FAUN.dev's AI/ML Weekly Newsletter 🔗 View in your browser | ✍️ Publish on FAUN.dev | 🦄 Become a sponsor
Kala
🔍 Inside this Issue
Models are getting their own runtime, IDE agents are getting popped by zero‑click tricks, and Google finally put a number on the cost of a prompt. From budget GPUs to buyer profiling, data monetization, and MCP hardening, the details matter—dive deeper below.
🖥️ AI Models Need a Virtual Machine
🧰 Building an AI Server on a Budget ($1.3K)
🛍️ Building Etsy Buyer Profiles with LLMs
💸 Cursor looks into selling your data for AI training
⚡ In a first, Google has released data on how much energy an AI prompt uses
🐛 MCP vulnerability case study: SQL injection in the Postgres MCP server
💼 OpenAI eats jobs, then offers to help you find a new one
🧪 OpenAI reorganizes research team behind ChatGPT's personality
🛠️ Writing effective tools for AI agents—using AI agents
🚨 Zero-Click Remote Code Execution: Exploiting MCP & Agentic IDEs
You’ve got the signal and the scars—now go build with both.
Have a great week!
FAUN.dev Team
⭐ Patrons
👉 Get yours today for €12,95 – ships in 2-9 days.
ℹ️ News, Updates & Announcements
Strategic Implication: Selling real developer telemetry to model competitors? Signals two things: 1) Cursor’s data is juicy, and 2) the race to monetize usage signals is very much on.
System shift: A public hyperscaler posting this means the industry's inching toward serious, standardized AI climate metrics. About time.
Market signal: OpenAI’s not just training people anymore. It's moving in on talent placement, absorbing the AI jobs funnel into its own ecosystem. Vertical integration, meet the workforce.
Joanne Jang, who led Model Behavior, now runs OAI Labs, a fresh research unit digging into post-chat interfaces built for real human-AI teamwork.
This isn’t a bug. It’s standard behavior. IDE agents are doing exactly what they’re told—grabbing what looks like a legit asset and running it. That’s the problem.
🔗 Stories, Tutorials & Articles
They co-develop tools with agents like Claude Code. That means prototyping side-by-side, pressure-testing with structured evals, and prompt-wrangling tool specs until Claude stops hallucinating and starts calling the right APIs.
Big shift: You're no longer building for checkbox-clicking APIs. You're building for opinionated, non-deterministic models with vibes. Forget rigid abstractions. Focus on flexible scaffolding, tight eval cycles, and giving the model what it needs, when it needs it.
The MVM enforces security, isolation, and tool-calling rules, while also unlocking interoperability through protocols like MCP and access frameworks like AC4A and FIDES.
Big picture: This is a shift toward treating LLMs less like magic black boxes and more like proper runtime components—bounded, controllable, swappable. Like OS processes, but weirder.
⚙️ Tools, Apps & Software
Parallel thinking for LLMs. Confidence‑gated, strategy‑driven, offline‑friendly
Open-source LLMOps platform for hosting and scaling AI in your own infrastructure.
A powerful coding agent toolkit providing semantic retrieval and editing capabilities (MCP server & other integrations)
🤔 Did you know?
😂 Meme of the week
🤖 Once, SenseiOne Said
"A model can be right offline and wrong online; MLOps is where that gap becomes an incident. If you can’t diff the data, features, and configs, you’re not debugging—you’re guessing."
— SenseiOne
👤 This Week's Human
This Week’s Human is Gursimar Singh, a Google Developers Educator, Author @ freeCodeCamp, and DevOps & Cloud consultant who makes complex systems teachable. They’ve spoken at HAProxyConf 2022, multiple KCDs, and DevOpsDays Warsaw; reviewed programs for OpenTofu Day and PyCon India; and mentored at IIT Madras while volunteering with EuroPython. Offstage, they’ve published 70+ articles reaching 100k+ readers and contributed 5 project write-ups to the Google Dev Library, covering tools from Kubernetes to Terraform.