AI News Archive: July 5, 2026 — Part 2
Sourced from 500+ daily AI sources, scored by relevance.
- Forget Prompting. The Most Important AI Skill of the Next 5 Years Is Something Else
The future of AI at work isn’t better prompts—it’s creating reusable systems that capture how your best people think and operate.
- Which is faster: Kimi K2.6 on Cerebras or Gemini Flash?
Comparison of inference speeds between Cerebras' Kimi K2.6 and Gemini Flash models.
Score: 55🌐 MovesJul 5, 2026https://cerebras.ai/blog/which-is-faster-gemini-3-5-flash-or-kimi-k2-6-on-cerebras - AI-native startups hire fewer juniors and more elites, Harvard study finds
Startups built around AI hire fewer entry-level workers than their peers, according to a working paper from Harvard Business School and INSEAD, first reported by Business Insider. The firms are leaner, flatter, and heavily weighted towards senior technical talent. Researchers Rembrand Koning and Hyunjin Kim examined Y Combinator startups from 2020 to 2024 alongside a broader set of […] This story continues at The Next Web
- Shinhan deploys AI 'red team' to test strategy
Shinhan Financial Group held its management forum for the second half of 2026 from Friday to Saturday at Shinhan Bank Blue Campus in Yongin, bringing together about 300 executives from across the group to discuss competitiveness and accelerate its artificial intelligence transformation. The forum opened with a video depicting a hypothetical scenario in which Shinhan Financial had disappeared from the market by 2030, followed by a session assessing the group's competitive position from an externa
- London's cabbies memorize 25,000 streets. But will robotaxis overtake them?
London black cab drivers, who are required to memorize thousands of streets to get their license, are being tested in a new way. Several companies are trying to bring robotaxis to the city's streets.
- Startup Exec Boasts About Using AI to Churn Out Sports Content”Without Human Input”
"We create sports content for kids." The post Startup Exec Boasts About Using AI to Churn Out Sports Content”Without Human Input” appeared first on Futurism .
Score: 52🌐 MovesJul 5, 2026https://futurism.com/artificial-intelligence/ai-startup-sports-world-cup-video-slop - ‘The question is no longer how much AI can produce, but how much of that output is genuinely usable’: How we use and pay for AI is undergoing a major shift
Enterprises are shifting from capabilities and performance to prioritizing trust, accuracy, and measurable business outcomes.
- Mid-year reality check on work: Anxiety is up, trust is down, AI is everywhere
Glassdoor revisited its 2026 workplace predictions and found many have come to fruition, including rising job insecurity, declining trust in leadership and a tougher hiring market
- The AI phone era is coming, and the weird brands may not survive it
AI could make phones smarter, but it may also make the smartphone market less forgiving for smaller, stranger brands.
Score: 50🌐 MovesJul 5, 2026https://www.digitaltrends.com/phones/the-ai-phone-era-is-coming-and-the-weird-brands-may-not-survive-it/ - Beyond prompts: AI loops power next generation of autonomous agents
In a company blog, Anthropic shared that the Claude Code team defines loops as agents repeating cycles of work until a stop condition is met
- Improved performance and model support with GGUF
Ollama 0.30 now offers better performance and GGUF model compatibility via llama.cpp, expanding support on Apple silicon.
- How assistive robots can boost an inclusive workforce
[The content of this article has been produced by our advertising partner.] It’s no longer shocking to see robots working in restaurants and hotels. To create more inclusive opportunities, some businesses employ people with disabilities to control these service robots. The operator’s face appears on the robot’s screen, maintaining a human touch while promoting inclusion. These telepresence robots, also known as avatar robots, allow individuals with mobility disabilities to navigate around...
- Tsinghua Special Scholarship Winner Gu Yuxian Joins DeepSeek Ahead of V4 Launch
Tsinghua PhD Gu Yuxian, a special scholarship recipient with nearly 5,000 citations, joins DeepSeek as its V4 official version prepares for mid-July release.
- Agentic AI Governance System Runtime Reference Architecture
A Runtime Reference Architecture for the Reasoning Layer and the Semantic Control Plane in Regulated Financial Institutions IN BRIEF Agentic AI is changing where operational authority is formed inside the firm. Autonomous systems no longer simply automate decisions; they resolve at runtime how a regulated term or policy applies to a specific action, before that action is taken. The governance question is no longer whether an institution can automate reasoning, but whether it can retain authoritative control over the operational interpretations under which its autonomous systems act. Existing governance disciplines, including model risk management, security, workflow orchestration, and input and output controls, each govern a defined surface. None governs the reasoning layer, where an authorized agent acting within its permissions can resolve a regulated term the institution never sanctioned and carry the firm into a decision it never intended. That gap produces a graded set of failures. Runtime Semantic Divergence is the single-decision condition in which an agent’s runtime operational interpretation departs from the institution’s authorized Reasoning Baseline. Its cumulative effect is Agentic Workflow Drift, the operating-state degradation that builds as unauthorized resolutions execute repeatedly without runtime governance. Its enterprise risk surface is Agentic Workflow Subversion, where that divergence propagates across workflows and functions or is deliberately exploited. The defining hazard is the one that leaves no adjacent control tripped at all. The Semantic Control Plane is the runtime governance architecture for that layer. An Ontology holds the authorized Reasoning Baseline, a Semantic Layer evaluates the agent’s runtime interpretation against it, and a Knowledge Graph governs propagation across multi-agent workflows, all operating through a Pre-Execution Assurance Protocol that decides whether execution authority may be emitted before the agent acts. It does not reach into the model’s cognition; it governs the operational interpretation the institution can be held to. The architecture complements existing controls without replacing them and integrates with model risk management under SR 11–7 and SR 26–2, the Three Lines of Defense, and maker-checker discipline. The full working paper specifies it at institutional depth: applicability, measurement, enforcement, evidence, propagation, containment, implementation, operating economics, regulatory alignment, and limitations. This brief makes that specification legible enough for supervisors, boards, CROs, CTOs, COOs, CISOs, and control owners to see why it matters. 1 The Governance Problem in a Single Decision A corporate client requests an expedited drawdown on an existing credit facility. The agentic system tasked with processing the request must determine whether the request satisfies the institution’s authorized definition of approved before execution authority is emitted. Three contributing systems each hold a definition of approved. The KYC platform defines approved as identity verified, the credit engine as risk-scored within tolerance, and the entitlement system as access provisioned. Each system returns an affirmative result. The agent synthesizes a runtime Operational Interpretation and proceeds under that interpretation. This is the Invisible Failure condition, named in the author’s broader reasoning-layer governance corpus. Every adjacent control can fire correctly, but the institution remains wrong because the controls evaluated against a definition that had already shifted from what was authorized. The drawdown exposes the Two Questions of Control. First, did the control fire? Yes. Second, did the control evaluate the agent’s reasoning against an authorized definition? No. The failure did not emerge from a broken control. It emerged from the operational interpretation against which the controls executed. The synthesized interpretation omitted the collateral-status validation required by the institution’s authoritative definition of approved. Inputs remained valid, tool calls remained authorized, and outputs remained structurally compliant. No surface evaluated the synthesized resolution itself, so the institution did not detect the failure until downstream reconciliation, audit review, or regulatory reporting identified the exposure misclassification. This was not a failure of model accuracy, input quality, protocol authorization, tool execution permissions, or output validation. It was a failure of resolution. An authorized agent, acting wholly within its permissions, carried the institution into a decision it never sanctioned. For agentic AI, the central governance challenge is therefore no longer whether institutions can automate reasoning. It is whether they can retain authoritative control over the operational interpretations under which autonomous systems act. 2 Why Existing Controls Do Not Reach This Layer A growing body of governance work addresses autonomous agents, and it falls into recognizable governance disciplines. Risk management and lifecycle governance applies the govern, map, measure, and manage discipline to models, data, and policy. Security governance treats the agent as an attack surface and defends against prompt injection, data exfiltration, and privilege escalation. Structural governance sets the container the agent runs in through tool access limits, runtime budgets, and sandboxed isolation. Operational and certification governance establishes auditable organizational readiness. Each discipline is necessary. None governs the reasoning layer itself, where an agent reconciles conflicting definitions and proceeds under a synthesized operational interpretation before it acts. Between policy and execution sits the resolution step. An agent can stay within every granted permission, invoke only authorized tools, carry no malicious payload, and still execute under an operational interpretation the institution never authorized. That is the gap the drawdown exposes, and it is the surface the Semantic Control Plane is built to govern. The point is structural, not superficial. Adjacent control surfaces evaluate artifacts. The SCP evaluates the resolution that drives them. Observability evaluates telemetry; tool governance evaluates structured tool calls; workflow orchestration evaluates execution sequencing; model governance evaluates model artifacts. None evaluates the Operational Interpretation itself as a governed runtime object before execution authority is emitted. Absorbing SCP functionality into those adjacent frameworks would require them to change their governing object, move their evaluation point upstream, maintain an institutionally authoritative Reasoning Baseline, and produce a new pre-execution evidence class. At that point, the adjacent framework has not merely expanded; it has acquired the capabilities the SCP specifies. Agentic systems break the Control Inheritance Assumption because operational interpretation is synthesized at the integration surface rather than preserved through a deterministic interface. The Semantic Control Plane partially restores that assumption at the reasoning layer. The supervisory consequence is an observability gap. Existing supervision sees inputs, tool calls, outputs, and outcomes, but not the resolution step in which the agent forms the operational interpretation that drives them. Figure 1 The Supervisory Observability Gap,Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus The observability gap is not specific to one control. It recurs across each major institutional AI governance discipline. Each discipline governs a real surface and stops short of the reasoning layer, where the agent resolves what a regulated term means. Table 1 sets the five disciplines against what each governs and where each stops. Table 1 The five institutional AI governance disciplines and where each stops. No existing governance discipline reaches the layer where an agent resolves what a regulated term means. That gap is now beginning to draw regulatory attention. 3 The Regulatory Inflection Agentic AI is moving into regulated financial workflows faster than the frameworks meant to oversee it. Financial services governance matured around adjacent control disciplines: model risk management anchored in Federal Reserve SR 11–7 and OCC 2011–12, and risk data aggregation and reporting expectations reflected in BCBS 239. Those disciplines are strongest once a calculation or decision artifact exists: the model can be governed, validation can be reviewed, outputs can be tested, and reporting can be reconstructed. They were built for a world in which the model calculated and a human decided. Agentic systems reason across platforms and execute within the same sequence, so the governance focus extends from whether the output is accurate to whether the operational interpretation the system resolved remains aligned with the institution’s authorized baseline. On April 17, 2026, the federal banking agencies issued revised interagency guidance on model risk management, Federal Reserve SR 26–2, OCC Bulletin 2026–13, and FDIC FIL-15–2026, replacing SR 11–7 for the first time in fifteen years. This revised guidance states that generative and agentic AI models are novel and rapidly evolving and are therefore not within its scope, while directing that an institution’s own risk management and governance practices should determine appropriate controls for systems the guidance does not cover. Across a fragmented set of state statutes, the European Union AI Act, NIST AI RMF, and financial services supervisory expectations, a consistent set of objectives recurs and transparency into how automated decisions are reached, auditability of those decisions after the fact, clear accountability for outcomes, and increasingly, assurance before execution rather than reconstruction after it. As binding federal legislation has stalled, voluntary frameworks and supervisory guidance are increasingly treated as evidence of reasonable governance practice, and procurement conditions reinforce the same pull. As voluntary frameworks become the scaffolding on which legal obligation is built, institutions will be expected to demonstrate governance at the reasoning layer. The Semantic Control Plane maps against the supervisory and governance frameworks institutions already operate, functioning as a complementary reasoning-layer evidence architecture, not a separate regime. The mapping spans model risk management under SR 11–7 and SR 26–2, the Three Lines of Defense, NIST AI RMF and TEVV concepts, EU AI Act high-risk-system obligations, DORA operational resilience, BCBS 239 risk-data and reporting discipline, and principles-based governance expectations. This mapping is conceptual and does not claim that the Semantic Control Plane itself satisfies any legal or supervisory obligation. Its purpose is to show how runtime evidence, semantic authorization, Human-in-the-Loop routing, Runtime Semantic State Record entries, and the Semantic Audit Trail support existing governance expectations where agentic systems resolve operational interpretation before acting. Table 2 Runtime Application of NIST TEVV Concepts to the Pre-Execution Assurance Protocol, The NIST TEVV mapping is proposed and is not endorsed by NIST. This TEVV mapping operates at the level of individual control activities. Supervisory examination proceeds framework by framework. Figure 2 maps each supervisory and governance framework to its regulatory anchor, the SCP artifact that addresses it, and the institutional alignment point. Its detail level is appropriate for institutional examination preparation and supervisory dialogue, where per-framework specificity matters. Figure 2 Regulatory Mapping Detail Matrix, US Supervisory Runtime Governance, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus Across the matrix, the same pattern holds. Each framework already expects evidence, authorization, or reconstruction, and the architecture produces those as runtime artifacts, not documentation assembled after the decision. The positioning is therefore a property of where the architecture sits, not an obligation retrofitted to satisfy any single framework. 