🦥 The Vercel Situation Is Crazy

Hello friends!

Welcome to this week’s Sloth Bytes. I hope you had a great week.

Agents can generate code. Getting it right for your system, team conventions, and past decisions is the hard part – you end up wasting time and tokens in correction loops.

MCPs give agents access to information but not understanding. The teams pulling ahead use a context engine to give agents exactly what they need.

Join us April 23 (FREE) to see:

Register now

I’m NOT joking and this is NOT AI generated btw. AI is not creative enough for this.

In February, an employee at Context.ai was searching for Roblox "auto-farm" cheat scripts. You know, the kind of thing you download to grind resources in games and one of those downloads contained Lumma Stealer. It’s a piece of malware that silently harvests credentials, cookies, and session tokens from the infected machine. The employee's corporate Google Workspace credentials, along with keys for Supabase, Datadog, and Authkit, all got scooped up and landed in a criminal database.

So how does this connect to Vercel?

Well Vercel is not a Context.ai customer, but one Vercel employee had personally signed up for Context.ai's AI Office Suite using their Vercel corporate account, and granted it "Allow All" OAuth permissions. That one permissive click meant the attacker, now holding Context.ai's stolen OAuth tokens, could walk straight into that Vercel employee's Google Workspace.

From there, the attacker accessed Vercel's internal systems and reached environment variables that weren't marked as "sensitive" (API keys, tokens, database credentials stored in plaintext).

The attacker is described as "highly sophisticated" by both Vercel and Google Mandiant, moving with unusual speed and demonstrating deep knowledge of Vercel's internal systems.

What you should do right now if you use Vercel:

Here's a problem you've probably never thought about but will immediately understand once you hear it.

You visit a website. Your browser downloads a 272KB JavaScript bundle and caches it. A developer pushes a one-line fix. The bundle filename changes. Your browser downloads the whole 272KB again. For a one-line change.

This is happening more than ever because AI-assisted development is compressing the gap between deploys. More code is shipping faster. And the web is also getting heavier, with the average page growing 6-9% per year. Traditional caching can't keep up.

Cloudflare's answer is shared compression dictionaries, a standard that's been in the works for years (RFC 9842) and is finally getting real infrastructure support. The idea is simple: instead of treating each JS bundle as a completely new file, use the browser's previously cached version as a compression reference. Send only the diff.

In Cloudflare's own testing, that same 272KB bundle compressed with gzip came in at 92.1KB. With shared dictionary compression using the previous version as the dictionary, it dropped to just 2.6KB. A 97% reduction over what gzip already delivered.

The open beta launches April 30, starting with "passthrough" support where Cloudflare forwards the relevant headers without stripping them. No origin configuration required on your end to start.

Why it matters: Faster page loads for users who've visited before (which is most users), less bandwidth cost for you, and a smarter approach to a problem that gets worse every time someone ships a new feature.

If you've ever tried to move an AI agent from "cool demo" to "production system that actually works," you know the pain. Tools hang. File state drifts. Memory bloats or forgets exactly the wrong thing. And one overly permissive tool call becomes an incident.

OpenAI just shipped an interesting update to the Agents SDK that addresses exactly this. Two core new capabilities:

The model-native harness: Think of this as the production reliability layer that sits between your agent and the world. It handles tool calls, manages working directories, tracks reasoning, and keeps the model grounded in what's actually happening. It now includes configurable memory, filesystem tools (similar to Codex), shell access, apply-patch-style file editing, and MCP integrations.

Native sandbox execution: Agents now get an actual isolated workspace. They can read and write files, install dependencies, run commands, and use tools without you building that execution layer yourself. You can bring your own sandbox or use built-in support for E2B, Cloudflare, Vercel, Modal, Daytona, Runloop, and Blaxel.

The security design is smart: the harness and compute layers are separated, so credentials stay outside the environment where model-generated code actually runs. If a sandbox container dies mid-task, the SDK snapshots state and rehydrates in a fresh one. For long-running tasks, that's the difference between a blip and starting over from scratch.

Currently Python only, TypeScript support is coming.

Why it matters: "Building agents" used to mean building agents plus all the infrastructure around them. This update is OpenAI saying: here's the infrastructure, stop rebuilding it yourself. Whether you use it or stick with your own stack, the standard of what "good" agentic infrastructure looks like just moved up.

Node.js 24.15.0 LTS released — The latest LTS drop includes critical OpenSSL null pointer fixes, a new --max-heap-size CLI flag so you can cap memory without flaky env vars, require(esm) graduating to stable, and SQLite updates. Also: Node.js 20 LTS reaches end-of-life on April 30. If you're still on 20, that upgrade clock is ticking.

Rust 1.95.0 released — Stable ships cfg_select!, a built-in macro that replaces the popular cfg-if crate for platform-specific code branches. Match expressions also gain if-let guards. Embedded developers should note: custom JSON target specs are no longer supported on stable. rustup update stable to grab it.

Curry-Howard: Proofs are Programs — One of those CS theory concepts that sounds abstract until someone explains it well. This post does. The idea that a proof and a program are the same thing is genuinely mind-bending and explains why Rust's type system is so expressive.

Bloom Filters — A great explainer on one of those data structures every developer should know but many never learned properly. Bloom filters let you check if something is "probably in a set" with almost no memory, which turns out to be extremely useful.

How the Heck Does Shazam Work? — No tutorial content here, just a genuinely fun read about how Shazam identifies a song in seconds from a noisy environment. Spoiler: audio fingerprinting, spectral peaks, and a whole lot of clever math.

Modern Frontend Complexity — A candid take on how building for the web has gotten absurdly complicated. Worth reading whether you agree or not, because the author actually argues the case rather than just complaining.

The API Tooling Crisis — A bit older (December 2025) but still sharp. Makes the case that the gap between what API tooling promises and what it delivers in practice has never been wider. Good for sparking a conversation with your team.

Project NOMAD - A self-contained offline server packed with encyclopedic knowledge, local AI, and essential tools.

NES.css + PSOne.CSS - CSS frameworks to make your projects look like an NES game or PS1 game. Pretty sick.

html-in-canvas - A new browser proposal that lets you render actual HTML elements (like forms, styled text, and inputs) directly inside a <canvas>

CodeCrafters (affiliate) - A coding platform where you learn how tools like Redis, Git, and SQLite actually work by building them yourself from scratch, in any language you choose. I got you all with a 40% discount too!

That’s all from me!

Have a great week, be safe, make good choices, and have fun coding.

If I made a mistake or you have any questions, feel free to comment below or reply to the email!

See you all next week.

If your company is interested in reaching an audience of developers and programming enthusiasts, you may want to advertise with us here.