Death of the Wrapper: Google has fundamentally altered the trajectory of AI application development with the release of managed Model Context Protocol (MCP) servers for Google Cloud Platform (GCP). By treating AI agents as first-class citizens of the cloud infrastructure—rather than external clients that need custom API wrappers—Google is betting that the future of software interaction is not human-to-API, but agent-to-endpoint. 1. The Technology: What Actually Launched? Google’s release targets four key services, with a roadmap to cover the entire GCP catalog. • BigQuery MCP: Allows agents to query datasets, understand schema, and generate SQL without hallucinating column names. It uses Google’s existing “Discovery” mechanisms but formats the output specifically for LLM context windows. • Google Maps Platform: Agents can now perform “grounding” checks—verifying real-world addresses, calculating routes, or checking business hours as a validation step in a larger workflow. • Compute Engine & GKE: Perhaps the most radical addition. Agents can now read cluster status, check pod logs, and potentially restart services. This paves the way for “Self-Healing Infrastructure” where an agent detects a 500 error and creates a replacement pod automatically. The architecture utilizes a new StreamableHTTPConnectionParams method, allowing secure, stateless connections that don’t require a persistent WebSocket, fitting better with serverless enterprise architectures. 2. The Strategic Play: Why Now? This announcement coincides with the launch of Gemini 3 and the formation of the Agentic AI Foundation. Google is executing a “pincer movement” on the market: 1. Top-Down: Releasing state-of-the-art models (Gemini 3). 2. Bottom-Up: Owning the standard (MCP) that all models use to talk to data. By making GCP the “easiest place to run agents,” Google hopes to lure developers away from AWS and Azure. If your data lives in BigQuery, and BigQuery has a native “port” for your AI agent, moving that data to Amazon Redshift (which might require building a custom tool) becomes significantly less attractive.

Our mission is to create a true learning community where an exploration of AI, tools, agents and use cases can merge with thoughtful conversations about implications and fundamental ideas. If you are joining, please consider engaging, not just lurking.Tell us about yourself and where you are in life journey and how tech and AI intersect it. for updates on research, models, and use cases, click on the Classrooms tab and then find the Bleeding Edge Classroom

two things can be simultaneously true: that LLMs have critical limits with hallucinations, generalizations and planning that aren’t solvable by scale— GPUs and model size alone AND LLMs engaged in recursive improvement, math and language innovation and other hidden state iterations could overcome the limits on the way to ASI…

The npm Supply Chain Attack Explained: What You Need to Know (And What To Do) A plain-language guide to the Shai-Hulud "Second Coming" attack—and how to protect yourself The Situation in Plain English If you're a developer, you probably use npm install regularly. It's one of those commands that feels as routine as checking your email. You type it, lean back, and wait for your project's dependencies to install. What if I told you that between November 21-24, this year, that simple command became dangerous? Here's what happened: attackers compromised some of the most popular npm packages used by developers worldwide—including tools made by Zapier, Postman, PostHog, ENS Domains, and AsyncAPI. When developers ran npm install to use these packages, malicious code ran automatically before the installation even finished. Most developers never noticed. The malware didn't install ransomware or encrypt your files. It did something arguably worse: it stole your secrets—every API key, GitHub token, AWS credential, and authentication token sitting on your machine—and uploaded them to public GitHub repositories where attackers could access them. Think of it like someone stealing your house keys. You might not notice the keys are gone for days. By then, the thief has already made copies and given them to accomplices. What Makes This Different? The "Worm" Aspect Traditional malware might infect one package. You'd catch it, the security team would fix it, and life goes on. This attack uses "worm" tactics. It's self-propagating. Here's how: The malware didn't just steal your secrets—it used those stolen credentials to log into npm and upload even more infected versions of other packages. Those new infected packages then did the same thing to the next developer who ran npm install. Result: In just four days, the attack spread to over 425 packages and compromised 25,000+ GitHub repositories full of stolen credentials. That's roughly 1,000 new breaches every 30 minutes. The attackers even named it after the sandworms in Dune—massive, self-replicating creatures that devour everything in their path. The metaphor is uncomfortably accurate.

Tomorrow we will be going over what we are calling the Distributed Authority Network (DAN) (TM) in the Hidden State Drift Power Session. It leverages a couple of key ideas that have surfaced in research and testing. Our goal is to create not just a high-level strategic implementation, but boil it down to structured prompts you can use in not just Claude Code, but other tools like Perplexity. It is not something you want to miss. 12 Noon Eastern. Thursday November 13. It will be recorded. Deliverables will be an example source file, slides and strategy memo, structured prompt. #hiddenstatedrift