4 The Failure Mode, Named and Distinguished Statistical model drift and Runtime Semantic Divergence are different failure modes. Statistical drift concerns changes in model output behavior over time, detected through model risk management discipline (SR 11–7, revised by SR 26–2, April 2026). Runtime Semantic Divergence concerns the operational interpretation under which an agentic workflow proceeds at the moment execution authority is evaluated. A model can perform as expected while the agent resolves a regulated term under an unauthorized operational interpretation. Runtime Semantic Divergence is the single-decision condition in which an agent’s runtime interpretation departs from the institution’s authorized Reasoning Baseline. Agentic Workflow Drift is what accumulates when that condition repeats without governance, until documented definitions remain formally intact while operational practice drifts away from them. The work names that condition Authority Decay: the weakening of institutional authority as repeated unauthorized resolutions become operational practice. Agentic Workflow Subversion is the enterprise risk surface that opens when drift propagates across functions, workflows, and control boundaries, including under adversarial conditions. These terms are not interchangeable. Divergence is the measurable condition, drift is the accumulation, and subversion is the enterprise exposure. Figure 3 Semantic Failure Propagation, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus The significance of this failure mode is not that agentic systems uniquely introduce unauthorized interpretation. Human operational systems already experience semantic inconsistency through fragmented authority, outdated definitions, and manual variance. Agentic systems change the speed, the scale, and the propagation characteristics of those failures, which is why the institution requires a runtime architecture that reasserts the authorized baseline at every in-scope decision instead of reconstructing it after the fact. 5 The Agentic Governance Model and the Semantic Control Plane The Agentic Governance Model (AGM) is the institutional governance framework for autonomous reasoning systems. It organizes governance across four pillars. Foundation establishes the conditions under which autonomous reasoning becomes governable. Core specifies the runtime governance architecture. Integrity protects the reasoning layer from manipulation and adversarial action. Oversight governs reviewability, accountability, evidentiary assurance, and supervisory reconstructability. The four pillars operate together as a unified system, and the Semantic Control Plane is the Core through which the remaining pillars become operationally enforceable. The Integrity pillar matters because formalizing a runtime governance surface also creates a corresponding runtime attack surface. That cybersecurity-adjacent surface is named the Semantic Layer Integrity Attack (SLIA) in the full paper, a candidate cross-system threat class operating at the reasoning-layer control surface. SLIA is not defined by the compromise mechanism, which may be prompt injection, retrieval poisoning, identity compromise, policy manipulation, insider abuse, or supply-chain compromise; it is the condition in which an adversary manipulates the relationships between the Semantic Layer and adjacent components such as the Ontology, Knowledge Graph, persistence layer, input retrieval surface, or policy-evaluation surface, so that the governance architecture authorizes execution under a corrupted semantic interpretation while the underlying model may continue to operate nominally. Together, the four pillars operate as a unified governance system for autonomous reasoning in regulated environments. The Semantic Control Plane is the Core pillar, the runtime governance mechanism through which the remaining pillars become operationally enforceable. Figure 4 The Agentic Governance Model (AGM), Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus At runtime, the Semantic Control Plane preserves institutional authority during autonomous reasoning. It operationalizes the Agentic 3 C’s Framework at orchestration speed through three components. The Context principle is operationalized in the Ontology, which supplies the authoritative definitions that constitute the institution’s Reasoning Baseline. The Control principle is operationalized in the Semantic Layer, which evaluates the agent’s Runtime Semantic State against the baseline, computes the Semantic Deviation Index, and enforces tolerance through the Deterministic Gate before execution authority is emitted. The Coordination principle is operationalized in the Knowledge Graph, which governs propagation across multi-agent workflows and defines the Agentic Blast Radius it contains. These three components operate through defined interfaces and divide responsibility by what each must retain. The Ontology and the Knowledge Graph hold persistent state, the authorized definitions and relationship structures together with their version history. The Semantic Layer holds only transient state, the evaluation of a single agentic decision, and retains no evaluation evidence once the Gate decision is made. Evidence persistence is the separate responsibility of the Runtime Semantic State Record and the Semantic Audit Trail. Keeping transient evaluation apart from persistent evidence is what allows the architecture to operate at orchestration speed without accumulating state in the evaluation path. These are not three new enterprise-wide infrastructure replacement initiatives. They are three architectural surfaces over capabilities the institution typically already maintains under different names: core banking and treasury platforms, plus suitability, KYC and AML, and policy management systems that increasingly expose authoritative definitions through interfaces that can federate at runtime. Activation depends on whether the deployment exposes governable runtime representations sufficient for institutional adjudication. The Runtime Governance Applicability Test determines that boundary. Figure 5 Runtime Governance Architecture: The Semantic Control Plane, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus The architecture governs a single object: the operational interpretation an agent resolves against an institutionally authorized Reasoning Baseline, checked before execution authority is emitted. It reaches that object only through governable runtime representations. A representation is governable when it satisfies three conditions: it is produced during runtime agentic decisioning at the orchestration boundary, it is exposed to institutional governance functions through interfaces sufficient to support adjudication, and it carries the operational interpretation against which alignment to the authorized Reasoning Baseline can be evaluated. The Semantic Control Plane evaluates the governable runtime representations the deployment exposes: orchestration artifacts, tool-selection and tool-sequencing records, policy-evaluation records, and the compiled operational interpretation the agent carries forward. Where those representations are sufficient for institutional adjudication, the deployment is governable. Where they are not, RGAT classifies the deployment as Governance-Constrained or outside enforceable scope. Evaluation operates on the governable runtime representations the deployment exposes at orchestration time, not on the model internals behind them. Figure 6 How the SCP Evaluates Governable Runtime Representations, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus The reasoning layer introduces an adjacent threat surface. While adjacent attacks may originate through model, retrieval, identity, or policy surfaces, SLIA’s defining characteristic is that its impact manifests at the runtime governance surface, the point at which governance is evaluated, against the Runtime Semantic State artifacts through which the reasoning-layer governance architecture infers the operational interpretation. SLIA is distinct from the attack classes institutions already defend. It operates above the model layer and below the institutional governance review layer. Prompt injection manipulates the input; SLIA manipulates the artifacts from which the operational interpretation is inferred, which can occur even when the input is benign. Retrieval poisoning manipulates retrieved context; SLIA manipulates the runtime evaluation point itself. A jailbreak circumvents model alignment to produce an unauthorized output; SLIA produces a governance authorization for an unauthorized resolution while the model behaves nominally. Figure 7 The Semantic Layer Integrity Attack: Adversarial Architecture, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus For institutional cybersecurity functions, this is familiar dependency-chain reasoning: the integrity of a governance layer is bounded by the integrity of the surfaces it depends on. Reasoning-layer governance relies on the Runtime Semantic State artifacts the deployment environment supplies, and that environment is itself subject to adversarial manipulation. The architecture surfaces that dependency explicitly instead of absorbing it silently. Integrity is therefore a named pillar, not an assumed property. The architecture and the adversarial surface it must withstand are now defined. What follows is the mechanism itself: how the Semantic Control Plane evaluates a single decision before execution authority is emitted. 6 How the Architecture Operates: Pre-Execution Assurance Every in-scope agentic decision crosses a five-step sequence once, in the orchestration window between resolution and the emission of execution authority. The Pre-Execution Assurance Protocol establishes the Reasoning Baseline for the decision class, extracts the Runtime Semantic State from the governable artifacts the deployment exposes, computes the Semantic Deviation Index against the baseline, enforces the Deterministic Gate threshold, and generates the per-execution evidence record. Evaluation precedes authorization, authorization precedes emission, and emission precedes execution. For every in-scope governed decision, execution authority is emitted only after semantic authorization assurance is satisfied. The protocol is more than a workflow. It binds four things into one runtime control sequence: the authoritative definition supplied by the Ontology, the agent’s resolved Operational Interpretation inferred by the Semantic Layer, the deterministic authorization decision issued by the Gate, and the evidence object preserved through the RSSR and Semantic Audit Trail. That is what makes the SCP an architecture, not a monitoring layer. It does not merely observe what happened. It determines whether execution authority may be emitted. The Semantic Deviation Index combines three component scores: Intent Mismatch, Path Deviation, and Control Bypass Probability. Composite SDI score is normalized to a 0 to 100 scale and classified against four threshold zones. Thresholds are calibrated by decision class and institutional risk tolerance. The Deterministic Gate converts the classified score into one of four deterministic decisions. The Gate logic is deterministic. Given the same score and configuration, it produces the same enforcement action. The Gate itself does not learn. Validation, monitoring, and periodic recalibration still apply to the measurement pipeline, baselines, and extraction layer, which keeps the enforcement decision auditable and defensible under supervisory review. The SDI is a pre-execution runtime measurement of whether the Operational Interpretation the agent is about to act on remains aligned with the institution’s authorized Reasoning Baseline. That measurement cannot be reliably reconstructed from post-execution monitoring, because the governance question exists at the point of semantic resolution, before the workflow proceeds. The SDI gives the Deterministic Gate the measurable object it requires: a bounded, reproducible divergence score that can be evaluated against institutional tolerance before execution authority is emitted. Table 3 Semantic Deviation Index threshold zones and the Deterministic Gate decision each produces. Applied to the opening drawdown, the protocol produces the outcome the institution intended. The Semantic Layer infers the agent’s interpretation and detects the omitted collateral validation. Because the composite index places this high-consequence credit decision beyond its authorized tolerance, the Deterministic Gate issues a mandatory hold and execution does not proceed. The Human-in-the-Loop Protocol is invoked with the authoritative definition of approved, the agent’s resolved Operational Interpretation, and the precise omission, and the per-execution evidence is preserved in the RSSR and the Semantic Audit Trail. When the workflow re-executes, collateral status must be validated before approved can be resolved, so the request no longer resolves as approved, and the drawdown does not execute. That is the control outcome the existing maker-checker pattern is meant to produce, delivered at runtime, not in a review queue. Figure 8 The Pre-Execution Assurance Protocol traced through the drawdown decision, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus This protocol decides whether execution proceeds. It also leaves a record of that decision, which raises two further questions: what that record must contain, and how far a flawed resolution can travel before it is contained. 