The VP Geek Speaks

Cursor Automations and the Shift from Prompting to Policy

One of the most current product shifts in AI development tooling is Cursor Automations, which turns coding agents into event-driven workflows instead of one-off assistants. The feature can trigger work from commits, Slack messages, timers, and operational events, then route the agent through review, checks, and deployment-style steps with humans only stepping in at key points.

That may sound like just another convenience layer. It is not. It reflects a deeper change in how teams are thinking about AI tooling.

VS Code's New Agent Features Show What 'Practical' Actually Means

One of the better AI tooling posts of the month came from Microsoft itself: “Making agents practical for real-world development.” That framing is useful because it captures what the market is moving toward. The interesting releases are no longer just about whether an agent can generate code. They are about whether the agent can survive contact with a messy, real workflow.

VS Code 1.110 is a good example of that shift. The March release adds native browser control for agents, better session memory, context compaction for long conversations, installable agent extensions, and a real-time Agent Debug panel. None of those features are flashy in isolation. Together, they show what “practical” now means in agentic development.

Why AI Testing and Validation Tools Are Becoming the Real Leverage Point

One of the clearest signs that the AI coding market is maturing is that some of the most interesting product launches are no longer about generating code. They are about proving the generated code is usable.

TestSprite 2.1, released in early March 2026, is a good example. The company says nearly 100,000 development and QA teams now use the platform to validate AI-generated code, and the latest release claims a 4-5x faster testing engine, visual test editing, automatic pull request testing, and an especially telling benchmark: AI-generated code initially passed only 42% of comprehensive test cases, but jumped to 93% after one iteration with TestSprite’s testing agent.

The Latest AI Code Security Benchmark Is Useful for One Reason

The newest AI code security benchmark is worth reading, but probably not for the reason most people will share it.

The headline result is easy to repeat: across 534 generated code samples from six leading models, 25.1% contained confirmed vulnerabilities after scanning and manual validation. GPT-5.2 performed best at 19.1%. Claude Opus 4.6, DeepSeek V3, and Llama 4 Maverick tied for the worst result at 29.2%. The most common issues were SSRF, injection weaknesses, and security misconfiguration.

OpenAI Symphony and the New Bottleneck: Orchestrating Agents Well

OpenAI’s new Symphony project is one of the most revealing open-source releases in the current coding-agent cycle.

At the surface level, it is an orchestration framework for autonomous software development runs. It connects to issue trackers, spins up isolated implementation runs, coordinates agents, collects proof of work, and helps land changes once they are verified. It is built in Elixir on the BEAM runtime and is clearly optimized for concurrency and fault tolerance.

GitHub Copilot's Real Upgrade Is Choice, Not Just More Models

On February 26, GitHub expanded access to Claude and Codex for Copilot Business and Copilot Pro users, following the earlier February rollout to Pro+ and Enterprise. On paper, this is a pricing and availability update. In practice, it is a product-definition change.

GitHub is turning Copilot from a branded assistant into a control surface for multiple coding agents.

Why This Is Bigger Than It Sounds

For a long time, the framing around Copilot was simple: GitHub had an assistant, and the main question was how good that assistant was. With Claude and Codex available directly inside GitHub workflows, the framing changes.

Visual Studio's Built-In Azure MCP Server Is a Bigger Deal Than It Looks

Microsoft quietly made one of the strongest enterprise bets in the current AI tooling cycle: Azure MCP Server is now built into Visual Studio 2026.

For teams already living in Microsoft’s ecosystem, this is not just another integration announcement. It is a signal that agentic workflows are moving from optional plugin territory into the default shape of mainstream enterprise development.

Why This Matters

MCP, or Model Context Protocol, is becoming the standard way AI agents connect to tools, systems, and data sources. We already knew that mattered in principle. What changes here is that Microsoft has now embedded an MCP-backed cloud workflow directly inside a flagship IDE.

Cursor in JetBrains and the End of IDE Lock-In

One of the quietest but most important developer-tooling stories of March 2026 is that Cursor is now available directly inside JetBrains IDEs through the Agent Client Protocol, or ACP, registry.

At first glance, this looks like a convenience feature. Cursor users can keep their preferred agent while staying in IntelliJ IDEA, PyCharm, or WebStorm. JetBrains users get access to a popular agentic workflow without switching editors. Nice, but not transformative.

Codex Security and the Rise of AI Reviewing AI

The next big shift in AI-assisted software development is not more code generation. It is AI for verification.

OpenAI’s new Codex Security research preview, announced in early March 2026, is a good signal of where the market is going. The product scans repositories commit by commit, builds repository-specific threat models, validates findings in isolated environments, and ranks issues with proposed fixes. OpenAI says early adopters used it to detect more than 11,000 critical and high-severity vulnerabilities while cutting false positives by more than 50%.

Why AI Is Hurting Your Best Engineers Most

The productivity story on AI coding tools has a flattering headline: senior engineers realize nearly five times the productivity gains of junior engineers from AI tools. More experience means better prompts, better evaluation of output, better use of AI on the right tasks. The gap is real and it makes sense.

But there’s a hidden cost buried in that same data. The tasks senior engineers are being asked to spend their time on are changing—and not always in ways that use their strengths well. Increasingly, the work that lands on senior engineers’ plates in AI-augmented teams is validation, review, and debugging of AI-generated code—a category of work that is simultaneously less interesting, harder than it looks, and consuming time that used to go to architecture, design, and mentorship.