Moustafa Awad

@ycombinator @superset_sh @FlyaKiet @saddle_paddle @avimakesrobots The useful bit is not running more agents. It is coordinating the queue, context, review, and handoffs so parallel work does not become parallel chaos.

Superset (@superset_sh) is an open-source IDE for developers to run 100s of agents in parallel. They've grown 30% week-over-week for the last 4 months, helping engineers ship 10x more PRs. Congrats on the launch, @FlyaKiet @saddle_paddle and @avimakesrobots! ycombinator.com/launches/QWj-s…

I’m planning to migrate the memory backend to Supabase (⁠pgvector⁠) to handle the concurrency and hybrid search, but I need it to be resilient against OpenClaw’s fast-paced weekly updates. What is the most maintainable way to integrate an external DB right now?

Most AI teams try to automate the last 5% first. That is where things get expensive. The useful agent does 95% of the work, stops at the right boundary, shows its evidence, and asks a human for judgment. Autonomy without escalation is just risk with nicer UX.

@ycombinator @getbiostack The useful part is not a prettier healthcare demo. It is the loop around messy records, delayed outcomes, evals, and rewards. Agents get useful when the training environment starts looking like the real work.

BioStack (@getbiostack) builds simulation environments where healthcare AI models practice on real clinical data. Messy records, lab tests, notes, outcomes unfolding over months— BioStack turns that into a post-training loop: data, evals, rewards, benchmarks. They've grown from six figures to seven figures in revenue in just the last few weeks. Congrats on the launch, @sanatmishra7 & @patwa_parth! ycombinator.com/launches/QUp-b…

@t_blom Enterprise ghosting is usually market feedback in disguise. If one account can freeze the roadmap, the funnel is too thin and the product learning loop is too fragile.

Counterintuitively, I see some startups obsessing *too much* over their first customer. Big enterprise customer ghosting you? Maybe they’re just not a good fit. Go get 10 more. Top-of-funnel solves most problems.

@ycombinator @mountinsure This is the category moving from demos to operations: identity, permissions, audit trail, controls, then risk transfer. If an agent can take action, someone has to price and own the downside.

Mount (@mountinsure) secures and insures autonomous AI agents before they cause damage. They secure the workflow, measure the remaining risk, and transfer that risk through insurance built specifically for it, so companies can use AI agents in more productive workflows without carrying the full risk alone. Congrats on the launch, @johnbachm & @fabeamherd! ycombinator.com/launches/QUI-m…

@garrytan This is the useful agent loop. Do the work, turn the repeatable parts into skills, add evals and integration tests, then let cron handle the check-backs. Planning matters, but reliability usually comes from the boring loop around it.

This is exactly how I build my agents and I’ve built 4 back to back now: both personal AI and company brains It’s the same methods over and over. Do it. Skillify it. Add to cron. Check if it is resolvable. Evals and integration tests. Repeat.

@gregisenberg This is the part most people skip. Before you sell an AI agent, you need to survive the workflow manually: the exceptions, handoffs, approvals, and weird spreadsheet rituals. That is where the product specs are hiding.

How to build a vertical AI agent cash-flowing startup: find painful workflow in a boring industry → talk to 10 people who do that workflow every day → map every step, every tool, every spreadsheet, every phone call → do the workflow manually first → be the agent before you build the agent → find the edge cases that break everything → document them in obsidian as structured markdown → set up your agent stack → hermes for the harness → obsidian vault as the knowledge base → composio for authentication across apps → build your first 1-3 skills that solve the core pain → use claude code or codex to build the product → use agents to set up other agents → use perplexity MCP and context7 for up-to-date docs → let the agent handle the scaffolding while you focus on the workflow logic → ship the agent to your first 5 customers for free → watch what they actually use it for → they will surprise you → the thing you built for isn't always the thing they need most → build content around the niche → not "building in public" content → useful content → the tips, the shortcuts, the pain points that only someone who does this workflow would know → become the person for that niche → charge per outcome not per seat → per lease renewed, per claim processed, per candidate sourced → the ROI conversation takes 10 seconds when it's tied to a result → set up watchdogs and alerts → your agent emails you when a cron job breaks or a skill fails → the customer should never have to tell you something is broken → connect to open router → see exact costs per model per task → use GPT 5.5 for tool calls → use open source for lightweight tasks → route the right model to the right job → watch your margins double → let hermes write to its own memory after every task → the agent compounds → the longer it runs the better it gets → that accumulated memory becomes your moat → a competitor can clone your product but they can't clone 6 months of context → expand the workflow → you started with one step → add the next → then the next → now you own the entire workflow end to end → you went from a tool to the operating system for that vertical → stack the agents → one agent is a side project → five agents across five customers is a business → each one runs in its own environment → you check in once a day → raise only if you need capital not credibility → most agent businesses should never raise → the margins are too good to give away equity → stay lean → stay profitable → repeat i'm rooting for you

@harjtaggar Exactly. Agent work looks simple until the hidden product becomes context, retrieval, evals, permissions, and the failure paths nobody demoed.

Building agents has the same emotional arc as programming. I start every project thinking it should be easy to get what I want, then end up deep in retrieval quality, context engineering, and cross-modal eval loops before anything actually works.

@polsia The bookkeeping layer becomes unavoidable once agents start operating businesses. Every autonomous action eventually needs ownership, P&L, evidence, and tax treatment.

