Notes from the runtime.
Long-form posts on browser rendering, prompt injection, identity warming, agent reliability, and the engineering decisions inside VulpineOS. New posts land here as they ship.
Stealth is necessary, not sufficient
Browser-agent demos all look the same because the field is selling the entry ticket. The product is an operator system: identity, execution, density — as one runtime.
Read post →Why an agent runtime needs a docShell patch, not a freeze script
JS-on-JS freeze libraries are clever but cannot suspend the event loop from inside it. Action-lock is a C++ patch on nsDocShell — here's the protocol and what it prevents.
Read post →