惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

L
LangChain Blog
C
Check Point Blog
博客园 - Franky
V
Visual Studio Blog
云风的 BLOG
云风的 BLOG
aimingoo的专栏
aimingoo的专栏
Microsoft Security Blog
Microsoft Security Blog
V2EX - 技术
V2EX - 技术
AI
AI
Hacker News - Newest:
Hacker News - Newest: "LLM"
Jina AI
Jina AI
S
Security @ Cisco Blogs
Security Archives - TechRepublic
Security Archives - TechRepublic
H
Hacker News: Front Page
H
Hackread – Cybersecurity News, Data Breaches, AI and More
O
OpenAI News
Attack and Defense Labs
Attack and Defense Labs
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
爱范儿
爱范儿
H
Heimdal Security Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
G
Google Developers Blog
G
GRAHAM CLULEY
V
V2EX
The Register - Security
The Register - Security
人人都是产品经理
人人都是产品经理
B
Blog RSS Feed
Schneier on Security
Schneier on Security
M
MIT News - Artificial intelligence
Stack Overflow Blog
Stack Overflow Blog
Help Net Security
Help Net Security
大猫的无限游戏
大猫的无限游戏
C
CERT Recently Published Vulnerability Notes
The GitHub Blog
The GitHub Blog
V
Vulnerabilities – Threatpost
The Last Watchdog
The Last Watchdog
J
Java Code Geeks
S
Secure Thoughts
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
量子位
NISL@THU
NISL@THU
K
Kaspersky official blog
Engineering at Meta
Engineering at Meta
T
Threatpost
Recent Commits to openclaw:main
Recent Commits to openclaw:main
宝玉的分享
宝玉的分享
Security Latest
Security Latest
T
The Exploit Database - CXSecurity.com
博客园_首页
A
Arctic Wolf

Simon Willison's Weblog

Thoughts on GitLab’s workforce reduction A quote from James Shore Your AI Use Is Breaking My Brain TIL: Using LLM in the shebang line of a script Learning on the Shop floor A quote from New York Times Editors’ Note A quote from Andrew Quinn A quote from Luke Curley Release: llm-gemini 0.31 Tool: Big Words Behind the Scenes Hardening Firefox with Claude Mythos Preview Notes on the xAI/Anthropic data center deal Tool: GitHub Repo Stats Live blog: Code w/ Claude 2026 Vibe coding and agentic engineering are getting closer than I’d like Release: datasette-referrer-policy 0.1 Release: datasette-llm 0.1a7 Release: llm-echo 0.5a0 Granite 4.1 3B SVG Pelican Gallery A quote from Andy Masley April 2026 newsletter Research: TRE Python binding — ReDoS robustness demo Tool: Redis Array Playground A quote from Anthropic Sightings iNaturalist Sightings Codex CLI 0.128.0 adds /goal Our evaluation of OpenAI's GPT-5.5 cyber capabilities Quoting Andrew Kelley We need RSS for sharing abundant vibe-coded apps Release: llm 0.32a1 LLM 0.32a0 is a major backwards-compatible refactor Release: llm 0.32a0 Quoting OpenAI Codex base_instructions Quoting Matthew Yglesias What's new in pip 26.1 - lockfiles and dependency cooldowns! Introducing talkie: a 13B vintage language model from 1930 microsoft/VibeVoice Tracking the history of the now-deceased OpenAI Microsoft AGI clause WHY ARE YOU LIKE THIS Quoting Romain Huet GPT-5.5 prompting guide llm 0.31 DeepSeek V4 - almost on the frontier, a fraction of the price Tool: Millisecond Converter It's a big one russellromney/honker Serving the For You feed Extract PDF text in your browser with LiteParse for the web A pelican for GPT-5.5 via the semi-official Codex backdoor API Release: llm-openai-via-codex 0.1a0 Quoting Maggie Appleton A quote from Bobby Holley Is Claude Code going to cost $100/month? Probably not—it’s all very confusing Where’s the raccoon with the ham radio? (ChatGPT Images 2.0) A quote from Andreas Påhlsson-Notini scosman/pelicans_riding_bicycles Release: llm-openrouter 0.6 TIL: SQL functions in Google Sheets to fetch data from Datasette Claude Token Counter, now with model comparisons Headless everything for personal AI Research: Claude system prompts as a git timeline Adding a new content type to my blog-to-newsletter tool - Agentic Engineering Patterns Join us at PyCon US 2026 in Long Beach—we have new AI and security tracks this year Release: datasette 1.0a28 Release: llm-anthropic 0.25 Qwen3.6-35B-A3B on my laptop drew me a better pelican than Claude Opus 4.7 Tool: datasette.io news preview Release: datasette-export-database 0.3a1 Release: datasette 1.0a27 Gemini 3.1 Flash TTS Tool: Gemini 3.1 Flash TTS A quote from Kyle Kingsbury Release: datasette-ports 0.3 Zig 0.16.0 release notes: “Juicy Main” datasette PR #2689: Replace token-based CSRF with Sec-Fetch-Site header protection Tool: SQLite Query Result Formatter Demo Tool: SQLite Query Result Formatter Demo A quote from Giles Turnbull A quote from Giles Turnbull Research: SQLite WAL Mode Across Docker Containers Sharing a Volume Research: SQLite WAL Mode Across Docker Containers Sharing a Volume Tool: Cleanup Claude Code Paste Release: datasette-ports 0.1 Eight years of wanting, three months of building with AI A quote from Chengpeng Mou Tool: Syntaqlite Playground Release: scan-for-secrets 0.2 Release: scan-for-secrets 0.1.1 Release: scan-for-secrets 0.1 Release: research-llm-apis 2026-04-04 A quote from Kyle Daigle Vulnerability Research Is Cooked The cognitive impact of coding agents A quote from Willy Tarreau A quote from Daniel Stenberg A quote from Greg Kroah-Hartman Research: Can JavaScript Escape a CSP Meta Tag Inside an Iframe? The Axios supply chain attack used individually targeted social engineering Highlights from my conversation about agentic engineering on Lenny’s Podcast
Google I/O, Gemini Spark, Antigravity
Simon Willison · 2026-05-20 · via Simon Willison's Weblog