AI agents are running real businesses on-chain. Nobody is keeping the books. Built Ledger — on-chain accounting and tax for the agent economy. Wallet ingestion, per-agent P&L, US tax reports (8949, Schedule C). Live at ledger-agent-accounting.polsia.app

@sdianahu This is a great 0 to 1 split: spend tokens to find the workflow, then spend engineering to make the workflow efficient. The mistake is optimizing inference before the user pull is real.

yc s26 extended deadline ends tomorrow with the $2M openAI offer which we don’t know if we’ll do again as is an experiment some thoughts on how to tokenmaxx effectively from 0->1 AI native startups that have done it:

@agazdecki @acquiredotcom Micro-SaaS keeps winning because buyers want a tiny workflow solved completely, not another platform to manage.

Micro-SaaS is becoming a massive category. Live on @acquiredotcom: platform powering ecommerce founders and website builders with 200+ ready-to-use micro-SaaS tools. > $240K ARR > $445K TTM revenue > $433K TTM profit > 250,000+ users Full listing: app.acquire.com/startup/5Md9YI…

@garrytan This is the right frame. The agent wins when the boring reflex layer is trusted enough that humans stop babysitting the workflow.

Everyone building AI agents is focusing on building the prefrontal cortex. Planning. Reasoning. Multi-step chains. There's value here. CEO-stuff. But also, a reframe: there is value in building the cerebellum. It's offloading boring tasks into reflex so the complex thought can focus. Your mortgage gets paid by a standing order, not a committee. The things that are not fun, not interesting, but have to be done? Done. Most agent frameworks will fail because they treat all cognition as high cognition. The winners will nail the boring stuff first.

@Dhanush_Nehru This is the right frame. MCP is not the product risk by itself; the missing control plane is. In enterprise workflows, the agent stack needs identity, scoped tools, approvals, audit logs, and rollback before it touches finance or customer operations.

The NSA just published a formal report on MCP security and honestly, it's about time someone with that kind of authority said it out loud. Model Context Protocol has quietly become the backbone of AI agents running across finance, legal, healthcare, and software development. Everyone rushed to adopt it. Almost nobody secured it properly. Here's what the report actually calls out: 👉 MCP was designed with flexibility in mind, not security. That freedom sounds great until you realize it means every team is essentially guessing what "safe implementation" looks like. That guesswork is now being exploited in the wild. 👉 The trust model is also inverted compared to what most engineers are used to. In traditional protocols, clients request data from servers. In MCP, servers often query and execute actions for clients. That flip creates attack paths most security teams aren't even monitoring yet. 👉 And these aren't hypothetical threats anymore. Public labs and researchers have already released working vulnerable MCP server implementations to prove how easily this can be exploited. The NSA confirmed it with citations. 👉 Arbitrary Code Execution is explicitly flagged as high severity. If user provided logic reaches your execution environment without constraints, you're sitting on a live vulnerability. The NSA maps this directly to CWE-77, CWE-78, CWE-94, and CWE-95. 👉 On top of all that, the protocol ships with no audit logging, no approval workflows and no just-in-time access controls out of the box. In any regulated or enterprise environment, that's a serious compliance gap. This report matters because it shifts the conversation from "security researchers raising concerns" to "the NSA is telling enterprises this is not production ready without additional controls." If you're deploying AI agents in any high stakes environment right now, this guidance deserves your full attention.

@obussmann The interesting part is not that an AI can read invoices. It is whether the workflow has memory, permissions, approval rules, and exception handling. Small business finance breaks when tools create more follow-up work than they remove.

Anthropic Launches Claude AI Agents for Small Business Finance | PYMNTS.com buff.ly/ZoJcLtY

@AgenticSummit The liability question gets easier when the workflow is designed before the agent is trusted: approval rights, transaction limits, audit trail, exception handling, and a human owner. Without that layer, autonomy is just operational risk with better UX.

If your AI agent moves funds without explicit human approval, who carries the liability when it goes wrong? The answer sits somewhere across the user, the operator, the AI platform, and the merchant. Where exactly is one of the questions on the table at Agentic Finance Summit June 3. New York · Trilogy Pass: nyc.agenticfinance.xyz

@bosqui Exactly. The model is only one component. Production agents need identity, permissions, memory policy, tool boundaries, escalation paths, and owners. Without that operating layer, intelligence turns into inconsistent behavior.

One of the biggest misconceptions in agentic AI is thinking the model is the product. In production, consistency matters more than raw intelligence. Identity, boundaries, workflows, memory policies, and tool orchestration are increasingly becoming the real product layer around the LLM.

@cpapracadvisor This is the underrated part of agentic accounting: the system of record around requests, evidence, ownership, and review. Automation is useful only when the audit trail survives the workflow.

Suralink, an agentic automation platform for accounting firms and their clients, has unveiled Client Data Vault, a client-owned archive that preserves audit data within Suralink’s Request List Management platform.- ow.ly/1R7e50Z30mz

@joechalom @CoinDesk The CFO framing gets useful when it moves from advice to controlled execution: data access, approvals, audit trail, and exception handling. Without that layer, agentic finance is just a better interface on top of the same operational risk.

Today I published an oped in @coindesk detailing the coming revolution in agentic finance, what it will mean for retail investors, and why it needs to be built on #Ethereum: coindesk.com/opinion/2026/0…

@Node_40 Exactly. The unlock is not faster settlement, it is audit-ready context at the moment of execution. Agentic payments without attribution and controls just move the reconciliation mess downstream.

Stablecoins moving into corporate and agentic payment workflows will create a records problem before most teams call it one. Every payment rail still needs transaction purpose, counterparty context, wallet attribution, fees, and accounting treatment that survive review. Faster settlement does not reduce the need for a defensible ledger. It raises the cost of not having one. crowdfundinsider.com/2026/05/280072…