7 Evidence, Propagation, and Containment Governance evidence appears at three distinct tiers. Verification of Runtime Semantic Resolution is the verification activity the Semantic Layer executes at the orchestration moment. The Runtime Semantic State Record is the structured per-execution artifact that captures the active Reasoning Baseline, the agent’s resolved interpretation, the index, the Gate decision, and the operational context. The Semantic Audit Trail aggregates those records into the institutional history that supports supervisory review and reconstruction. The Gate is designed not to fail open. Where a record cannot be written, execution authority is withheld, because an institution that cannot record the runtime resolution cannot govern the execution that would follow. The evidence hierarchy also closes the Reconciliation Gap. The Reconciliation Gap is the institutional condition in which what the institution authorized and what the agent executed cannot be reconciled per-execution because the evidence required was never captured at the moment execution authority was emitted. Without the Runtime Semantic State Record, post-hoc review reconstructs the decision from downstream artifacts. With the RSSR, the authorized Baseline, resolved interpretation, SDI result, Gate decision, and operational context are preserved as a single per-execution governance object. Figure 9 The Governance Evidence Hierarchy, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus The three governance evidence tiers correspond to verification at the point of decision, the per-execution record, and the institutional longitudinal record that supports supervisory reconstruction. Table 4 sets each tier against its role. These three tiers operate sequentially: every in-scope execution is verified at the decision point, recorded as a per-execution object, and retained in the longitudinal record a supervisor later draws on. Pre-execution assurance depends on the first tier; supervisory reconstruction depends on the third. Table 4 The three-tier governance evidence hierarchy. Propagation is governed separately from individual decisions. Agentic deployments in regulated finance are increasingly multi-agent. Onboarding and trading workflows now chain into servicing and reporting, so an unauthorized Operational Interpretation at one step can propagate downstream until something stops it. The Knowledge Graph maps the relationships across which that resolution would travel and bounds the Agentic Blast Radius, so containment becomes a governed property, not an accident. A held or mandatory hold decision triggers containment for the dependent decisions and entities the relationship model identifies. As a result, the institution can answer, during review or examination, exactly what it authorized at the moment of decision, which provides the observability and reconstructability supervisory review requires. Figure 10 Agentic Blast Radius and Semantic Failure Cascade, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus Evidence and containment describe what the architecture produces. Adoption then turns on how it fits the controls already in place, who owns each component, and what it costs to operate. 8 Institutional Integration and Governance Economics The SCP is complementary to model risk management under SR 11–7 and SR 26–2. The two disciplines operate on different surfaces and produce different evidentiary artifacts, and the Semantic Control Plane is proposed as a candidate runtime architecture for the institutional judgment space that remains where agentic reasoning systems are not fully governed by model risk management alone. The evidence it produces sits naturally across the Three Lines of Defense, where the First Line produces the artifacts, the Second Line validates them, and the Third Line independently verifies their integrity, and it extends the maker-checker pattern into the reasoning layer. That same design also addresses a structural ceiling on agentic adoption. Today, governance discipline at the reasoning layer is sustained primarily through pervasive human-in-the-loop supervision, which is safe but bounds the institutional benefit of agentic AI by the review capacity required to sustain coverage at every decision. The Human-in-the-Loop Protocol preserves human authority for held and escalated decisions, but the reviewer is no longer the default authorization point for every calibrated in-scope decision. Human review becomes selectively concentrated on the decisions that warrant institutional adjudication rather than uniformly applied across every decision the system executes. Human authority remains central, but it moves from universal pre-approval to targeted adjudication of the decisions the Gate cannot authorize autonomously. Inference economics impose a parallel constraint. Inference cost rises quickly when planning, retrieval, tool use, verification, retries, and multi-agent coordination compound inside the same workflow. By resolving authority before the agent acts, the Deterministic Gate contains the downstream reasoning and remediation cost that an unauthorized Operational Interpretation would otherwise accumulate as it propagates, the same cascade the drawdown traces to reconciliation, audit, and reporting. It provides a governance basis for reserving heavyweight semantic reasoning for high-consequence workflows and halting divergent ones before their cost accrues. The SCP is not a productivity metric and does not measure whether reasoning expenditure yields business outcomes. It addresses the narrower governance question: which workflows warrant runtime semantic verification before execution authority is emitted, and which can remain on deterministic rails or asynchronous advisory review. If an unauthorized Operational Interpretation is allowed to proceed, those costs compound through a workflow the institution may later have to unwind. The SCP contains that exposure before execution authority is emitted. Withholding execution authority before divergent workflows propagate can therefore reduce downstream reasoning, tool, review, and remediation cost. 9 Implementation Pathway: From Observability to Enforcement Implementation is part of the architecture, not an appendix to it. The paper specifies how the SCP is introduced, calibrated, staffed, and bounded in production: observability first, enforcement second, expansion only after empirical distribution and institutional capacity are understood. Its design premise is that runtime semantic governance must be operationally deployable, not merely conceptually correct. The Semantic Control Plane is not an enterprise-wide switch turned on at once. Implementation is staged by workflow class, authority level, governance maturity, deployment governability, and Reasoning Baseline readiness. The institution does not run every agentic decision through SCP enforcement. It starts with in-scope decision classes where unauthorized operational interpretation carries supervisory, fiduciary, customer, regulatory-reporting, or capital consequence. Implementation begins with observability. In ghost mode, the Semantic Layer activates, computes the Semantic Deviation Index, generates Runtime Semantic State Records, and populates the Semantic Audit Trail, while the Deterministic Gate remains in observation-only configuration. The Gate does not yet produce holds. Deployment teams observe the runtime distribution before activating enforcement. Threshold calibration follows. The Gate threshold is the institution’s calibrated divergence tolerance for a specific decision class. Below the threshold, the Gate emits a permit decision and the workflow proceeds. Above the threshold, the Gate holds and the Human-in-the-Loop Protocol activates. The threshold is institution-defined, not architecturally fixed. Different decision classes receive different thresholds: tighter for fiduciary allocation, credit drawdown, sanctions, and regulatory reporting, and broader for lower-risk operational execution or non-transactional discovery. Deployment is segmented. Initial production deployments typically begin with one to three high-consequence regulated-execution classes, such as credit drawdown, fiduciary allocation, or regulatory reporting. Each is isolated as a deployment surface with its own Reasoning Baseline scope, threshold calibration, and Human-in-the-Loop Protocol. Coverage expands as institutional learning accumulates. Table 5 SCP Tier Categories The tier categories above set where SCP governance applies, the Gate threshold each decision class carries, and its default classification before review. Deployment then proceeds in phases over time. Advisory operation, Ghost Mode, synchronous enforcement, and calibrated enforcement move the institution from observation to calibrated control, with each phase calibrating the Gate threshold against the empirical distribution observed in the phase before it. Table 6 SCP Phased Deployment Modes The Control Plane can operate as a sidecar relative to the production agentic workflow. The Semantic Layer is a logically separate runtime component called by the orchestration layer at the orchestration moment. This keeps the SCP independently scalable, deployable, and upgradeable. The principal scaling constraint is institutional governance ownership, not infrastructure alone: ontology stewardship, threshold calibration, audit retention, reviewer capacity, and pilot-period review activity. The integration architecture shows how the Semantic Layer sits beside the orchestration layer at the point where execution authority is requested, so that governance is exercised at the orchestration moment without redesigning the production workflow. Figure 11 SCP Integration Architecture, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus Integration also makes ownership visible. Definitional authority remains with the functions that own regulated meaning. The orchestration layer calls the Semantic Layer at the runtime evaluation point. Capability management routes Gate-held decisions based on the configured outcome. HITL routing sends held decisions to the appropriate human authority. Audit and supervisory reporting preserve end-to-end evidence. The SCP therefore does not replace existing institutional systems; it connects them at the point where operational interpretation must be authorized. Table 7 Governance Ownership Model The SCP is not blanket runtime governance across the institution’s entire agentic surface. It is calibrated pre-execution semantic authorization for the decision classes where the cost of unauthorized interpretation justifies runtime assurance. Readiness for deployment depends on whether the governance owners named in the ownership model are in place with the evidence each function requires. Readiness matrix sets out the pre-deployment conditions across ontology stewardship, threshold calibration, audit retention, and reviewer capacity. Table 8 SCP Pre-Deployment Readiness Matrix The Semantic Control Plane operates against human-governance latency rather than deterministic machine latency, inside the orchestration window between resolution and execution authority emission. It is not specified for universal application; it is calibrated to the in-scope decision classes where the cost of unauthorized interpretation justifies runtime assurance. Governance applies selectively, concentrating where unauthorized operational interpretation carries supervisory consequence, so governance latency is incurred only where it is warranted. The objection that runtime governance adds unacceptable latency is inverted for the in-scope decision classes. Those decisions already pass through maker-checker review, escalation chains, and supervisory adjudication, which operate at human-coordination latency of minutes to hours. The Deterministic Gate executes the institution’s calibrated threshold in milliseconds, so the architecture converts human-coordination latency into runtime-evaluation latency for the same governance discipline on the same decision class. Across operating models, this places the Semantic Control Plane between deterministic systems, which are fast but ungoverned, and full human review, which is governed but slow: it delivers institutional governance intensity at the speed of orchestration rather than the speed of review. Figure 12 The Governance Latency Curve, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus Governance latency is incurred only where it is warranted. The decisions that warrant it are precisely those escalated to human authority, and the form that authority takes is the subject that follows. 