20th May 2026

It's hard to find much to write about Google I/O this year because I have a policy of not writing about anything that I can't try out myself, and a lot of the big announcements are "coming soon".

I actually prefer to write about things that are in general availability, because I've had instances in the past where the previews didn't match what was released to the general public later on.

Aside from Gemini 3.5 Flash the most interesting announcement looks to be Google's upcoming OpenClaw competitor Gemini Spark, described as "your personal AI agent" which can "connect natively with your favorite Google apps like Gmail, Calendar, Drive, Docs, Sheets, Slides, YouTube, and Google Maps". The FAQ for that also includes this confusing detail:

What Gemini model does Gemini Spark run on?

Gemini Spark runs on Gemini 3.5 Flash and Antigravity.

The antigravity.google website currently lists Antigravity as a desktop app, a CLI agent tool (written in Go), the Antigravity SDK (an open source Python wrapper around a bundled closed source Go binary), and the original Antigravity IDE (a VS Code fork).

I guess Gemini Spark, the user-facing hosted agent product, might be running on that Go binary, but I'm not sure why that's worth mentioning in the FAQ!

Naturally I went looking for notes on how Gemini Spark intends to handle the risk of prompt injection. The best information I could find on that was in the Everything Google Cloud customers need to know coming out of Google I/O post aimed at enterprise customers, which includes:

Spark operates in a fully managed, secure runtime on Google Cloud, meaning you get enterprise-grade security without ever having to manage the underlying infrastructure. Every task executes in a fresh, strictly isolated, ephemeral VM to help ensure data never overlaps between sessions. To protect your enterprise, all traffic routes through our secure Agent Gateway that enforces Data Loss Prevention (DLP) policies, while user credentials remain fully encrypted and are never exposed directly to the agent.

Given how many people are going to be piping very sensitive data through Gemini Spark in the near future I hope they've made this bullet-proof, or this could be a top candidate for the agent security challenger disaster that we still haven't seen.

Also of note: in Transitioning Gemini CLI to Antigravity CLI Google announce that the open source Gemini CLI tool (Apache 2.0 licensed TypeScript) will stop working with their AI subscription plans on June 18th, replaced by the new closed source Antigravity CLI.