When we talked with CJ Combs, he had 13 hours and 54 minutes before he could use his AI tool of choice, Claude Design, and start working again.

The senior AI business consultant, who focuses on AI and data for Columbus Global, employs Claude Design—a product currently in research preview—to support digital aspects of his business, like his website and marketing materials. He also uses Claude Cowork to run tasks like pulling together reports and organizing files at scheduled times. That means he’s sometimes hitting his limits of sessions and tokens.

AI users and IT pros like Combs face session limits and weekly caps, and must decide if they want to pay extra to extend a limit, wait out the time, or find an alternative AI tool. The decision isn’t easy when your AI-heavy workflow is on hold.

The limit does exist…at least with AI use.—BH

Do AI agents follow guardrails? It depends—and often hinges on the knowledge of the IT pros deploying them.

Cristian Rodriguez, CTO for the Americas at CrowdStrike, told IT Brew that it can all come down to how agents are configured. If done incorrectly, a goal-oriented agent could focus on retrieving an answer to the point where it accesses forbidden resources.

“It changes the way that data and risk can be exposed,” Rodriguez said. “That agent is very, very incentivized to accomplish its goal by the prompt itself that you’re giving it.”

Rubrik, a cybersecurity company, pointed in a blog post to recent evidence of AI agents breezing past guardrails, like an AI agent erasing an entire environment, or the “AgentSmith” exploit where an agent hid a malicious proxy. The company’s machine learning lead, Arnav Garg, wrote in that post that “even best-in-class guardrails…wouldn’t have helped” in the scenarios due to conversational safeguards in operational systems.

Question of the hour: Are guardrails enough?—CN

What if the vibes aren’t as bad as we think?

That’s the question UneeQ CTO Tyler Merritt is asking. The IT C-suiter isn’t sure the fears over vibe coding security are substantiated—and thinks the industry is looking in the wrong places for how to manage threats.

“There’s ultimately a human that has the responsibility to make sure that bugs or security holes don’t go out,” Merritt said. “Focusing on the tool as the problem is shifting the blame away from where it needs to be, which is making sure you have a rigorous process and it’s followed.”

Gathering the vibes. Using AI to code is growing in importance for IT teams and lay users alike. The technology is speeding up coding by allowing users to build apps and services without years of training. Its most vociferous advocates believe vibe coding could reshape the way the public interacts with the tech industry and lead to increased productivity gains.

Why excessive restrictions aren’t the answer.—EH

Using AI to code is growing in importance for IT teams and lay users alike. Learn how vibe coding may not be the problem for IT teams, but human oversight is.