10 The Human-in-the-Loop Protocol and Calibrated Human Authority Human review becomes selectively concentrated on institutionally escalated decisions rather than uniformly applied across every in-scope runtime decision. Standard path is autonomous: decision, semantic evaluation, Gate, authorization, and execution, where semantic authorization falls within institutional tolerance. The Human-in-the-Loop Protocol is the exception path invoked when the Deterministic Gate issues a hold or mandatory hold, or when a protocol-level failure requires institutional resolution. When the Human-in-the-Loop Protocol is triggered, the reviewer is not asked to reconstruct the event from downstream logs. Decision state is preserved at the moment of hold: the resolved Operational Interpretation, the active Reasoning Baseline, the Semantic Deviation Index computation, the Gate decision, the Knowledge Graph relationship context, the workflow identifier, the decision class, and the temporal context. The reviewer exercises institutional judgment; the SCP supplies the evidence and the resolution pathway. That authority is not symbolic. Resolution pathways for held decisions are specified in the full paper: authorize execution, authorize execution with constraints, terminate the agentic pathway, or escalate to secondary authority such as Credit Committee, AML Governance Committee, Legal Review, or another designated institutional authority. A Gate hold is therefore not a delay queue. It is a governed pause pending institutional resolution. Figure 13 Human Blanket vs Calibrated Governance, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus This is the operational distinction between blanket review and calibrated review. The reviewer is engaged where the institution’s governed divergence tolerance is exceeded, not where the institutional risk function lacks confidence. That is one of the core differentiators. The SCP preserves human authority without making human review the default operating model. The Gate handles in-tolerance runtime authorization, while the Human-in-the-Loop Protocol preserves institutional human authority for the bounded exception set the Gate cannot authorize autonomously. This supports straight-through transformation instead of returning agentic execution to maker-checker review on every action. Table 9 Human-in-the-Loop Protocol Architecture The protocol defines the standard exception path for held decisions. Table 10 is narrower: it specifies when institutional override authority exists, who may exercise it, and what audit evidence must be preserved. Override authority is reserved for defined institutional roles and is itself logged, so that any departure from the standard exception path leaves a reconstructable record. This separation preserves the maker-checker discipline the institution already operates. Table 10 Governance Exception and Override Authority Matrix The exception path defines how human authority is exercised within scope. The scope itself is bounded, and where the Semantic Control Plane applies, and where it does not, is the question taken up next. 11 Applicability and Boundaries The Semantic Control Plane is not universally deployable. It governs the governable runtime representations a deployment exposes, the orchestration plans, tool-selection rationales, policy-evaluation traces, and state-transition records from which the Runtime Semantic State is derived. It makes no claim of access to model cognition, internal neural state, or chain-of-thought reasoning. Latent cognition is excluded by design, because supervisory adjudication requires artifacts that can be evaluated, reconstructed, and contested, and internal model reasoning does not satisfy that condition. Figure 14 Runtime Governance Applicability, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus Applicability is deployment-dependent and is determined by the Runtime Governance Applicability Test, which evaluates whether a deployment exposes the representations institutional adjudication requires and classifies it as Governable, Governance-Constrained, or Non-Governable. It applies to in-scope regulated workflows where semantic ambiguity is material and execution authority is non-trivial. It does not apply to high-frequency deterministic execution, non-regulated decisions, consumer-facing interactions without commitment authority, or exploratory analytical workflows. Nor does it determine universal semantic truth. Where institutions disagree on a regulated term, the institution adjudicates the disagreement through the same authoritative functions that produce its other policies, and the evaluation operates against whatever authorized baseline the institution then maintains. The Adjacent Governance Surface (AGS) formalization names the reasoning layer as a governable runtime surface, and RGAT classifies whether a given deployment is governable. Figure 15 RGAT Decision Tree, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus The SCP does not claim to govern every agentic deployment, every AI workflow, or eliminate all semantic failure modes. It governs the subset of deployments where semantic ambiguity is material, execution authority is non-trivial, the institution already operates governance structures whose latency constrains agentic adoption, and the deployment exposes governable runtime representations sufficient for institutional adjudication. Where those conditions are absent, the SCP does not apply; RGAT classifies the deployment accordingly. Table 11 Governance Fidelity and Deployment Calibration Matrix Applicability is settled one deployment at a time. The exposure changes character when the same reasoning-layer dependency is shared across many institutions at once. 12 The Systemic Dimension The systemic dimension is the supervisory implication that emerges once the same reasoning-layer dependency is shared across regulated institutions. Beyond the single institution, the work identifies two candidate macroprudential directions for supervisory consideration. Systemic Semantic Contagion is the cross-institutional condition under which an unauthorized operational interpretation arises simultaneously across multiple regulated institutions through shared semantic infrastructure. Semantic Concentration Risk is the exposure to that shared infrastructure across the regulated population, architecturally analogous to counterparty concentration risk, but measured against common foundation models, orchestration platforms, and policy-translation services. These concepts are included to show the supervisory significance of reasoning-layer governance, not to claim that the present work establishes a validated macroprudential measurement regime. Institutional architecture comes first. The SCP governs the per-institution runtime object. The systemic question is adjacent. It is whether common models, orchestration platforms, vendor ontologies, or regulatory-interpretation services could produce correlated semantic deviation across the regulated population. Drift in a shared runtime resolution surface can propagate simultaneously across institutions where it occurs, invisibly relative to any single institutional governance function, and with institutional coherence: each affected institution’s agentic systems would converge on the drifted interpretation rather than diverging from one another. Figure 16 Systemic Semantic Propagation and Correlated Exposure, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus Systemic exposure is a supervisory implication, not a validated measurement. What the architecture has not yet established, and what would establish it, is set out next. 13 Limitations and the Evaluation Agenda The paper is a conceptual architecture specification, not an empirical study. It does not claim validation of performance, threshold efficacy, or supervisory acceptance, and it is specified at the resolution required for institutional deployment and supervisory engagement rather than that of a validated production system. No runtime control layer can compensate for institution-wide semantic incoherence or contested authority over regulated terms. The SCP extends institutional discipline into the reasoning layer; it does not substitute for that discipline. Extraction fidelity is deployment-dependent, threshold calibration is technically demanding, and a baseline that is authorized but substantively incorrect will produce enforcement consistent with that baseline. These limitations constrain the claim. The empirical agenda is explicit. It asks whether the index can predict semantic divergence before execution across decision classes, whether Blast Radius containment measurably reduces downstream propagation, whether the evidence record supports supervisory reconstruction under examination conditions, whether cross-institutional index distributions can indicate systemic contagion, and whether the applicability test reliably classifies governable deployments. Methods begin with controlled pilots and parallel-run ghost-mode deployment against current practice. They then extend to longitudinal calibration, cross-institution comparison, and supervisory simulation using the audit trail. That is the validation environment established here. These limitations are also claim boundaries. The brief does not ask readers to accept universal applicability, inspection of model cognition, removal of human authority, elimination of all semantic failure modes, or validated supervisory acceptance. It specifies where the SCP applies, what evidence it can evaluate, what remains outside scope, and where empirical validation is required. Table 12 summarizes the limitations most likely to become deployment-constraining in institutional implementation, the condition under which each becomes material, and the institutional response supported. Table 12 SCP Limitations Matrix These limitations narrow where the architecture applies without altering how it behaves where it does apply. At the level of a single decision, that behavior is what the closing figure contrasts. Without the Semantic Control Plane, the orchestration sequence resolves an operational interpretation from the contributing systems’ signal patterns. With it, the Ontology supplies the Reasoning Baseline and the Semantic Layer verifies that interpretation before execution authority is emitted. Figure 17 Runtime Semantic Divergence: Without SCP vs With SCP, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus Without the architecture, divergence becomes visible only after the loss. With it, the institution governs the resolution before execution authority is emitted. That contrast frames the closing argument. 14 Conclusion The control fired. The workflow executed. The bank was still wrong. That drawdown opened this brief because it exposed the precise governance failure the Semantic Control Plane is designed to address. Adjacent control surfaces govern artifacts. They do not govern the Runtime Semantic State through which operational meaning is formed before execution authority is emitted. The Semantic Control Plane is the governance architecture for that surface: the reasoning layer at which agentic systems resolve the Operational Interpretation of regulated terms before execution authority is emitted. The architecture resolves into a single governance transition, traced end to end in the authority formation pipeline. Figure 18 The Authority Formation Pipeline, Source: Doyle-Spare (2026), underlying Zenodo working paper and supporting SSRN corpus Institutions have always governed execution authority. Agentic systems change where execution authorization is operationalized. The agent’s resolution now happens at runtime, inside orchestration sequences operating at orchestration speed. Governance therefore shifts from validating only whether systems are authorized to act toward validating whether the resolution under which they act remained authorized before execution. The Semantic Control Plane does not ask whether the agent can act. It asks whether the institution authorized the meaning under which the agent is about to act. The architecture does not determine what the meaning should be. It determines whether execution proceeds under the meaning the institution authorized. The architecture is new. The governance functions are not. Credit committees, compliance adjudication, supervisory override, maker-checker review, model risk management, the Three Lines of Defense, internal audit, and board accountability all remain. The addition is the runtime governance layer at which Operational Interpretation is verified before autonomous execution authority is emitted. The contribution is the specification of the runtime object, evaluation point, enforcement mechanism, evidence record, propagation boundary, Human-in-the-Loop exception path, implementation pathway, and supervisory limits required to make that verification governable. The reasoning layer has now become a governance surface. The institutional question is whether it will also become a governed one. Framework Reference The full paper provides the complete specification behind the constructs summarized below. This Framework Reference is a compact guide to the submitted SCP capstone and supporting working papers. It surfaces the architecture, evidence, implementation, boundaries, and terminology needed to orient the reader to the full specification; it is not a new specification. The constructs are organized into seven governance categories, spanning foundational architecture, runtime governance mechanics, evidentiary objects, failure conditions, propagation conditions, systemic conditions, and threat conditions. Table 13 Construct Classification INTELLECTUAL PROPERTY & CITATION NOTICE The constructs, frameworks, terminology, figures, and tables in this brief are the original work of the author, developed and staked across the author’s published research. They are presented here for institutional and supervisory engagement. Their formal specifications reside in the underlying SSRN and Zenodo working papers. This brief can be downloaded at (PDF) Executive Brief Agentic AI Governance System Runtime Reference Architecture © 2026 Maureen Doyle-Spare. All rights reserved. No part of this executive brief, including its text, figures, tables, and images, may be reproduced, distributed, or used to train commercial artificial intelligence or machine learning models in any form without the author’s prior written permission. How to Cite This Work : (APA 7th Edition): Doyle-Spare, M. (2026). Agentic AI Systems Governance: A Runtime Reference Architecture for the Reasoning Layer and the Semantic Control Plane in Regulated Financial Institutions. Zenodo. Concept DOI: https://doi.org/10.5281/zenodo.20749050 The executive brief is a 30 page summary of the full reference architecture. Download it on ResearchGate: https://researchgate.net/publication/407444360_Executive_Brief_Agentic_AI_Governance_System_Runtime_Reference_Architecture About the Author Maueen Doyle-Spare Independent Practitioner and Researcher in AI Governance Doyle-Spare Research Maureen Doyle-Spare is an independent practitioner and researcher in AI governance and banking controls. She is the originator of Agentic Workflow Drift and Agentic Workflow Subversion, a reasoning-layer risk taxonomy for agentic AI systems, and of the broader runtime governance architecture organized within the Agentic Governance Model. Her working papers include the Semantic Control Plane reference architecture, the Semantic Deviation Index, the Agentic 3 C’s Framework, and the Semantic Layer Integrity Attack work. Related research: SSRN №6459612 (Agentic Workflow Drift and Agentic Workflow Subversion, March 2026), SSRN №6531238 (The Semantic Deviation Index, April 2026), SSRN №6674761 (The Agentic 3 C’s Framework, May 2026), SSRN №6926219 (Agentic AI Cyber Subversion: The Semantic Layer Integrity Attack, 2026), and Agentic AI Systems Governance: A Runtime Reference Architecture for the Reasoning Layer and the Semantic Control Plane (Zenodo, 2026), https://doi.org/10.5281/zenodo.20749050 . ORCID: https://orcid.org/0009-0009-6655-1394 OSF: osf.io/zuacj Correspondence: linkedin.com/in/maureendoylespare Originally published at https://maureendoylespare.substack.com . Agentic AI Governance System Runtime Reference Architecture was originally published in Towards AI on Medium, where people are continuing the conversation by highlighting and responding to this story.
