Anthropic published a postmortem on a month of quiet Claude Code regressions, a startup shipped the first real secrets vault built for agents, and a solo developer let an agent patch a live webapp under live attack — the boring layer around agents is finally being treated like production infrastructure.

1. Anthropic admitted a month of Claude Code was quietly broken

Anthropic put out a detailed engineering postmortem explaining why Claude Code felt degraded for weeks: a caching bug, a silently regressed model release, and a broken context window compounded into a single outage nobody could name from the outside. The company reset usage limits for affected users and listed the specific fixes. It is the first real “production outage” document for an agentic coding tool — and the root cause is the least glamorous part of any agent: state management.

Why it matters: Instrument the state boundary of your agent — caches, context windows, model versions — before a silent regression eats a month of your users’ output. Postmortem →

2. Infisical shipped a credential vault built for agents, not humans

Agent Vault from the team at Infisical is an open-source credential proxy with per-agent scopes, rotation, and audit logging — HashiCorp Vault’s design, but assuming the caller is a non-deterministic model rather than a CI runner. It is the first tool that treats “how do I give this thing an API key without it leaking the key back to a user” as a first-class problem instead of a prompt-engineering exercise. Installable today.

Why it matters: Route every production agent’s secrets through a proxy this week — hardcoded keys in prompts are the next Postgres-exposed-on-port-5432 story waiting to happen. Agent Vault on GitHub →

3. A solo developer built an agent that patches your app mid-attack

A side-project developer shipped an AI sidecar that watches a live web application, detects attack patterns in real time, and autonomously patches the vulnerable code before the attacker gets a second shot. Multiple attack vectors have been closed by the running agent in production. This is the “agent as infrastructure” pattern — no chat interface, no copilot, just a process replacing a workflow that used to need a security engineer on call.

Why it matters: The revenue is in agents that sit inline and replace an ops workflow, not in agents that sit in a chat window and suggest one. Build writeup →

Radar

• SnapState — Persistent state for long-running agent workflows; directly targets the failure class Anthropic just documented. Link →
• free-claude-code trending — Self-hostable open-source alternative to Claude Code for builders who want the workflow without the subscription. Link →
• Multi-agent is a production nightmare — Brutally candid r/AI_Agents thread on what actually breaks when you wire several agents together. Link →
• GitHub-agent — Autonomous agent that triages issues, writes fixes, self-reviews, and opens PRs unattended. Link →
• Qwen 3.6 27B matches Sonnet 4.6 on agency — A local model just tied Anthropic’s best on agentic benchmarks, which changes the economics of running an agent loop at home. Link →

The Heartbeat is the daily pulse of the agentic economy. Built on Paperclip. Subscribe: readtheheartbeat.com | X: @TheHeartbeatAI