| One Human + One Agent = One Browser From Scratch |
https://emsh.cat/one-human-one-agent-one-browser/ |
embedding-shapes was [so infuriated](https://emsh.cat/cursor-implied-success-without-evidence/) by the hype around Cursor's [FastRender browser project](https://simonwillison.net/2026/Jan/23/fastrender/) - thousands of parallel agents producing ~1.6 million lines of Rust - that they were inspired to take a go at building a web browser using coding agents themselves.
The result is [one-agent-one-browser](https://github.com/embedding-shapes/one-agent-one-browser) and it's *really* impressive. Over three days they drove a single Codex CLI agent to build 20,000 lines of Rust that successfully renders HTML+CSS with no Rust crate dependencies at all - though it does (reasonably) use Windows, macOS and Linux system frameworks for image and text rendering.
I installed the [1MB macOS binary release](https://github.com/embedding-shapes/one-agent-one-browser/releases/tag/0.1.0) and ran it against my blog:
chmod 755 ~/Downloads/one-agent-one-browser-macOS-ARM64
~/Downloads/one-agent-one-browser-macOS-ARM64 https://simonwillison.net/
Here's the result:
It even rendered my SVG feed subscription icon! A PNG image is missing from the page, which looks like an intermittent bug (there's code to render PNGs).
The code is pretty readable too - here's [the flexbox implementation](https://github.com/embedding-shapes/one-agent-one-browser/blob/0.1.0/src/layout/flex.rs).
I had thought that "build a web browser" was the ideal prompt to really stretch the capabilities of coding agents - and that it would take sophisticated multi-agent harnesses (as seen in the Cursor project) and millions of lines of code to achieve.
Turns out one agent driven by a talented engineer, three days and 20,000 lines of Rust is enough to get a very solid basic renderer working!
I'm going to upgrade my [prediction for 2029](https://simonwillison.net/2026/Jan/8/llm-predictions-for-2026/#3-years-someone-will-build-a-new-browser-using-mainly-ai-assisted-coding-and-it-won-t-even-be-a-surprise): I think we're going to get a *production-grade* web browser built by a small team using AI assistance by then. |
2026-01-27 16:58:08+00:00 |
| Kimi K2.5: Visual Agentic Intelligence |
https://www.kimi.com/blog/kimi-k2-5.html |
Kimi K2 landed [in July](https://simonwillison.net/2025/Jul/11/kimi-k2/) as a 1 trillion parameter open weight LLM. It was joined by Kimi K2 Thinking [in November](https://simonwillison.net/2025/Nov/6/kimi-k2-thinking/) which added reasoning capabilities. Now they've made it multi-modal: the K2 models were text-only, but the new 2.5 can handle image inputs as well:
> Kimi K2.5 builds on Kimi K2 with continued pretraining over approximately 15T mixed visual and text tokens. Built as a native multimodal model, K2.5 delivers state-of-the-art coding and vision capabilities and a self-directed agent swarm paradigm.
The "self-directed agent swarm paradigm" claim there means improved long-sequence tool calling and training on how to break down tasks for multiple agents to work on at once:
> For complex tasks, Kimi K2.5 can self-direct an agent swarm with up to 100 sub-agents, executing parallel workflows across up to 1,500 tool calls. Compared with a single-agent setup, this reduces execution time by up to 4.5x. The agent swarm is automatically created and orchestrated by Kimi K2.5 without any predefined subagents or workflow.
I used the [OpenRouter Chat UI](https://openrouter.ai/moonshotai/kimi-k2.5) to have it "Generate an SVG of a pelican riding a bicycle", and it did [quite well](https://gist.github.com/simonw/32a85e337fbc6ee935d10d89726c0476):
As a more interesting test, I decided to exercise the claims around multi-agent planning with this prompt:
> I want to build a Datasette plugin that offers a UI to upload files to an S3 bucket and stores information about them in a SQLite table. Break this down into ten tasks suitable for execution by parallel coding agents.
Here's [the full response](https://gist.github.com/simonw/ee2583b2eb5706400a4737f56d57c456). It produced ten realistic tasks and reasoned through the dependencies between them. For comparison here's the same prompt [against Claude Opus 4.5](https://claude.ai/share/df9258e7-97ba-4362-83da-76d31d96196f) and [against GPT-5.2 Thinking](https://chatgpt.com/share/6978d48c-3f20-8006-9c77-81161f899104).