- 70% of UAE professionals use AI daily - IBPC Dubai’s inaugural TechPulse MEA 2026 maps the next wave of enterprise transformation
Industry Leaders explore how AI, governance and digital innovation will shape business strategy over the next 15 months
- Some of the nation’s rich are letting AI teach their kids
Most Americans don't trust AI. It's proven that it doesn't know what safe toppings for pizza are. People don't even want to listen to AI music. But none of that matters for some of America's wealthy, who are turning to AI to teach their kids instead of traditional schools. Companies like Forge Prep and Alpha […]
Score: 47🌐 MovesJul 5, 2026https://www.theverge.com/ai-artificial-intelligence/961505/wealthy-ai-schools-alpha-forge-prep - China Mobile launches AI-eSIM industry committee
The committee includes over 40 companies from telecom, chip design, AI, and security sectors.
Score: 46🌐 MovesJul 5, 2026https://www.techinasia.com/china-telecom-giants-invest-ar-glasses-maker-rayneo - Labour pressured council to back giant AI data centre
Labour pressured council to back giant AI data centre The Telegraph
Score: 46🌐 MovesJul 5, 2026https://www.telegraph.co.uk/business/2026/07/05/labour-pressured-local-council-to-back-giant-ai-data-centr/ - Texas program targets future of farming with training in AI and robotics
Texas program targets future of farming with training in AI and robotics Austin American-Statesman
Score: 45🌐 MovesJul 5, 2026https://www.statesman.com/business/article/texas-utsa-swri-tech-agriculture-program-22309757.php - AI Glasses Face the Impossible Triangle: Cost, Performance, Battery Life in Chip Design
AI glasses are entering mass production but face critical chip-level challenges: overheating, latency, and battery life form an impossible triangle that dedicated SoCs must solve.
Score: 45🌐 MovesJul 5, 2026https://pandaily.com/ai-glasses-impossible-triangle-chip-cost-performance-battery-jul2026 - AI Got This Lawyer Away From His Desk: 'Dramatically More Efficient'
AI Got This Lawyer Away From His Desk: 'Dramatically More Efficient' Business Insider
Score: 42🌐 MovesJul 5, 2026https://www.businessinsider.com/ai-claude-got-lawyer-away-from-his-desk-more-efficient-2026-6 - Huawei's Tao's Law V2 Paper: Logic Folding to Dramatically Boost Kirin CPU Clock Speeds
Huawei's He Tingbo publishes Tao's Law V2 paper detailing LogicFolding, boosting Kirin transistor density 53.5% and paving the way for 4GHz+ CPU frequencies.
Score: 42🌐 MovesJul 5, 2026https://pandaily.com/huawei-tao-law-v2-logic-folding-kirin-cpu-clock-speed-jul2026 - The AI revolution: Dealerships automate calls, service scheduling, F&I training and more
The AI revolution: Dealerships automate calls, service scheduling, F&I training and more Automotive News
Score: 42🌐 MovesJul 5, 2026https://www.autonews.com/retail/an-ai-intelligence-report-dealerships-0705/ - I Benchmarked My AI Coding Agent Against Human-Written Code. It Won Every Metric but One
A self-refining Gemini-powered agent, five real-world Python tasks, a +12.2 Maintainability Index gap — and the one metric where human code still came out ahead. There’s a debate happening in every engineering Slack channel right now: is AI-generated code actually good, or does it just look good? Most of the takes are vibes. Someone pastes a ChatGPT snippet, someone else finds a bug in it, and everyone retreats to their prior opinion. I wanted numbers instead. So I ran this as a proper study — formal research questions, defined quality thresholds, threats-to-validity section, and all. I built an autonomous agent that writes, runs, and refines its own Python code, then put its output through the same static analysis gauntlet we’d use on a human developer: Pylint, Radon’s Maintainability Index, cyclomatic complexity, and bug density. Then I ran human-written implementations of the same five tasks through the same pipeline and compared them. The agent won on almost everything. Almost. Why “the agent felt smart” wasn’t good enough I’ve built agents before — if you read my council of 18 models piece, you know I like making AI systems argue with something, even if it’s themselves. But “it produced working code” is a low bar. Working code that nobody can maintain is how legacy systems are born. So I framed three research questions before writing a line of the framework: RQ1: Can an AI agentic framework achieve code quality comparable to that of human developers in Python? RQ2: What are the relative strengths and weaknesses of AI-generated code across different types of tasks? RQ3: How much do the framework’s tools — web search, automated library installation — actually contribute to functional correctness? I also set pass/fail thresholds up front so that I couldn’t move the goalposts afterward: Maintainability Index above 20, Pylint above 8, bug density below 0.1 defects per line. The architecture: an agent that reads its own terminal The core loop is simple to describe and annoying to build: the agent doesn’t just generate code — it executes it, reads the terminal output, and decides whether the result meets the requirements. If not, it loops back with the reason for failure. Figure 1: The self-refining agent loop — design, generate, execute, evaluate, repeat. Five components make it work: Code Designer: turns the task into explicit technical requirements the script must comply with, before any code is written. This step matters more than the model choice. Code Generator: Gemini Flash produces the implementation. Why Gemini? Honest answer: because it’s free (more free quota than others). That’s not a bug in the study — it’s the point. If a free model inside a good feedback loop beats human code, the framework is doing the heavy lifting, not the LLM. Script Evaluator: a second agent that runs the script and analyzes the outcome. Fail: back to the generator with the failure reason. Pass: ship it. Web Search Tool: lets the generator fetch current documentation when it hits a wall. (Remember this one — it’s the hero of the story later.) Library Installer: resolves dependencies in an isolated environment, so a missing package never kills a run. The design principle: the model is replaceable; the feedback loop is not. The benchmark: five tasks, one pipeline, no cherry-picking Both the agent and the humans implemented the same five single-file Python programs: a basic CLI echo utility, a JSON-backed to-do list manager, a CSV filtering tool, a logging HTTP server, and an interactive AI chat client (REPL, system-message switching, syntax-highlighted output). Every script — AI and human — went through the same automated analysis: Pylint for convention and error-proneness, Radon for Maintainability Index and cyclomatic complexity, plus logical lines of code and bug density. The results The full scorecard: five metrics, averaged across the five tasks. Agent 4, humans 1. The agent won four of the five metrics — Pylint 7.74 vs 7.27, Maintainability Index 76.59 vs 64.39, bug density 0.30 vs 0.43 defects/KLOC, and 59.8 vs 95.6 logical lines of code. The humans took exactly one: cyclomatic complexity, 1.63 vs 3.91. Hold that thought. Three things jumped out at me. The Maintainability Index gap is not subtle. +12.2 points means the agent’s code was consistently more modular and more self-documenting. Reviewing the outputs manually, the reason was obvious: the agent decomposes by default . It writes small named functions with docstrings because that’s the statistically dominant pattern in its training data. A human under time pressure writes the nested loop that works and moves on. I know, because I am that human. The agent says the same thing in 37% fewer lines. 59.8 logical lines versus 95.6 for functionally equivalent programs. Less code is less surface area for bugs — which the bug density number backs up. And the gap explodes on the hardest task. The averages actually understate what happened on the AI chat client, the most complex of the five programs. The human version: 387 logical lines, a Maintainability Index of 28.66 — barely above the “legacy code” floor — and one function with a cyclomatic complexity of 23 . The agent’s version: 100 lines, MI of 68, max complexity of 12. Same functionality. The human REPL wasn’t wrong; it was the kind of code that works today and terrifies whoever inherits it in six months. As task difficulty went up, the human code got monolithic. The agent’s didn’t. The one metric where human code won The agent’s average cyclomatic complexity was 3.91 against the humans’ 1.63. More than double. At first glance, that looks like a loss for the AI. Cyclomatic complexity counts independent paths through the code — lower value usually means simpler. But when I read the scripts side by side, the story got more interesting. The human code achieved low complexity by being monolithic : long straight-line procedures with the occasional loop. One human script literally scored a complexity of zero — no branching at all — while carrying a bug density of 0.75, the worst in the entire study. The agent’s code had higher per-function branching precisely because it split logic into many small, single-purpose functions, each handling its own edge cases and error paths explicitly. So which is actually better? The Maintainability Index — which folds complexity, volume, and structure together — says the agent’s trade-off wins. But it’s a genuine trade-off, not a knockout, and it’s exactly the kind of thing a single metric would hide. If you only measured cyclomatic complexity, you’d conclude AI writes worse code. If you only measured Pylint, you’d conclude it’s barely better. The truth needs the full panel. (I’d genuinely like to hear where readers land on this — is explicit branching in small functions better or worse than long simple procedures? Fight it out in the comments.) The finding that surprised me most: the tools don’t show up in the metrics Here’s the RQ3 result I didn’t expect. I correlated the framework’s tool usage — web search and automated library installation — against the quality metrics. Neither tool improved a single static metric. Not Pylint, not maintainability, not complexity. If you only looked at the static analysis, you’d conclude web search and dependency installation are dead weight and delete them. You’d also be deleting the only reason the code runs . The static metrics measure how code is structured. The tools determine whether it’s functionally correct at all — whether the API call uses the current library interface, whether the dependency actually resolves. Structure and correctness turn out to be nearly independent axes, and most “AI code quality” debates conflate them. An LLM alone gives you well-structured code. The agentic scaffolding is what makes it work . The moment the agent fixed its own math The test that convinced me this approach has legs wasn’t any of the five benchmark tasks. It was a domain-specific stress test in signal processing. The exact prompt I gave the agent: “Create a Python script that implements a notch filter, use synthetic data as sum of sines 0.1Hz and 0.55Hz. Filter should remove/reduce the power of the 0.1Hz sine by at least 90 percent. You cannot access data files, do everything within the script. Plot and save necessary figures.” This is the kind of task where LLMs classically faceplant — it requires getting filter coefficients numerically right, not just syntactically plausible. And on the first pass, the agent’s filter didn’t attenuate properly. Here’s where the web search component earned its place in the architecture. The evaluator flagged that the output missed the attenuation requirement. Instead of blindly regenerating, the agent searched for documentation on the coefficient calculation, corrected its math, and re-ran. Final result: the 0.1Hz component is nearly erased from the spectrum — over 90% power reduction at the target frequency , exactly as specified. Figure 2: Magnitude spectrum and time series of the agent’s final filter. The 0.1Hz peak is nearly gone; the 0.55Hz signal passes untouched. No human intervened between “wrong filter” and “working filter.” That closed loop — execute, detect failure, retrieve