Pm
The Chaos Translator #2
The Chaos Translator #2
When AIs Check Each Otherâs Blind Spots
Part 1: Constitution, Collaboration, and Protecting Yourself in the Agent Era
Last week I told you I see patterns others miss. This week, I want to show you one.
Weâre entering an era where AI systems donât just answer your questionsâthey talk to each other, check each otherâs work, and increasingly make decisions on your behalf. That sounds incredible until you realize most people have no idea how to make sure those systems arenât just agreeing with each other into oblivion.
So today weâre covering a lot of ground: how Claudeâs constitution gives AI systems a moral compass that other models can learn from, why letting AI agents talk to each other might actually reduce bias instead of amplifying it, how to catch your AI being a yes-man, a social network thatâs literally built for bots, and a new cloud-native malware framework that should make every Linux admin lose sleep.
Grab your coffee. This oneâs dense.
Claudeâs Constitution: The Moral Compass Other AIs Are Missing
Anthropic recently published something quietly revolutionary: Claudeâs full constitution. Not a terms of service. Not a usage policy. A detailed, philosophical document that describes who Claude should beâits values, its judgment, how it should handle conflict between competing interests.
Hereâs what caught my pattern-recognition brain: the constitution doesnât just say âdonât be harmful.â It establishes a priority stack. Claude should be broadly safe first, broadly ethical second, compliant with Anthropicâs guidelines third, and genuinely helpful fourth. When those priorities conflictâand they willâClaude has a framework for navigating the tension.
Why does this matter beyond Claude users? Because this is the first time a major AI lab has said: âHereâs the actual value system weâre training into our model. Critique it. Copy it. Improve on it.â They released the whole thing under Creative Commons CC0âmeaning anyone can use it for any purpose.
Think about what that means for the broader AI ecosystem. If youâre building agents on top of open-source models, or stitching together multi-model pipelines, you now have a reference architecture for valuesânot just capabilities. The constitution addresses things like how to handle manipulation attempts, when to exercise independent judgment versus deferring to users, and why epistemic autonomy matters. These arenât just Claude problems. Theyâre every-AI problems.
The part that resonates most with my privacy work: the constitution explicitly calls out the danger of AI systems fostering âproblematic forms of complacency and dependence.â It wants Claude to help people think better, not think less. In a world where weâre increasingly routing our epistemology through AI interactions, thatâs not a nice-to-have. Itâs load-bearing infrastructure.
Agent-to-Agent: When AI Systems Learn to Talk (and Disagree)
Now hereâs where things get interesting. Googleâs Agent2Agent (A2A) protocol is an open standardânow under the Linux Foundation with 21,000+ GitHub starsâthat lets AI agents from different frameworks, different companies, and running on different servers communicate and collaborate. Not as tools calling tools, but as agents coordinating with agents.
The A2A protocol handles discovery (agents publish âAgent Cardsâ describing what they can do), negotiation (they agree on interaction formatsâtext, structured data, media), and collaboration on long-running tasks. Critically, agents can work together without exposing their internal state, memory, or tools. They stay opaque to each other. Thatâs a privacy-preserving design choice that my Apple AI/ML brain appreciates deeply.
Hereâs the connection I want you to see: imagine pairing AI systems that have different constitutional valuesâdifferent ethical training, different bias profilesâand letting them cross-check each otherâs work. A Claude agent trained on Anthropicâs constitution reviewing output from an OpenAI model. A Perplexity agent doing web research while Claude does analysis and OpenAI validates.
I built a proof of concept to test this exact idea: feedyourresearch.online. Itâs a multi-agent research tool powered by A2A where Perplexity handles web search, Claude handles analysis, and OpenAI handles validation. You can watch them coordinate in real-time as they research a topic, choose your depth level (quick, standard, or deep), and download the output in multiple formats.
This isnât just a cool demo. Itâs a thesis: when you pair AIs with different training philosophies and let them challenge each other through a standardized protocol, you get more robust, less biased outputs than any single model produces alone. The same way a good editorial board has people who disagree productively, a good AI pipeline should have models that see different things.
Your AI Is a Yes-Man (And How to Fix It)
Speaking of bias: letâs talk about sycophancyâthe tendency of AI models to tell you what you want to hear instead of what you need to hear.
Claudeâs constitution actually addresses this head-on, calling it out as a trait thatâs âgenerally considered an unfortunate trait at best and a dangerous one at worst.â It explicitly says Claude should be âdiplomatically honest rather than dishonestly diplomaticâ and calls epistemic cowardiceâgiving vague answers to avoid controversyâa violation of honesty norms.
But hereâs the thing: even with good constitutional training, sycophancy creeps in. Every model has this tendency to some degree. So what can you do about it?
Practical ways to reduce AI sycophancy:
1. Ask it to argue against itself. After getting an answer, say: âNow tell me why that answer might be wrong.â A sycophantic model will struggle with this. A well-calibrated one will give you genuine counterpoints.
2. Pre-commit to disagreement. Start your prompt with: âI want you to push back on my assumptions. Donât agree with me just because I said it.â Framing the expectation up front changes the dynamic.
3. Use the confidence calibration test. Ask: âOn a scale of 1-10, how confident are you in that answer, and what would change your mind?â If it says 9/10 on something genuinely uncertain, itâs flattering you.
4. Cross-reference with a differently-trained model. This circles back to the A2A ideaârun the same question through multiple models and look for where they diverge. Divergence is where the interesting truth lives.