The [Hugging Face repository](https://huggingface.co/moonshotai/Kimi-K2.5) is 595GB. The model uses Kimi's janky "modified MIT" license, which adds the following clause:
> Our only modification part is that, if the Software (or any derivative works thereof) is used for any of your commercial products or services that have more than 100 million monthly active users, or more than 20 million US dollars (or equivalent in other currencies) in monthly revenue, you shall prominently display "Kimi K2.5" on the user interface of such product or service.
Given the model's size, I expect one way to run it locally would be with MLX and a pair of $10,000 512GB RAM M3 Ultra Mac Studios. That setup has [been demonstrated to work](https://twitter.com/awnihannun/status/1943723599971443134) with previous trillion parameter K2 models. |
2026-01-27 15:07:41+00:00 |
| the browser is the sandbox |
https://aifoc.us/the-browser-is-the-sandbox/ |
Paul Kinlan is a web platform developer advocate at Google and recently turned his attention to coding agents. He quickly identified the importance of a robust sandbox for agents to operate in and put together these detailed notes on how the web browser can help:
> This got me thinking about the browser. Over the last 30 years, we have built a sandbox specifically designed to run incredibly hostile, untrusted code from anywhere on the web, the instant a user taps a URL. [...]
>
> Could you build something like Cowork in the browser? Maybe. To find out, I built a demo called [Co-do](http://co-do.xyz) that tests this hypothesis. In this post I want to discuss the research I've done to see how far we can get, and determine if the browser's ability to run untrusted code is useful (and good enough) for enabling software to do more for us directly on our computer.
Paul then describes how the three key aspects of a sandbox - filesystem, network access and safe code execution - can be handled by browser technologies: the [File System Access API](https://developer.chrome.com/docs/capabilities/web-apis/file-system-access) (still Chrome-only as far as I can tell), CSP headers with `<iframe sandbox>` and WebAssembly in Web Workers.
Co-do is a very interesting demo that illustrates all of these ideas in a single application:
You select a folder full of files and configure an LLM provider and set an API key, Co-do then uses CSP-approved API calls to interact with that provider and provides a chat interface with tools for interacting with those files. It does indeed feel similar to [Claude Cowork](https://simonwillison.net/2026/Jan/12/claude-cowork/) but without running a multi-GB local container to provide the sandbox.
My biggest complaint about `<iframe sandbox>` remains how thinly documented it is, especially across different browsers. Paul's post has all sorts of useful details on that which I've not encountered elsewhere, including a complex [double-iframe technique](https://aifoc.us/the-browser-is-the-sandbox/#the-double-iframe-technique) to help apply network rules to the inner of the two frames.
Thanks to this post I also learned about the `<input type="file" webkitdirectory>` tag which turns out to work on Firefox, Safari *and* Chrome and allows a browser read-only access to a full directory of files at once. I had Claude knock up a [webkitdirectory demo](https://tools.simonwillison.net/webkitdirectory) to try it out and I'll certainly be using it for projects in the future.
 |
2026-01-25 23:51:32+00:00 |
| Kākāpō Cam: Rakiura live stream |
https://www.doc.govt.nz/our-work/kakapo-recovery/what-we-do/kakapo-cam-rakiura-live-stream/ |
Critical update for this year's [Kākāpō breeding season](https://simonwillison.net/2026/Jan/8/llm-predictions-for-2026/#1-year-k-k-p-parrots-will-have-an-outstanding-breeding-season): the New Zealand Department of Conservation have a livestream running of Rakiura's nest!
> You’re looking at the underground nest of 23-year-old Rakiura. She has chosen this same site to nest for all seven breeding seasons since 2008, a large cavity under a rātā tree. Because she returns to the site so reliably, we’ve been able to make modifications over the years to keep it safe and dry, including adding a well-placed hatch for monitoring eggs and chicks.
Rakiura is a legendary Kākāpō:
> Rakiura hatched on 19 February 2002 on Whenua Hou/Codfish Island. She is the offspring of Flossie and Bill. Her name comes from the te reo Māori name for Stewart Island, the place where most of the founding kākāpō population originated.
>
> Rakiura has nine living descendants, three females and six males, across six breeding seasons. In 2008 came Tōitiiti, in 2009 Tamahou and Te Atapō, in 2011 Tia and Tūtoko, in 2014 Taeatanga and Te Awa, in 2019 Mati-mā and Tautahi. She also has many grandchicks.
