Cursor replaced 12,000+ lines of work-tree code with 200-line markdown skills using two primitives: agent skills and sub-agents.
New /worktree and /bestevent slash commands let users spawn isolated agent instances mid-chat without UI dropdowns or version updates.
Work-tree feature now works with multi-repo setups (frontend + backend separate repos), which was completely disabled before.
Markdown-based prompts enable server-side iteration—improvements push to users immediately without requiring Cursor version updates.
Main trade-off: agents now rely on prompting to stay within work-trees rather than hard OS-level isolation, requiring evals and reinforcement learning.
Best-event comparison UI improved significantly—parent agent now stitches together code pieces from multiple models, not just selecting one winner.
Cursor training Composer model with RL tasks for work-tree environments to improve staying on track; smaller models like Haiku deviate more frequently.
Using BrainTrust evals with Cursor CLI to score whether agents work in correct checkout vs. incorrectly in primary repository.
Feature less discoverable now (power users must know /worktree command exists), but acceptable tradeoff for advanced-only tool.
Future work: native work-trees UI in Cursor 3.0 agent window and exploring non-git parallelization primitives to avoid disk/speed overhead.
Cursor rebuilt its parallel-agent work-tree feature — isolated git checkouts running best-of-n comparisons — by composing two existing primitives: agent skills and sub-agents. Maintenance burden drops sharply and multi-repo support is gained, but models occasionally escape isolation on long sessions; evals run via BrainTrust and RL training address reliability.
AI companies grow 3x faster than traditional SaaS: top 100 AI firms reached $20M ARR in 20 months vs. 65 months for SaaS peers.
Hybrid pricing adoption surged from 6% in 2024 to 41% today; 56% of AI company leaders now use hybrid models instead of pure subscription.
5-10% of power users consume 80% of compute; pure subscription and usage-based models alone fail to protect margins in AI businesses.
Define value through customer perception, not technical specs: customers care about outcomes (decks generated, tickets solved) not API calls or tokens.
Four value frameworks: automation (time savings), augmentation (quality improvement), enhanced service (proprietary access), and improved results (direct ROI impact).
Translate pricing changes using credits: abstract features into credits so you can shift pricing under the hood without shocking customers.
Hypergrowth AI companies change pricing 3+ times in 2 years; static pricing signals stagnation. Frequent iteration is a competitive advantage.
Guard against bill shock with usage caps, automated notifications at 50/70/90% utilization, and optional auto top-up to maintain customer trust.
84% of AI leaders agree fast pricing adaptation is key competitive advantage; test pricing frequently rather than waiting for the perfect model.
Hybrid model structure: base subscription fee (predictable revenue, committed relationship) + usage scaling fee (margin protection, customer experimentation).
Stripe's Mayank Pant presents a five-step AI pricing framework covering value definition, charge metrics, model selection, guardrail design, and iteration cadence. Key finding: 5-10% of power users consume 80% of compute, making pure subscription untenable; OpenAI, Anthropic, and ElevenLabs use a credits abstraction to evolve pricing without customer-facing disruption.
Generative AI models are inherently non-deterministic (probabilistic), making every output a roll of the dice—all traditional security mental models assume deterministic inputs guarantee outputs.
Black box testing of LLM-enabled applications is unreliable; demand data flow diagrams and application-level logging of both prompts and responses, not just LLM-layer logging.
LangSmith requires only two lines of code to capture every LLM call (prompt and response) without major refactoring, solving the logging skeleton-key problem for AI applications.
Findings from LLM security testing are often non-repeatable due to non-determinism; pre-negotiate acceptance criteria with stakeholders since threat actors will have time to recreate unrepeatable findings in production.
Prompt injection is a feature, not a bug of LLMs—you cannot solve it with syntax restrictions because that kills the value proposition; only mitigation is guardrails around all LLM output.
LLM output must be treated as hostile data crossing a trust boundary, similar to second-order SQL injection; adversaries can describe malicious payloads in plain language to bypass input filters.
Agents must run under non-human identities (service principals), never under user identities, to avoid non-repudiation problems and preserve audit trails.
OAuth and OIDC lack attribution mechanisms for agentic workflows and cannot answer why a task was performed or under what context—they are insufficient for autonomous AI systems.
Limit input prompt size on both client and server side; constraining user input to sentences or 300 characters can stop many 'do anything now' prompt injection attacks.
