Weekly Links: Open Token Use, Provenance, and the Agent Web

This week Claude managed agents come to Cloudflare, the Elon Musk v's OpenAI trial ends with a loss for Elon Musk, EY uses too much AI, and Andrey Karpathy joins Anthropic.

On to this week's main stories:

• Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’. Open source projects have been drowning in bug reports and pull requests generated with AI. They've been reacting in a wide variety of ways, from outright banning AI submissions to welcoming them. I've written about this before. One of Linus Torvalds' points in the interview he gave, which isn't covered by the register, has to do with the fact that the Linux security vulnerability list is, for obvious reasons, private. So someone submitting there will not see what's previously been submitted. That makes sense when volumes are low, but it creates an avalanche when they are high. Torvalds is essentially suggesting "if you found a vulnerability using AI, so did everyone else," and so don't post it there. This either means: 1) don't post anywhere, or 2) post it for all to see. I'm guessing it's the latter. I see the logic, but it will mean any vulnerabilities become fully public faster. This feels like a good thing in the medium/long term - every model release will lead to a wave of new known issues - but it'll mean more risk in the short term. Another way would be to use AI on the private list to aggregate and triage these submissions. My guess is that this will be the most logical path forward. Submitters are, after all, burning their own tokens to find issues, which is likely a good thing.
• Spotify and Universal Music agree deal to let subscribers create AI remixes. On the cultural front, I think this agreement could mean a great deal. Spotify is one of the key distribution channels for all music, and with this announcement, they'll allow (for now, paying) users to remix tracks that Universal Music owns. This shifts Spotify from distribution, further to creativity platform. My guess is that what may end up being more interesting for Spotify is if they can become the rights management layer. It will be extremely hard to stay on the cutting edge of the remix tools themselves. Clearly, this play also opens the door to Spotify being a venue for UGC content (like YouTube), which it isn't today. For Universal... it probably makes sense to make a similar deal with TikTok, Instagram, Suno, and others if they haven't already.
• 100 things we announced at I/O 2026. A title like this is a headcratcher from a messaging point of view. Someone must have slipped it past the PR department. Yes, ... but which are important? worth talking about? Google did indeed announce a huge number of products and services at Google I/O this year. The AI train is well and truly moving at the company and infusing everything, but it would be helpful to have an emphasis. From the many announcements, I'll pick just one group that, together, to me at least, seems the most consequential: the changes to the search box to add more AI, the addition of background search agents, and the preview of Gemini Spark (currently with testers only), which is a personal agent (also for background tasks). I pick these because they represent two big changes: 1) a move to agentic, background-type execution of work, and 2) a big step from search of the open web to question answering as the default modality for interactions. Google has no obligation to drive traffic to sites on the web - in fact, one could argue that they could do less than they still do today - but that doesn't change the fact that this is likely another key tipping point in web traffic from humans to agents.
• Advancing content provenance for a safer, more transparent AI ecosystem. This week, OpenAI announced product support for their two-pronged strategy to verify the provenance of content. Part is support for provenance metadata by becoming a C2PA conformant generator product. This encodes metadata about content generated by AI in the image. Part is adopting Google's SynthID for image watermarking. As regular readers will know, I don't think that metadata and watermarking (even together) will really solve the content provenance problem. These are certainly useful features, but you also need trust networks.
• The Closest Thing Yet to Sam Altman's One-Person Unicorn. Watch the product live feed here. Polsia is a one-person, AI-powered company that just raised $30M in funding at a $250M valuation. The platform powers a wide range of business functions fully automatically. The pattern here is that the company has built on itself an operating system. A well-trodden path to success with software (GitHub for remote engineering work, for example).

Wishing you a great weekend.