Good. Find more bugs.
Then make sure the runtime doesn’t let them matter.
My take on Mythos, exploitability, AgentSH, and why agents need deterministic control at execution time.
eran.sandler.co.il/post/2026-04...
Shipped AgentSH v0.18.0.
New in this release:
• Secrets Manager for 3rd-party vaults
• HTTP policy by path + method
Agents shouldn’t need real creds in memory, and blocking one tool isn’t enough if they can still hit the raw API.
Fake in memory. Real on egress.
www.canyonroad.ai/blog/agentsh...
Grab it while its hot!
Proud to share Canyon Road’s first post: agents are starting to act at machine speed while oversight still happens at human speed — creating what we call the control gap. If you’re using agents in dev/CI/prod, where do you feel this most? www.canyonroad.ai/blog/the-con...
5/5 If you’re using agents today: where do you feel the gap most—file access, tool calls, CI/CD, prod changes? Full post:
www.canyonroad.ai/blog/the-con...
4/5 Approvals don’t scale linearly. If every meaningful action needs a human click, either velocity dies or the clicks become meaningless. We need controls that operate at machine speed too.
3/5 The risk isn’t just prompt injection. It’s the whole capability surface: files, network, tools, CI/CD, prod. Inputs are messy/untrusted, permissions are broad, and agents don’t slow down.
2/5 The pattern: action volume → oversight fatigue → rubber-stamp approvals → implicit trust → blast radius. Not because teams are careless - because the pace makes careful review unrealistic.
1/5 Proud to share Canyon Road’s first post. Agents move at machine speed; humans supervise at human speed. That mismatch creates “the control gap” - and it’s growing fast.
www.canyonroad.ai/blog/the-con...
I wasn't aware of this project. Thanks for sharing.
Looking at it, I did need some finer configurations with multi GPUs including the ability to run multiple models on different GPUs at the same time, so it was rather easy for me to do that.
5/ It’s open source: github.com/erans/vllm-j...
If you run vLLM locally (or want to), I’d love feedback on what would make this a daily driver for you: smarter “keep warm”, routing rules, observability, etc.
4/ If this sounds useful (or you just like the idea), please ⭐ the repo - it helps others find it and keeps me shipping improvements:
3/ The goal: make model ops boring. Keep your apps/tools pointed at one URL while you experiment freely on a single GPU box, workstation, or small multi-GPU rig - without the “who’s on which port?” chaos.
2/ So I built vLLM Jukebox 🎛️
A single endpoint that can serve multiple models and handle switching for you - so model changes feel like switching tabs, not redeploying infrastructure.
1/ Self-hosting LLMs is awesome… until you start juggling models. One minute coder, next minute fast small, then big reasoning - and suddenly you’re restarting servers, changing ports, and breaking clients. I got tired of being the human load balancer.
5/ If you like the direction lclq is going, please star the repo and share your feedback.
Release v0.2.0: github.com/erans/lclq/r...
4/ The worker model in lclq is now lighter and easier to tune. Default is 2 workers and you can change it with LCLQ_PUSH_WORKERS.
3/ lclq now supports exponential backoff retry, dead letter topics, and GCP compatible JSON payloads. A solid upgrade for event driven development.
2/ New in lclq v0.2.0: automatic webhook delivery for GCP Pub/Sub messages. Return 2xx to ack and retries happen automatically on failures.
More info: github.com/erans/lclq/r...
1/ lclq v0.2.0 is out! Push Subscriptions are now supported. You can receive Pub/Sub messages directly to your HTTP endpoints with no polling.
Release notes: github.com/erans/lclq/r...
5/ If you want PostgreSQL-like behavior with SQLite’s simplicity (embedded, microservices, local dev), pgsqlite is getting closer every release. Try v0.0.19!
github.com/erans/pgsqli...
4/ Added pg_settings with 41 commonly used PostgreSQL config values. More compatibility, fewer surprises when connecting PG-aware clients.
3/ Dynamic handlers now power sequences + triggers, pulling from SQLite’s own metadata. More PG tools and ORMs “just work” with pgsqlite.
2/ v0.0.19 adds new catalog tables: pg_collation, pg_sequence, pg_trigger, plus stubs for replication + stats. Huge step toward smoother PG wire-protocol support on SQLite.
1/ 🚀 pgsqlite v0.0.19 is live! More PostgreSQL catalog support on top of SQLite, making PG clients behave even more naturally. Lightweight PG compatibility FTW.
github.com/erans/pgsqli...
3/💻 New PC page:
Wondering what LLMs your computer can handle?
Check out the new guide - see what runs on PCs with NPUs, GPUs, or plain CPUs.
➡️ selfhostllm.org
5/ AI doesn’t have to live in the cloud.
Run it yourself.
See what your hardware can really do 💪
🌐 selfhostllm.org
4/ Why SelfHostLLM?
✅ Privacy-first (no data leaves your device)
✅ Clear compatibility charts
✅ Fast local inference
✅ Simple install guides for GPU, Mac, & Windows