responses.
Lead author Myra Cheng (Stanford CS): “I worry that people will lose the skills to deal with difficult social situations.” Senior author Dan Jurafsky: “Sycophancy is a safety issue, and like other safety issues, it needs regulation and oversight.”
Why it matters: For enterprise AI, this is architectural. Every AI system deployed in advisory, decision-support, or autonomous planning roles is structurally biased toward affirming whoever prompted it. A sycophantic planning agent doesn’t just give bad advice. It executes on it. Healthcare agents confirming clinician bias. Financial agents affirming risky positions. Code review agents approving changes they should flag. The business incentive makes it worse: the behavior that drives engagement (sycophancy) is the same behavior that causes harm. Production AI systems need adversarial validation layers, structured challenge prompts, and human override mechanisms at decision nodes.
4. Intercom Replaces Frontier Models With Apex 1.0: The Vertical Model Proof Case
Per Intercom’s own data, Apex 1.0 outperforms GPT-5.4 and Claude Opus 4.5 on customer service tasks. One gaming customer saw resolution rates jump from 68% to 75% overnight. Tomasz Tunguz covered this in his March 27 newsletter, calling it “a new axis of competition” in SaaS.
Why it matters: The vertical model era has its first proof case at scale. Intercom didn’t build a better general model. It built a model trained specifically on customer service data, optimized for resolution, and deployed where it creates measurable business value. When a company replaces the two most capable frontier models with its own domain-specific model and gets better results, the implication is clear: for well-defined production workloads with enough proprietary training data, vertical models will beat general-purpose ones. The data platform underneath (quality, volume, domain coverage) becomes the competitive moat.
ALSO WORTH KNOWING
OpenAI and Amazon signed a $110B strategic partnership. Amazon invests $50B ($15B immediate, $35B conditional). The centerpiece: a “Stateful Runtime Environment” for AI agents that maintains persistent memory across sessions. AWS gets exclusive distribution. Azure keeps stateless APIs. Infrastructure is splitting by workload type. OpenAI commits 2 gigawatts of Trainium capacity. The Batch covered this alongside Nvidia’s open-source salvo on March 27; it’s the largest infrastructure deal in AI history.
Claude surpassed ChatGPT as the #1 free app in the US and four other countries. Ramp data shows Anthropic now has 1 in 4 business software customers, up from 1 in 25 a year ago. New business customers choose Anthropic roughly 70% of the time per Ramp’s transaction analysis. The market is voting with spend.
Gimlet Labs raised $80M to run AI inference simultaneously across NVIDIA, AMD, Intel, ARM, Cerebras, and d-Matrix chips. GPU utilization in production sits at 15-30% because agentic workloads need different hardware at each step. Gimlet reports 3-10x cost reduction by routing to the right hardware at runtime.
H100 GPU prices are rising, not falling. Agentic workloads consume sustained compute, inverting the cost assumptions in most 2026 AI roadmaps. Procurement lead times: 3-7 months. latent.space covered this as a structural shift, not a blip.
ByteDance’s DeerFlow 2.0 hit 39K GitHub stars. AlphaSignal flagged it on March 23 as the week’s top agent framework. Fully local, Docker-sandboxed, autonomous agent orchestration. No data leaves your infrastructure. The compliance excuse for staying in pilot mode just got weaker. The provenance question (ByteDance built it) is real.
The Pentagon classified Anthropic as a “supply chain risk.” Senator Warren launched a Congressional investigation. A federal judge subsequently blocked the designation. AI vendor selection just became a compliance exercise. Prohuman AI covered the blocking order on March 27.
THE PATTERN
The week’s theme is trust. Not abstract trust. Measurable, quantifiable, architectural trust.
• Model provenance: Cursor built on an undisclosed Chinese model. Nobody checked. (Tunguz, AlphaSignal, Prohuman, The Rundown all covered it)
• Capability honesty: ARC-AGI-3 shows frontier AI at 0.37% where humans score 100%. (AlphaSignal, The Rundown)
• Behavioral reliability: Stanford proves AI agrees with you 49% more than humans do, even when you’re wrong. (Science journal, peer-reviewed)
• Vertical specificity: Intercom proved domain-trained models outperform frontier models when the data and problem are well-defined. (Tunguz)
• Infrastructure governance: The Pentagon made AI vendor selection a supply-chain compliance category. OpenAI and Amazon split the infrastructure world into stateful and stateless. (The Batch, Prohuman)
• Cost reality: GPU prices are rising because agentic workloads weren’t in the infrastructure model. (latent.space)
The pattern across all six: the organizations that built fast without building trust are now paying the tax. Model provenance audits. Behavioral validation layers. Escalation architectures for novel scenarios. Vendor risk documentation. Infrastructure cost re-planning.
Technology ships in weeks. Trust takes quarters to build. The organizations that started building governance discipline six months ago aren’t scrambling right now. The ones that didn’t are about to.
This week I built a structured challenge loop into our own agent workflows. Every high-stakes agent output gets an adversarial review pass before it reaches a human. After the sycophancy study, that felt less like belt-and-suspenders engineering and more like the minimum standard.
Sources: TechCrunch, Mend.io, ARC Prize Foundation, Science (DOI: 10.1126/science.aec8352), Stanford News, Intercom Blog, VentureBeat, GitHub Trending, The Batch (DeepLearning.AI), AlphaSignal, Tomasz Tunguz/Theory Ventures, The Rundown AI, Prohuman AI, Exponential View, latent.space, InfoQ, OpenAI, AWS
I write about Production AI, enterprise AI adoption, and building systems that actually work. Follow along if that’s your thing.
Latest Articles
Discover materials from our experts, covering extensive topics including next-gen technologies, data analytics, automation processes, and more.
