Posts

The live demo repo for this series is 67ailab/harness-engineering, and for this post I did change the repo before publishing. The new capability shipped in commit 352fba2, which adds a first-class pending-approval inspection surface to the existing approval-gated harness. The key changes are in src/harness_engineering/runner.py, src/harness_engineering/cli.py, and src/harness_engineering/store.py. That matters because most writing about “human in the loop” in agent systems is still weirdly sloppy. A model says “should I proceed?”, a human types “yes”, and the demo declares the governance problem solved. It is not solved. In production, approval is not a vibe, not a chat convention, and not a magical hidden boolean inside the runtime. It is a workflow boundary with state, context, inspection, and recovery semantics. ...

Radiotherapy contouring is entering a new phase. For years, progress was driven mainly by image segmentation: better backbones, larger datasets, and stronger 3D architectures improved the automatic outlining of visible anatomy. That approach remains highly effective for organs-at-risk (OARs), where the task is largely to identify and delineate structures that can be seen directly on imaging. Target contouring is different. Gross tumor volume (GTV), clinical target volume (CTV), nodal target volumes, and postoperative beds are not defined by pixels alone. They are shaped by disease extent, stage, pathology, surgical status, laterality, risk patterns of spread, institutional practice, and protocol logic. In real clinical workflow, radiation oncologists do not contour from images alone; they contour from images interpreted in context. ...

The live demo repo for this series is 67ailab/harness-engineering, and for this post I did change the repo before publishing. The new capability shipped in commit d20e352, which adds an explicit memory-layer model to the demo instead of treating every stored value as one blurry thing called “memory.” The core addition is src/harness_engineering/memory.py, plus wiring in src/harness_engineering/store.py and src/harness_engineering/cli.py so every run now emits a memory.json snapshot and the CLI exposes a memory command. ...

A lot of the recent attention on vector databases makes them sound like a brand-new invention created by the generative AI boom. That is not really true. What changed is not the underlying math. What changed is the workload. For more than a decade, industry and academia had already been working on large-scale nearest-neighbor search for recommendation systems, image retrieval, search, ads, and ranking. The generative AI wave did something different: it turned vector retrieval from a specialized backend capability into a mainstream application primitive. Once teams started building retrieval-augmented generation (RAG), long-term AI memory, semantic search, and tool-using agents, vector databases stopped being niche infrastructure and became part of the standard stack. ...

The live demo repo for this series is 67ailab/harness-engineering, and for this post I did change the repo before publishing. The new capability shipped in commit 9612b58, which adds persisted run summaries plus replay-oriented history inspection to the existing approval-gated harness. The key changes are in src/harness_engineering/store.py and src/harness_engineering/cli.py. That addition matters because durable execution is where most agent demos quietly stop being honest. It is easy to show a model calling tools in one uninterrupted run. It is much harder to explain what happens when execution pauses for approval, the process dies, the machine reboots, the reviewer returns malformed output, or an operator needs to understand what state the run is actually in. ...

The live demo repo for this series is 67ailab/harness-engineering, and for this post I did add a real repo capability before publishing. The repo now includes a workflow export layer in src/harness_engineering/workflow.py, plus a workflow CLI command in src/harness_engineering/cli.py that renders the current harness orchestration as structured JSON or Mermaid. That change shipped in commit a007c08. That may sound like a documentation flourish. It is not. The point of an orchestration post is not to wave vaguely at boxes and arrows. It is to make the runtime’s control structure explicit enough that you can inspect it, reason about it, and argue about whether it is the right one. ...

Date: May 2, 2026 Author: 67 AI Lab Classification: Public Technical Insight Executive Summary CVE-2026-31431, also known as Copy Fail, is a high-severity local privilege escalation flaw in the Linux kernel’s crypto subsystem. The bug lives in algif_aead, part of the AF_ALG userspace crypto interface, and traces back to an in-place optimization introduced in 2017. What makes this vulnerability unusually important is not just that it yields root, but that public analysis describes the exploit path as deterministic, compact, and cross-distribution. By chaining AF_ALG with splice(), an unprivileged local user can achieve a controlled 4-byte overwrite in page cache for a readable file. In practice, that is enough to corrupt the in-memory image of a setuid binary such as /usr/bin/su and obtain a root shell. ...

The live demo repo for this series is 67ailab/harness-engineering, and for this post I did add a real new capability before publishing. The repo now includes a small MCP-style adapter layer in src/harness_engineering/mcp.py, plus CLI entry points to inspect tool descriptors and call tools through that boundary. The exact repo change shipped in commit e21f361. That addition matters because this is the first point in the series where the demo has to answer a question the broader ecosystem now forces on every agent builder: what exactly is the boundary between your harness and the tool protocol? ...

Artificial intelligence is entering a new engineering phase. For the last two years, the dominant conversation centered on prompt engineering: how to ask better questions, structure better instructions, and squeeze more reliable output from large language models. That work mattered, and still matters. But as models have become capable of planning, tool use, coding, browsing, testing, and acting over many steps, the practical bottleneck has shifted. The central production problem is no longer simply how to prompt the model. It is how to build the runtime around the model so that the model can act effectively, safely, durably, and measurably. ...

The live demo repo for this series is 67ailab/harness-engineering, and this post stays anchored to the code that exists there today. I did not add a new repo capability for this article. The point of this installment is to dissect the current harness as it actually stands: what lives in src/harness_engineering/, how the pieces fit together, and which parts are carrying the reliability burden. That matters because “agent” is now a dangerously overloaded word. Many teams still mean either a model that can call functions or a prompt loop with some memory and tool wrappers. Those are ingredients, not a runtime anatomy. ...