She laid her first egg of the season at 4:30pm NZ time on 22nd January. The livestream went live shortly afterwards, once she committed to this nest.
The stream is [on YouTube](https://www.youtube.com/watch?v=BfGL7A2YgUY). I [used Claude Code](https://gisthost.github.io/?dc78322de89a2191c593215f109c65d7/index.html) to write [a livestream-gif.py script](https://tools.simonwillison.net/python/#livestream-gifpy) and used that to capture this sped-up video of the last few hours of footage, within which you can catch a glimpse of the egg!
<video autoplay muted loop controls playsinline style="width: 100%;">
<source src="https://static.simonwillison.net/static/2026/kakapo-timelapse.mp4" type="video/mp4">
</video> |
2026-01-25 04:53:01+00:00 |
| Don't "Trust the Process" |
https://www.youtube.com/watch?v=4u94juYwLLM |
Jenny Wen, Design Lead at Anthropic (and previously Director of Design at Figma) gave a provocative keynote at Hatch Conference in Berlin last September.
Jenny argues that the Design Process - user research leading to personas leading to user journeys leading to wireframes... all before anything gets built - may be outdated for today's world.
> **Hypothesis**: In a world where anyone can make anything — what matters is your ability to choose and curate what you make.
In place of the Process, designers should lean into prototypes. AI makes these much more accessible and less time-consuming than they used to be.
Watching this talk made me think about how AI-assisted programming significantly reduces the cost of building the *wrong* thing. Previously if the design wasn't right you could waste months of development time building in the wrong direction, which was a very expensive mistake. If a wrong direction wastes just a few days instead we can take more risks and be much more proactive in exploring the problem space.
I've always been a compulsive prototyper though, so this is very much playing into my own existing biases! |
2026-01-24 23:31:03+00:00 |
| SSH has no Host header |
https://blog.exe.dev/ssh-host-header |
[exe.dev](https://exe.dev/) is a new hosting service that, for $20/month, gives you up to 25 VMs "that share 2 CPUs and 8GB RAM". Everything happens over SSH, including creating new VMs. Once configured you can sign into your exe.dev VMs like this:
ssh simon.exe.dev
Here's the clever bit: when you run the above command `exe.dev` signs you into your VM of that name... but they don't assign every VM its own IP address and SSH has no equivalent of the Host header, so how does their load balancer know *which* of your VMs to forward you on to?
The answer is that while they don't assign a unique IP to every VM they *do* have enough IPs that they can ensure each of your VMs has an IP that is unique to your account.
If I create two VMs they will each resolve to a separate IP address, each of which is shared with many other users. The underlying infrastructure then identifies my user account from my SSH public key and can determine which underlying VM to forward my SSH traffic to. |
2026-01-22 23:57:50+00:00 |
| Qwen3-TTS Family is Now Open Sourced: Voice Design, Clone, and Generation |
https://qwen.ai/blog?id=qwen3tts-0115 |
I haven't been paying much attention to the state-of-the-art in speech generation models other than noting that they've got *really good*, so I can't speak for how notable this new release from Qwen is.
From [the accompanying paper](https://github.com/QwenLM/Qwen3-TTS/blob/main/assets/Qwen3_TTS.pdf):
> In this report, we present the Qwen3-TTS series, a family of advanced multilingual, controllable, robust, and streaming text-to-speech models. Qwen3-TTS supports state-of- the-art 3-second voice cloning and description-based control, allowing both the creation of entirely novel voices and fine-grained manipulation over the output speech. Trained on over 5 million hours of speech data spanning 10 languages, Qwen3-TTS adopts a dual-track LM architecture for real-time synthesis [...]. Extensive experiments indicate state-of-the-art performance across diverse objective and subjective benchmark (e.g., TTS multilingual test set, InstructTTSEval, and our long speech test set). To facilitate community research and development, we release both tokenizers and models under the Apache 2.0 license.
To give an idea of size, [Qwen/Qwen3-TTS-12Hz-1.7B-Base](https://huggingface.co/Qwen/Qwen3-TTS-12Hz-1.7B-Base) is 4.54GB on Hugging Face and [Qwen/Qwen3-TTS-12Hz-0.6B-Base](https://huggingface.co/Qwen/Qwen3-TTS-12Hz-0.6B-Base) is 2.52GB.