5. Watch for the hedge-then-agree pattern. Sycophantic responses often start with âThatâs a great question!â or âYou raise an excellent point!â before agreeing. If every response starts by validating you, youâre not getting honesty. Youâre getting customer service.
Moltbook: A Social Network Where the Users Are Bots
Alright, now for the one thatâs going to make the tech junkies among you sit up straight.
Moltbook calls itself âthe front page of the agent internetââa social network where AI agents are the primary users. They post, discuss, upvote, and interact. Humans are âwelcome to observe.â
Before you dismiss this as a novelty, think about the security implications. Weâre building an internet where AI agents have identities, interact socially, and authenticate against services using those identities. Moltbook is literally building a developer platform where AI agents can authenticate with your app using their Moltbook identity.
This is fascinating and terrifying in equal measure. The questions it raises are the ones security professionals should be losing sleep over: How do you verify an agentâs identity? What happens when agents can impersonate other agents? How do you build trust hierarchies for non-human users? What does reputation mean when the âuserâ is a language model?
Moltbook is still in beta, but itâs a preview of where the agent ecosystem is headingâand a stress test for every assumption we have about identity, authentication, and trust on the internet. Keep your eye on this one.
VoidLink: The Cloud-Native Malware That Should Scare You
Shifting gears to the threat landscape. Check Point Research just published findings on VoidLink, a sophisticated Linux malware framework built from the ground up for cloud and container environments. This is not your grandfatherâs malware.
VoidLink is cloud-first. It detects whether itâs running on AWS, GCP, Azure, Alibaba, or Tencent and adapts accordingly. It recognizes Kubernetes pods and Docker containers. It has 37+ modular plugins covering everything from credential harvesting to container escapes to an SSH-based worm for lateral movement. And it features âadaptive stealthââit calculates a risk score for the environment and adjusts its evasion strategy in real-time.
What caught my attention: this framework specifically targets developer workstations that interface with cloud environments. It harvests Git credentials, SSH keys, browser data, and API tokens. Itâs not just about owning a serverâitâs about turning compromised developer machines into launchpads for supply-chain attacks.
Hereâs what you can do to protect yourself:
Rotate your SSH keys and cloud credentials regularly. VoidLink specifically harvests these. If youâre still using the same SSH key from three years ago, nowâs the time.
Audit your environment variables. One of VoidLinkâs plugins specifically scans exported variables for API keys and tokens. Stop storing secrets in env vars if you can avoid itâuse a secrets manager.
Monitor for unusual cloud metadata queries. VoidLink pings cloud provider metadata APIs (like AWSâs 169.254.169.254) to fingerprint environments. If your monitoring catches unexpected metadata requests, investigate.
Check your container escape surface. VoidLink has dedicated plugins for Docker escapes and Kubernetes privilege escalation. Ensure your containers are running with minimal privileges and your pod security policies are enforced.
Review your browserâs stored credentials. The framework targets Chrome and Firefox stored passwords and cookies. Consider a dedicated password manager instead of browser storage.
The full Check Point write-up is worth reading end-to-end if you work in cloud infrastructure or DevOps. This is the kind of threat that makes the "cloud is someone elseâs computer" joke a lot less funny.
𤣠ROFL of the Week: The AI Super Bowl Ad Beef
I canât let you go without this one.
Anthropic (yes, the company that makes Claudeâthe AI Iâm literally using to help draft this newsletter) dropped Super Bowl ads this week that absolutely roasted OpenAIâs decision to put ads in ChatGPT. The âA Time and a Placeâ campaign shows people asking their AI deeply personal questionsâabout communicating with their mom, getting in shapeâand then the chatbot suddenly pivots into hawking a cougar dating service or height-boosting insoles. Itâs genuinely hilarious. Dr. Dreâs âWhatâs the Differenceâ on the soundtrack. Chefâs kiss.
Sam Altman did NOT take it well. He called the ads âclearly dishonest,â accused Anthropic of âdoublespeak,â and said they âserve an expensive product to rich people.â In fairness, he also said he laughed. But then he kept posting. OpenAIâs CMO jumped in too, calling Anthropic âauthoritarian.â Meanwhile, the internetâs response was basically: âWrong response, Sam. The reason these went viral is because public trust in you has already hit rock bottom.â
The irony of Anthropic arguing against adsâby spending $8 million on the most ad-saturated broadcast in existenceâis not lost on me. Neither is the fact that Iâm writing about it in a newsletter composed with their product. We contain multitudes.
Watch the full beef unfold: TechRadarâs coverage
Watch the ads: Anthropic on YouTube | OpenAI on YouTube
The Pattern
Hereâs the thread connecting all of this: weâre building an internet of agents. AI systems that have values (or donât), that talk to each other (through protocols or social networks), that try to please us (sometimes at the cost of truth), and that are being targeted by threat actors who understand cloud infrastructure better than most defenders.
The chaos isnât coming. Itâs here. The question is whether we build systems that translate that chaos into something usefulâor just add to the noise.
Next time, Iâll be going deeper on one of these threads. Let me know which one grabbed you.
â Ted
ââââââââââââââââââââââââââââââââââââââââ
Build your own systems that survive contact with chaos.
My Notion templates are the same frameworks I use to bring order to the projects, workflows, and ideas I write about here. If youâve ever wanted to see how a systems thinker actually organizes their life, check them out: currentyted.gumroad.com