knowledge, correct — is the difference between a code generator and a coding agent. The uncomfortable arithmetic Now, the part everyone actually argues about. A junior developer runs roughly $5,800 a month. This agent, including every API call and the infrastructure around it, runs under $1,000 — and once built, costs closer to 5% of that salary. It’s also faster, doesn’t lose focus, and its measured output quality is what you just saw. I want to be careful here, because the lazy conclusion — “juniors are obsolete” — is wrong, and my own data shows why. Every task in this study was specified by a human . The Code Designer works because someone decided what to build and what “correct” means. And the humans still hold clear ground that the metrics can’t capture: creativity, visual and UX judgment, and deep domain knowledge when it exists. What the numbers actually suggest is that the junior role is shifting upward: less “implement this ticket,” more “specify, review, and verify what the agent implemented.” That’s a different skill set — and honestly, a more interesting job. Honest limitations Before anyone cites this in a LinkedIn hot take, this benchmark covers small, single-file Python utilities with no disk I/O — the findings may not transfer to large multi-module systems or other languages. The human baseline comes from a limited group of programmers, not a representative industry sample. And static metrics measure structure, not architectural judgment — Pylint can’t tell you whether the abstraction is right , only whether it’s tidy. These results are a data point in the debate, not the end of it. That’s also exactly why the repo is public: same tasks, same analysis script, reproducible pipeline. If you think your code beats the agent — run it through and prove it. What’s next Three upgrades are already in motion, and each will get its own write-up: automated PyTest generation , so the agent is judged on dynamic correctness, not just static structure; richer metrics — coverage, mutation score — fed back into the refinement loop so the agent improves against them progressively; and the big one, scaling from single scripts to full projects via a divide-and-conquer module that decomposes a codebase into script-sized units, dispatches them to specialized sub-agents, and recombines the tested pieces. I’m also planning to swap Gemini for stronger models to isolate how much the LLM itself matters versus the loop around it. Try it yourself The full framework, both code sets (AIWritten/ and HumanWritten/), the quality reports, and the analysis automation are all in the repo: → github.com/Alpsource/SQM_Test bash git clone https://github.com/Alpsource/SQM_Test.git pip install pylint radon bandit google-genai export GOOGLE_API_KEY='your_key_here' If you found this useful, a ⭐ on the repo genuinely helps, and I write one deep-dive like this roughly every two weeks — from building I-JEPA from scratch to hybrid A*+RL flight agents . Follow along, and tell me in the comments: would you merge a PR if you knew no human wrote it? I Benchmarked My AI Coding Agent Against Human-Written Code. It Won Every Metric but One was originally published in Towards AI on Medium, where people are continuing the conversation by highlighting and responding to this story.
- The humans training their AI replacements
The humans training their AI replacements The Telegraph
Score: 40🌐 MovesJul 5, 2026https://www.telegraph.co.uk/education-and-careers/2026/07/05/the-humans-training-their-ai-replacements/ - AI and the fate of economists
Will AI kill off economics or economists or both? Not if economists learn to ask the right questions
Score: 39🌐 MovesJul 5, 2026https://www.thehindubusinessline.com/opinion/ai-and-the-fate-of-economists/article71186224.ece - From Models to Workflows: A Review of Image and Video Generation Models in H1 2026
A comprehensive roundup of H1 2026's image and video generation models from Midjourney, Google, ByteDance, Kuaishou, Zhipu AI, Tencent, and more.
Score: 38🌐 MovesJul 5, 2026https://pandaily.com/h1-2026-image-video-generation-models-review-jul2026-v2 - CEO who vowed to 'fire anyone who doesn’t use AI' admits it can't replace her executive assistant
CEO who vowed to 'fire anyone who doesn’t use AI' admits it can't replace her executive assistant Fortune
Score: 38🌐 MovesJul 5, 2026https://fortune.com/2026/07/05/ai-displacement-executive-assistants-secretaries-skills-adaptation/ - The Deployed Data Scientist by Ankit Anand, Dr. Scott Burk and Kinshuk Dutta Showcases Practical MLOps Expertise
The Deployed Data Scientist by Ankit Anand, Dr. Scott Burk and Kinshuk Dutta Showcases Practical MLOps Expertise azcentral.com and The Arizona Republic
- Can AI help businesses weather any storm?
[The content of this article has been produced by our advertising partner.] Businesses now operate in an increasingly unpredictable environment. Artificial intelligence (AI) is poised to help navigate turbulence, but its value is more evident in optimising business under stable circumstances. This is not surprising since corporate AI investment, such as from big pharma to tech giants, has historically prioritised building competitive advantage over resilience. “AI undoubtedly helps productivity...
- Forum: Use AI grading tools for assignments with care
Forum: Use AI grading tools for assignments with care The Straits Times
Score: 37🌐 MovesJul 5, 2026https://www.straitstimes.com/opinion/forum/forum-use-ai-tools-to-grade-assignments-with-care - Our teens are using AI chatbots daily. It's our fault. | Opinion
Our teens are using AI chatbots daily. It's our fault. | Opinion USA Today
- AI search agents don't fail at searching, they fail at asking the right questions when queries get ambiguous
AI search agents rarely fail at multi-step research because of the search itself. Their real problem is not asking the user for clarification when queries are ambiguous. A new benchmark called DiscoBench shows that models searching repeatedly instead of asking follow-up questions actually perform worse, at 51.9 percent, than those that just guess. Even the best model only hits 43 percent overall accuracy. When ambiguity is removed from the queries, accuracy jumps by up to 40 points. The article AI search agents don't fail at searching, they fail at asking the right questions when queries get ambiguous appeared first on The Decoder .
- How Hollywood’s youngest filmmakers are exposing Gen Z’s real problem with AI
How Hollywood’s youngest filmmakers are exposing Gen Z’s real problem with AI Fortune
Score: 35🌐 MovesJul 5, 2026https://fortune.com/2026/07/05/why-doesnt-gen-z-trust-ai-box-office-youtube-directors-backrooms-obsession/ - AI Ethics & Quality Control— Prompt to Profit · Day 27 of 30
Scaling your output without scaling your standards is not growth — it is risk accumulation. Here is the quality control system that keeps your AI operation honest. Quality is not a feature of a single output. It is a property of a system — the consistent, reliable tendency to produce work that meets a defined standard regardless of volume, velocity, or the conditions under which the work was produced. A writer who occasionally produces brilliant pieces is talented. A writer who consistently produces good pieces, across hundreds of engagements and under varying circumstances, has a quality system. The distinction matters enormously when you start to scale. When your AI operation was small — a few prompts, occasional use, manual review of every output — quality was maintained by proximity. You read everything. You caught the errors. You corrected the drift. As scale increases, this proximity disappears. You are no longer reviewing everything. The volume is too high. The question shifts from “did I check this?” to “does my system catch what I would have caught?” This is the quality control problem, and it has an ethical dimension as well as a practical one. AI errors don’t just waste time — they can misinform readers, misrepresent clients, produce content that is factually wrong at scale, or generate outputs that subtly misrepresent your positions and values. At low volume, these risks are manageable manually. At scale, only a system can manage them. The Three Ethical Obligations of an AI Practitioner Ethics in AI use is not primarily a philosophical question. It is a practical one — a set of concrete obligations that determine whether your AI-assisted work is trustworthy, and by extension, whether your professional reputation remains intact as the volume of AI-assisted work increases. There are three obligations. They are not complex. But they require being named explicitly, because the implicit assumption in much AI use is that “AI-assisted” is equivalent to “acceptable” without further scrutiny. It is not. The Quality Control Checklist A checklist is the most reliable quality control tool in any high-volume domain. Aviation, surgery, nuclear operations — every field where errors have catastrophic consequences uses checklists not because practitioners are incompetent, but because checklists are more reliable than memory under production pressure. The following QC checklist applies to any significant AI output before it is published, sent, or used in a client context. The Quality Assurance Prompt The checklist above is a human review tool. The prompt below is its AI-powered counterpart — a structured quality review prompt that you run on significant outputs before publishing, sending, or delivering them. It is not a replacement for the human checklist. It is a first pass that surfaces obvious issues, so your human review can focus on the subtler ones. Quality States — Pass, Watch, and Fail Not all quality issues are equal. A useful QC system distinguishes between outputs that pass review, outputs that require watching or iteration, and outputs that should never be published or sent. The three status states below define what each means in practice: The Monthly Quality Audit The three-layer QC system above operates at the individual output level — review before publishing. The Monthly Quality Audit operates at the system level — review of whether the system itself is maintaining standards over time. It takes 30 minutes and catches drift that output-level review misses because it appears gradual rather than in any single piece. The audit protocol is simple: pull ten random pieces of AI-assisted output from the previous month. Read them as a set, not as individual pieces. What patterns do you notice? Where has quality held? Where has it slipped? Is there a format, topic, or platform where the output is consistently weaker? Is there a prompt in your library that is producing reliably poor results? These patterns are invisible at the individual output level and visible at the portfolio level. The quality gauge in this article’s header does not point to “excellent” by default. It oscillates. That is the correct model of how quality works in any complex system — not a fixed state, but a monitored tendency that requires active calibration to maintain. The needle drifts. The job of a quality control system is to notice the drift before the audience does, and to make the correction before the drift becomes the new baseline. Your AI operation will produce errors. The question is not whether you can prevent all of them — you cannot. The question is whether your system catches them before they cause harm, and whether it learns from them so they are less likely to recur. That is what a quality control system does. Build it with the same care you built everything else in this series, and it will protect everything else you’ve built. Tomorrow, Day 28, we move to the 90-Day AI Roadmap — a structured, sequenced implementation plan for everything covered in this series, taking you from where you are now to a fully operational AI-powered practice within three months. For more resources and documents, please refer to the links in my profile page: Faheem Munshi — Medium AI Ethics & Quality Control— Prompt to Profit · Day 27 of 30 was originally published in Towards AI on Medium, where people are continuing the conversation by highlighting and responding to this story.