Create test harnesses with pre-generated adversarial LLM outputs rather than relying on the LLM to regenerate the same output—this enables repeatable security testing and deeper application flow analysis.
Jake Williams (former NSA) walks through five production vulnerability classes — prompt injection, insecure output handling, credential leakage, weak agent identity governance, and logging gaps — and maps controls including LangSmith, Llama Guard, and prompt firewalls. Core guidance: treat LLM outputs as hostile by default and build test harnesses to reproduce probabilistic findings.
Memory architecture uses sparse temporal attention in video encoder plus compressed language summaries to span short-horizon (15 frames) and long-horizon (minutes) tasks without excessive latency or distribution shift.
Multi-scale embodied memory (MEM) combines dense visual observations for recent past with semantic language-based summaries for longer history, enabling robots to track completed steps and avoid failure loops.
PIO 7 uses rich conditioning—metadata, subtasks, predicted subgoals—to train a single high-performance, generalizable policy instead of separate pretraining and post-training stages.
Conditioning on quality and speed metadata at inference time lets a single policy checkpoint match performance of previously fine-tuned task-specific models without retraining.
Cross-robot transfer demonstrated: UR5 arm learned to fold shirts using subgoal conditioning, despite no laundry training data, by generalizing skills learned on other tasks.
Robots without memory fail repeatedly on identical errors (chopstick grasping, symmetric fridge); memory enables in-context adaptation—e.g., adjusting grasp height after observing failure.
Long-horizon task failures occur subtly in partial observability scenarios (unpacking grocery bag, washing plate, grilling); memory prevents endless loops when objects are unobserved.
Rich metadata conditioning enables "coaching" mode: humans guide robots through unseen tasks in language without teleoperation, policies then distill into end-to-end learned behaviors.
Longer task horizons increase distribution shift burden; robot must generalize more because exact 20-30 minute episodes become increasingly rare in training data.
Poor-quality training data hurts performance when forcing models to learn full distribution, but with quality-conditioned metadata, bad data improves generalization by teaching the model robustness.
Mem compresses visual tokens for short-horizon tracking and language summaries for long-horizon semantics, keeping inference under 300ms. PIO 7 trains a single policy with task metadata and subgoal conditioning, matching fine-tuned specialists on kitchen, laundry, and recipe tasks without post-training.
Stripe launched agent-native payments infrastructure including Stripe Projects (one-shot agentic app deployment), Machine Payments Protocol (MPP), and Link wallet for agents to enable autonomous economic transactions between AI systems.
Stripe's new business formation inflection shows parabolic growth since early 2026, with Stripe now serving 5 million businesses generating $1.9 trillion in payment volume (34% YoY growth vs 2% global GDP growth).
Agentic Commerce suite integrates with Google Gemini, OpenAI ChatGPT, Microsoft Copilot, and Meta ads; Shopify becomes preferred catalog provider with billions of products discoverable to agents.
Metronome real-time billing engine enables token-based pricing with instantaneous metering, rating, and alerting; Tempo blockchain processes micropayments by the millisecond using stable coins.
Stripe Radar expanded to prevent token theft across AI companies: blocks multi-account abuse (1 in 6 signups at AI firms), free trial abuse (3.3M blocked last month), and pay-as-you-go non-payment.
Stripe Treasury now live in 119 countries with instant, zero-cost transfers between Stripe businesses (4.8M daily transfers); expanded stable coin payout support and FDIC insurance for US balances.
Custom Objects primitive lets businesses embed domain-specific logic (shipments, policies, claims) directly in Stripe; Workflows and custom apps enable tailored financial operating systems without leaving dashboard.
Stripe Signals provides direct access to network intelligence: risk scoring, business trustworthiness, and customer conversion recommendations across millions of on-and-off-Stripe transactions.
Stripe Issuing now supports stable coin cards in 100 countries through USDC and other stablecoins; platforms like Shopify becoming Tempo validators to enable agentic commerce at scale.
Stripe Database (private preview) provides real-time PostgreSQL access to Stripe data; Platform Growth Studio analyzes thousands of platforms to surface personalized pricing and product adoption opportunities.
Stripe Sessions 2025 unveils Machine Payments Protocol for agent-to-API purchasing, Link agent wallets with user-approved spending limits, Metronome token metering, and Tempo streaming payments. Treasury expands to 119 countries with stablecoin payouts; Radar fraud detection extends to all payment methods. Google, Meta, OpenAI, and Shopify are launch partners.