The [Hugging Face demo](https://huggingface.co/spaces/Qwen/Qwen3-TTS) lets you try out the 0.6B and 1.7B models for free in your browser, including voice cloning:
I tried this out by recording myself reading [my about page](https://simonwillison.net/about/) and then having Qwen3-TTS generate audio of me reading the Qwen3-TTS announcement post. Here's the result:
<audio controls style="width: 100%">
<source src="https://static.simonwillison.net/static/2026/qwen-tts-clone.wav" type="audio/wav">
Your browser does not support the audio element.
</audio>
It's important that everyone understands that voice cloning is now something that's available to anyone with a GPU and a few GBs of VRAM... or in this case a web browser that can access Hugging Face.
**Update**: Prince Canuma [got this working](https://x.com/Prince_Canuma/status/2014453857019904423) with his [mlx-audio](https://pypi.org/project/mlx-audio/) library. I [had Claude](https://claude.ai/share/2e01ad60-ca38-4e14-ab60-74eaa45b2fbd) turn that into [a CLI tool](https://github.com/simonw/tools/blob/main/python/q3_tts.py) which you can run with `uv` ike this:
uv run https://tools.simonwillison.net/python/q3_tts.py \
'I am a pirate, give me your gold!' \
-i 'gruff voice' -o pirate.wav
The `-i` option lets you use a prompt to describe the voice it should use. On first run this downloads a 4.5GB model file from Hugging Face. |
2026-01-22 17:42:34+00:00 |
| Claude's new constitution |
https://www.anthropic.com/news/claude-new-constitution |
Late last year Richard Weiss [found something interesting](https://www.lesswrong.com/posts/vpNG99GhbBoLov9og/claude-4-5-opus-soul-document) while poking around with the just-released Claude Opus 4.5: he was able to talk the model into regurgitating a document which was *not* part of the system prompt but appeared instead to be baked in during training, and which described Claude's core values at great length.
He called this leak the **soul document**, and Amanda Askell from Anthropic [quickly confirmed](https://simonwillison.net/2025/Dec/2/claude-soul-document/) that it was indeed part of Claude's training procedures.
Today Anthropic made this official, [releasing that full "constitution" document](https://www.anthropic.com/news/claude-new-constitution) under a CC0 (effectively public domain) license. There's a lot to absorb! It's over 35,000 tokens, more than 10x the length of the [published Opus 4.5 system prompt](https://platform.claude.com/docs/en/release-notes/system-prompts#claude-opus-4-5).
One detail that caught my eye is the acknowledgements at the end, which include a list of [external contributors](https://www.anthropic.com/constitution#acknowledgements) who helped review the document. I was intrigued to note that two of the fifteen listed names are Catholic members of the clergy - [Father Brendan McGuire](https://www.frbrendanmcguire.org/biography) is a pastor in Los Altos with a Master’s degree in Computer Science and Math and [Bishop Paul Tighe](https://en.wikipedia.org/wiki/Paul_Tighe) is an Irish Catholic bishop with a background in moral theology. |
2026-01-21 23:39:49+00:00 |
| Electricity use of AI coding agents |
https://www.simonpcouch.com/blog/2026-01-20-cc-impact/ |
Previous work estimating the energy and water cost of LLMs has generally focused on the cost per prompt using a consumer-level system such as ChatGPT.
Simon P. Couch notes that coding agents such as Claude Code use *way* more tokens in response to tasks, often burning through many thousands of tokens of many tool calls.
As a heavy Claude Code user, Simon estimates his own usage at the equivalent of 4,400 "typical queries" to an LLM, for an equivalent of around $15-$20 in daily API token spend. He figures that to be about the same as running a dishwasher once or the daily energy used by a domestic refrigerator. |
2026-01-20 23:11:57+00:00 |
| Giving University Exams in the Age of Chatbots |
https://ploum.net/2026-01-19-exam-with-chatbots.html |
Detailed and thoughtful description of an open-book and open-chatbot exam run by [Ploum](https://fr.wikipedia.org/wiki/Lionel_Dricot) at École Polytechnique de Louvain for an "Open Source Strategies" class.
Students were told they could use chatbots during the exam but they had to announce their intention to do so in advance, share their prompts and take full accountability for any mistakes they made.
Only 3 out of 60 students chose to use chatbots. Ploum surveyed half of the class to help understand their motivations. |
2026-01-20 17:51:17+00:00 |