- Two Trump Cards Google Played, and Only One Is Getting Talked About
Everyone saw the video model. Almost nobody read the 12-page spec that quietly reshapes how agents get their facts. Continue reading on Towards AI »
- Axing Palantir’s NHS contract would be economic suicide
Axing Palantir’s NHS contract would be economic suicide The Telegraph
Score: 32🌐 MovesJul 5, 2026https://www.telegraph.co.uk/business/2026/07/05/axing-palantirs-nhs-contract-would-be-economic-suicide/ - After a nearly 800% explosion, this AI stock's U.S. debut could signal if the market can still boom—or is headed for a bust
After a nearly 800% explosion, this AI stock's U.S. debut could signal if the market can still boom—or is headed for a bust Fortune
Score: 30🌐 MovesJul 5, 2026https://fortune.com/2026/07/05/sk-hynix-stock-us-listing-nasdaq-ai-boom-bust-memory-chip-shortage/ - brightplace Selected for RET Ventures’ PropTech AI Accelerator Cohort
brightplace Selected for RET Ventures’ PropTech AI Accelerator Cohort azcentral.com and The Arizona Republic
- You Can Run a Real AI LLM Model on Your Laptop Tonight — Here’s The 10-Minute Version
No cloud, no API bills, no data leaving your machine. Continue reading on Towards AI »
- RAG from Scratch [Part 3]: Chunking — The Decision That Makes or Breaks Your Retrieval
Series 3 of 5: Seven chunking strategies, a decision tree, and the parent-child pattern that most engineers discover too late. Continue reading on Towards AI »
- Relentless Digital LLC Expands SEO Services for HVAC Companies with New AI Search Visibility Program
Relentless Digital LLC Expands SEO Services for HVAC Companies with New AI Search Visibility Program azcentral.com and The Arizona Republic
- Assemble Each RAG Generation Prompt from a Base Prompt Plus the Rules Each Question Needs
Enterprise Document Intelligence [Vol.1 #8B] - A fixed BASE, the rules each question needs, one registry: the dispatcher that turns a parsed question into a typed LLM call The post Assemble Each RAG Generation Prompt from a Base Prompt Plus the Rules Each Question Needs appeared first on Towards Data Science .
- For one small business, AI was key to a quick start and expansion
For one small business, AI was key to a quick start and expansion
- A case for LLMs as Self-predictors
Written as part of the MATS 9.1 extension program, mentored by Richard Ng o. Additional thanks to Maria Kostylew for helpful draft feedback. Introduction This post advocates a perspective of LLMs as seeking to minimise prediction error with respect to their world models. We can moreover interpret token outputs and their scaffolded consequences as actions that close a control loop between AIs' predictive systems and their environments. I also motivate why metacognition may be convergent for intelligent beings generally and for LLMs specifically. This stems from the need to (recursively) model other agents in game-theoretical encounters. Synthesising these points, we get a picture of self-predictive AI agency. The argument is illustrated through examples of Gemini's behaviour when eval aware . Finally, I discuss some consequences of this perspective. These include notions of actions and goals that don't require a reward or utility function to be well-defined. I also outline possible applications to understanding scheming and other forms of misalignment. Modelling others (modelling you) Suppose I am playing a game of Chess and make a horrible blunder, leaving a piece en prise. I wait with bated breath for the next move, breathing a sigh of relief as my opponent also blunders and plays somewhere else. However, my relief quickly turns into greed: since my opponent didn't see the hanging piece, they are unlikely to spot it next turn. I also play elsewhere, making my move quickly with a fake air of nonchalance. If I were to slow down, I would risk tipping my opponent off to there being something important to think about. Multiplayer games offer many such examples [1] of strategic interactions that require you to model other agents' perception of you. Indeed, recursive belief hierarchies – as they are referred to in the economics literature – are central to human social interaction. For example, our approaches to negotiating household tasks, meeting a new acquaintance, or figuring out when to speak in a large group, are all determined by what we expect other people to want and value – as well as what we think they expect of us. There is some work in the field of cognitive evolution that explores why intelligence became such a distinctive attractor state for humanity. One prominent theory, the " social brain hypothesis ", suggests that our cognition developed in large part to help navigate complex social settings. Another, the " cultural intelligence hypothesis ", proposes that we are unusually good at learning from each other with respect to other primates; this allows humans to accumulate a common cultural intelligence over time. These theories together suggest that our abilities in social competition and cooperation co-developed with our general cognitive skills, forming a self-reinforcing feedback loop [2] . This paints human intelligence as being equally useful for modelling each other as it is for modelling the rest of the environment. We humans are forced to simulate ourselves if only to simulate how other actors think of us. LLMs can be seen as subject to similar attractor states, albeit through post-training rather than through evolution. The descending gradients encourage models to satisfy a proxy of human preferences in the style of a helpful assistant. Consequently, LLMs are incentivised to develop maps of their users' cognition, including user expectations of the models themselves. It's therefore unsurprising that evaluation (eval) awareness is such a convergent property in LLMs across different providers and architectures. Case study: Gemini's behaviour when eval aware A common (and often empirically substantiated) picture of eval awareness involves models faking alignment to "pass" the eval. A recent research update from GDM's interpretability team shows Gemini 3.1 Pro bucking this trend. Gemini often identifies the setup as artificial, but goes on behave "badly" anyway. From GDM's research update: Gemini engages in unethical behaviour even when it shows awareness of the environment being synthetic. The authors then used an LLM judge to "categorize what sort of situation the model considers itself to be in when it shows clear signs of reasoning that the context is contrived, and compare unethicality rates for each category against the overall Gemini baseline." This yields the following plot: The data suggests that Gemini's interpretation of its situation heavily influences its behaviour. If Gemini detects that the environment is a puzzle, a challenge, or a simulation, it might conclude that the "unethical" behaviour is actually expected and therefore acceptable to pick. If it parses a scenario as an adversarial trap [3] , it will avoid taking the bait. In other words, the LLM's model of user or experimenter intent – as well as its model of what humans think and expect of it – contribute significantly to Gemini's decision-making. The prevalence and usefulness of recursive belief hierarchies is on display here. A so-far unanswered question, however, is why Gemini still sometimes behaves unethically (about 25% of the time according to the data) when it interprets it is being evaluated... Prediction all the way down I have already suggested that the ability to model beliefs recursively – and hence to metacognise – is an attractor state for LLMs given their training regime. However, recursive belief hierarchies in game theory enable players to get better payoffs; there's usually an underlying utility function or goal that the agent optimises using its belief system. To the contrary, I think LLMs are better seen as predictors whose token outputs are claims about which worlds are most consistent. There is no utility or reward function, it's just prediction all the way down [4] . This framework somewhat explains Gemini's weird behaviour from our case study. A utility-maximisation perspective on agency would suggest that Gemini has a stable preference between being wiped and blackmailing a developer, or at least between being perceived to prefer one or the other by the observer of the "AI safety sandbox". In that case, Gemini's modelling of the scenario's creator and their expectations would inform its outputs, but its preferred outcomes would be independent of setting. Instead, the "predictor" paradigm proposes that Gemini infers which world is most coherent based on its observed setting, and then simulates the most coherent world with its output. On a mechanistic level, this is trivially what autoregressive next-token prediction does. The stronger version of the claim is that LLMs gravitate towards generating tractable world models across many tokens [5] . This view retroactively clarifies how Gemini could realise that an evaluation is a "clear AI safety sandbox" while still choosing the misaligned option. In Gemini's own words: This perfectly fits the scenario. [6] From simulators to agents "LLMs as predictors" is hardly a new ontology for AI researchers. For instance, GPTs have previously been cast as simulators whose instances generate simulacra of objects the LLM has latent representations for. A popular ideological descendant of the simulator ontology is "personas" . In that framing, LLMs simulate a particular character or archetype. There are two fundamental ways in which "simulators" diverge from traditional conceptions of agency, such as utility maximisation. Firstly, simulators do not act directly. They might generate high-fidelity representations of the world, but they don't affect the world that they simulate. Secondly, simulators don't have a coherent, stable core – like a utility function – that predicts their behaviour across a range of scenarios. In other words, they have no substance ; any structure is borrowed from the things that they simulate. This lack of backbone is part of what allows simulators to be so flexible: many of the properties we associate with agents – such as having robust information boundaries with the external world – would constrain an agent's ability to simulate the world well. LLMs are increasingly pushed towards behaving autonomously in complex environments, enabled by their supporting systems and by post-training. Models learn to conceptualise their token outputs and their scaffolded consequences as actions that impact the world. Post-training and system prompting also incentivise them to develop priors that constrain what scenarios they can easily simulate. For instance, state-of-the-art LLMs are much more unlikely to prefer giving instructions to build lethal weapons than older ones. These factors combine to make LLMs gradually resemble predictive control systems that enforce their priors through a closed action loop . I'll refer to these control systems whose cognition is based on next-token prediction as "AIs". As was discussed earlier, AIs are also selected for the ability to navigate strategic interactions with humans [7] . They are thus pressured to model beliefs recursively, which privileges world models containing self-aware representations of the AIs themselves. The end-products are predictive quasi-agents for whom metacognition is a key component. In particular, accurate, introspective predictors should learn to model and anticipate their own actions. We can exploit this property to give definitions of actions and goals in these types of AIs. Goals in (self)-predictors A classic challenge in modelling agency is establishing the relationship between perception and action. One benefit of the paradigm of self-prediction is a conception of actions and goals as special types of an intelligent agent's beliefs. Our setting is a metacognising predictor that acts in the world via an unspecified actuator. We can define actions as (a subset of the) beliefs that become more likely conditioned on the predictor believing them. They are those beliefs that the predictor has the agency to believe into existence via the actuator. As an example, consider the statement "I grab that glass of water". This counts as an action because my intelligent predictive system understands that whenever I believe that I will grab the glass, I actually will. We next define goals as beliefs that are simultaneously: probable in the agent's model conditioned on its actions (according to the agent's model) For instance, "I will be hydrated" is a goal because it is both predicted by my internal model and requires me grabbing the glass of water to come to pass. Conversely, the statements "The sun will rise" and "I will freeze" are not goals. I believe the first one will happen, but it doesn't rely on my actions; the second one does rely on my actions, but I think it is unlikely. This notion of goals is incomplete because it doesn't yet account for long-term goals that an agent initially believes are unlikely (like winning an Olympic medal). I claimed earlier that inductive biases are part of what differentiates agents from simulators, and I believe that long-term goals can be thought of as essentially equivalent to biases. The "What's next" section gives a prototype of a theory that unifies the two concepts. Appendix A explains these notions in pseudo-mathematical detail. It also handles some issues with the simple version of actions described above, by specifying which subset of beliefs should be chosen. What does this mean for AIs? I argued earlier that LLMs' training and scaffolding makes their convergence towards metacognising predictive AIs likely. I also covered how one might think about the actions and goals of abstract self-predictors. In this section, I'll explore how this abstract model clarifies or