MCP Goes Stateless: Refactoring for the 2026-07-28 Spec
The 2026-07-28 MCP RC drops the initialize handshake and Mcp-Session-Id, moves client info to _meta, and adds routing headers. What to refactor.
Lab // Technical notes
AI Engineering Lab: Technical Deep Dives
Technical deep dives into AI agent engineering — architecture patterns, protocol internals, and the implementation details behind production-grade systems.
Programmatic Tool Calling: Code Mode for Faster, Cheaper Agents
Code mode lets an agent orchestrate many tools in a sandbox and return only results to the model. ~80% lower inference cost and how it works in production.
Claude Fable 5 Agent Loops: effort and task-budgets
Claude Fable 5 ships effort and task_budget — two API primitives that govern cost, latency, and reliability in agent loops. A production wiring guide.
MCP Tasks: Async, Resumable Tool Calls Before July 28
MCP's 2026-07-28 release candidate locked on May 21. Tasks graduated to a first-class extension. Here is what every server author has 10 weeks to refactor.
Prompts as Shells: Semantic Kernel's Prompt Injection RCE
Microsoft's CVE-2026-26030 and CVE-2026-25592 turn one injected prompt into calc.exe. The tool registry is now the attack surface — here's the chain.
A2A Protocol v1.0: Production Patterns for Agents
A2A v1.0 ships in April 2026 under the AAIF. Agent Cards, a five-state task lifecycle, and the orchestrator code that ties them together.
Speculative Tool Execution: Cut Agent Latency 48%
PASTE-style speculative tool execution cuts agent task time 48.5%. A working ~300 LOC harness over the Anthropic SDK with rollback and benchmarks.
CaMeL: The Dual-LLM Pattern That Proves Prompt Injection
CaMeL splits the LLM in two and wraps every value in a capability. 77% of AgentDojo tasks complete with provable prompt-injection defense.
Context Folding: 200-Step Agents in 10x Less Context
Tool accuracy collapses ~40% past 80K tokens. Context folding runs 200-step agents in 10x less context. Working harness and Anthropic compaction inside.
Memory Poisoning: The Attack That Waits
Memory-augmented agents face 95% injection-success attacks that persist 365 days across sessions. The threat map and a layered defense stack.