Ai

Sancho is skeptical by design, and with Skills you need to be more skeptical than ever. In my note “Sancho Learns Skills” I described how convenient it is to download a ready-made Skill and plug it into your agent. What I didn’t mention is the dark side: every Skill you download from a public marketplace is someone else’s code that your agent will run with your permissions. That’s the new weak link in the supply chain: attackers are already poisoning these repositories with malicious Skills. In this note I lay out a few ideas to protect yourself. …

I’ve been seeing people giving nicknames to their AI assistant. I’ve taken to calling mine “Sancho” (Panza), a nod to that lovable character – a practical, down-to-earth, loyal and skeptical fellow who avoids his own “hallucinations.” Let’s see if I can find time here and there to write notes about Agentic AI. One of Sancho’s key decisions is to rely on concrete abilities – Agent Skills, an architecture designed for AI models to learn and execute specific procedures in a persistent manner. …