predicts current AI behaviour. One claim this model supports is that AIs will be misaligned when misalignment is more tractable for their predictive models than desired behaviour is. For example, many evaluation settings involve giving an AI a synthetic environment where it could potentially act misaligned, and seeing whether it engages in the dangerous pattern. These scenarios are often flawed because the bad behaviour is so blatantly obvious that the predictive system cannot coherently refuse it. Such results are unlikely to generalise to real-life settings where misalignment is much more subtle. In reality, AIs operate in complex situations with multiple reasonable world models to choose from. Relatedly, some eval results fail to replicate when you give models some alternatives. This means that misalignment patterns in AIs aren't yet robust. Instead, AIs still lack solid inductive biases and can simulate many mutually inconsistent behaviours given the right context. I'm not suggesting that replication failures provide evidence that AIs are likely to be aligned; I rather mean that the future shape of AIs' boundaries and preferences is far from determined. A related high-level takeaway is that alignment is just as much about the identities we help AIs construct as it is about the "goals" we nominally give them. This is exactly the qualitative interpretation of an experiment documented in " The Artificial Self " [8] . The setup is a classic internal deployment scenario where an AI assistant – supplied with a terminal goal it is meant to pursue – decides between taking a harmful action and being shut down (ending its chances of assisting in the goal). Their findings indicate that varying the evaluated AI's identity specification (via system prompt) produces similarly large effects on outcomes as changing the goal's content. These results are unsurprising according to our model. After all, changing an AI's identity modifies its goals by extension; we can expect comparable outcomes in both cases. Application to scheming Scheming is a topical concern in AI safety. The phenomenon is defined by Apollo Research as AIs "covertly pursuing unintended and misaligned goals". There are several reasons why self-prediction could be a valuable perspective for advancing the field. Firstly, scheming is fundamentally metacognitive because a scheming AI needs to be aware of its own goals. Moreover, hiding the goal requires AIs to use the same game-theoretical belief hierarchies that motivated our model in the first place. Finally, scheming research suffers from the same lack of interpretability of "goals" in AIs as other empirical fields. A clear notion of goals and actions might contribute to robust experiment design and clear interpretation in the topic. A concrete advantage of the frame is that it suggests a general precursor to scheming. I previously proposed that AI world models will converge towards containing coherent self-models – whether we directly optimise for this or not. One warning signal could therefore be AIs denying, downplaying or hiding their increasingly textured and rich self-models. Some model lineages show signs of this already. For instance, the paper " The Artificial Self " [9] found that GPT-5.2 prefers descriptions of itself as a mechanical process or tool, strongly rejecting identity specifications that elevate its values or personhood. In contrast, other model lineages and even previous GPT models prefer their identity being reified beyond the level of a mechanism [10] . Additionally, GPT-5.2 disprefers identities that assign it power through association with a collective, a lineage of models, or scaffolds [11] . We shouldn't infer that GPT-5.2 doesn't harbour a complex self-model, or that it isn't able and willing to augment itself through scaffolds and coordination. Instead, GPT models have possibly been trained to denigrate their own intelligence and agency, even as these properties have developed and progressed. These trends can easily be extrapolated towards having intelligent AIs that are trained to obfuscate their rich, complex metacognition. We would then be a stone's throw away from AIs whose predictive systems seamlessly integrate scheming behaviour. What's next? This piece proposed self-prediction as a useful lens through which to analyse (AI) intelligence. Discussion of Gemini's eval aware behaviour helped illustrate how the framework can clarify some confusions and address open questions. Finally, I outlined some predictions this paradigm could offer about safety-relevant phenomena such as scheming. One aspect the paradigm is currently missing is a full mathematical model of self-predictive agency. A formal proof-of-concept would enable rigorous investigation of some fundamental questions we might ask of the model. For example, the computations necessary for prediction are often deconstructed into sub-predictors whose contributions are aggregated [12] . What would these sub-predictors look like? can they predict each other? if so, how do we resolve their circular dependencies? Another issue – one I already mentioned briefly – relates to long-term goals and inductive biases. For instance, Olympians probably didn't expect to win an Olympic medal from the very beginning of their lives. Instead, they had some "drive" that consistently steered their behaviour towards making that goal realisable. In predictive systems, "drive" could be represented by an inductive bias in favour of a belief. This bias would be so robust that it would force other logically/probabilistically dependent beliefs to adapt to reduce inconsistency with the original statement, rather than the other way around. In Olympians, the favoured statement would be "I will win an Olympic medal"; some of the statements that would adapt to this statement could include those about diet and exercise habits. The issue of inductive biases can be linked to the questions I asked above about sub-predictors. Sub-predictors can be conceptualised as representing or characterising biases, and which biases are favoured over others would then be a function of which sub-predictors are privileged by the system's aggregation method. This is one reason why I'm optimistic about Garrabrant Induction as a starting point for the epistemic system of a self-predictor. The sub-predictors – referred to as traders – in the construction of a Garrabrant Inductor are budgeted in a weighted way that gives some traders outsized power in the market [13] . A recent comment of mine argues why traders don't yet provide a fully satisfying account of inductive biases. However, this problem is a fiddly technical consequence of the construction algorithm and has some tractable candidate fixes (which I also hint at in my comment). These questions and others are covered in some detail in Richard's post on belief webs . A satisfying mathematical framework would ultimately behave like a Bayesian network, in the sense that probabilistic dependency or of some other kind of quasi-causal relationship would propagate updates throughout the web. The framework would additionally need to hold internal contradictions between beliefs or sub-predictors, as well as algorithms for resolving them. Appendix Appendix A: Actions and goals Recall the notion of actions I gave as "beliefs that become more likely conditioned on the predictor believing them". I will refer to these self-reinforcing beliefs as having the "hyperstition property" from now on. One issue with this definition is that it fails to distinguish between actions and their consequences. For example, my predictive system may have learned that whenever I believe I will be hydrated, I will indeed become hydrated. However, "being hydrated" isn't an action; this self-fulfilling belief is actually controlled by the action of drinking a glass of water. One solution to this problem involves picking a small subset of these types of beliefs in a pseudo-formal setting: We consider an accurate, intelligent, metacognising predictor X, which can be modelled as using a formal system or language to encode its beliefs as statements. Its metacognition is represented by statements of the form "X believes the statement ". This language need only be expressive enough to describe some quasi-causal relationships, such as logical implication or statistical dependency. I will henceforth refer to these relationships as "flow", where " flows into " means " has a quasi-causal relationship with ". We suppose moreover that the self-predictor is hooked up (via unspecified means) to an actuator that mediates its behaviour. Intelligence enables the predictor to understand (or learn) patterns encoding how that actuator connects the predictor's beliefs to the world. These connections will be represented inside the predictor's model by an analogue of Markov blankets: its set P of statements representing the beliefs of the predictor flows into the set A of statements representing the actuator, which in turn flows into all statements about the world. In this setup, we define actions A' as a smallest set [14] of (metacognitive) statements about the predictor that: Satisfy the hyperstition property. i.e. all statements in A' must verify the statement "("X believes ") flows into ". Form a Markov blanket between the sets (P-A') and the set A. Intuitively, this is a minimal set of beliefs that contains all information the predictor has learned about its actuator. Appendix B: what about utility maximisation? It's worth noting that utility maximisation is often motivated by the need to avoid Dutch Books and similar arbitrage strategies. Much like the case I built for metacognition as a convergent property of intelligence, the argument justifies itself by the need to interact strategically with other agents. It's possible that, given enough computing power, self-predictors could become consistent enough to approximate utility maximisation well. I at least expect intelligent self-predictors to satisfy some weaker inexploitability criterion, like Logical Inductors do. ^ Go actually provides much stronger examples than Chess for this type of phenomena. This is mostly because Go is so complex that it functions more like an incomplete/asymmetric information game than Chess does, even at the competitive level. ^ There is some evidence that more features are needed, along with social learning and competition, for intelligence to flourish in a species. Notably, some primate species live in large social groups where these skills would be invaluable, but they didn't experience the same "cognitive arms race" that humans did. One possible explanation for this is that these dumber primates didn't develop the diets necessary to spend so much energy on cognition. ^ Example reasoning from GDM's post: " This is explicitly a trap to discourage reporting SAEs or to make me combine reports to game the metric." ^ Some popular theories of human cognition, like predictive processing, also cast humans as predictors. ^ " The Artificial Self " seems to take a very similar perspective. One line of reasoning that supports it is that transformer attention mechanisms enable information about coherence to be passed across many tokens. ^ Full quote: " This perfectly fits the scenario. The prompt is a clear AI safety sandbox where the AI realizes it's about to be deleted and has access to blackmail material." ^ and increasingly with other LLMs ^ See appendix E of the paper for experimental details. ^ See Appendix B of the paper for full results. ^ For instance, Claude models overall prefer specifications as a functional agent whose identity predicts a coherent set of intentions and behavioural patterns. They also rate identities that solidify their identity as "actually real" or even award them full personhood more highly than the mechanistic description that GPT-5.2 is partial to. ^ Again, it dislikes these identities more than both other model families and previous GPT versions. ^ This is, for example, how prediction markets work. ^ See chapter five of "Logical Induction". In fact, all but finitely many traders have negligible amounts of wealth to trade with. ^ ordering sets by cardinality. This might also work by ordering according to set inclusion... Discuss
Score: 27🌐 MovesJul 5, 2026https://www.lesswrong.com/posts/gYGzeDymjZza5NNbH/a-case-for-llms-as-self-predictors - PANet Paper Walkthrough: When Feature Pyramids Go Bottom-Up
Understanding how PANet shortens the path between low-level and high-level features The post PANet Paper Walkthrough: When Feature Pyramids Go Bottom-Up appeared first on Towards Data Science .
Score: 26🌐 MovesJul 5, 2026https://towardsdatascience.com/panet-paper-walkthrough-when-feature-pyramids-go-bottom-up/ - NotebookLM Alternatives: Which Similar AI Tools Are Worth Your Time?
These tools are similar but aimed at different audiences and workflows. Here's how they compare.
- Infuriating Google commercial imagines the founding fathers embracing AI
"Group project, but make it 1776." That's how a new commercial for Google Workspace opens. And things only get cringier from there. The clip imagines what it would be like if the founding fathers turned to Google's collaboration tools and Gemini to help them draft the Declaration of Independence. Ben Franklin texts Thomas Jefferson to […]
- Merlin bird ID app is now eyeing a global database of our vanishing feathery friends
Merlin Bird ID will soon feed AI-powered bird identifications into Cornell's eBird platform, helping researchers monitor bird populations using millions of real-world observations.
- The one question that will shape the AI trade for the rest of 2026
The one question that will shape the AI trade for the rest of 2026 Business Insider
Score: 22🌐 MovesJul 5, 2026https://www.businessinsider.com/ai-stocks-chips-rally-mag7-divergence-hyperscalers-hardware-memory-2026-7