Vibe Coding Weekly #35
The most capable coding model of the year shipped — and was pulled worldwide three days later. Plus Copilot's 50x billing shock and GitHub's all-in bet on becoming the platform for agents.
This week in one satisfying refactor:
The Big Story: GitHub Copilot’s switch to usage-based billing went live on June 1 — and developers are reporting 10x–50x cost increases overnight, with agentic coding sessions eating through a month of credits in a single sitting.
The New Default: Windsurf retired after one year and shipped as Devin Desktop — Cascade replaced by a Rust-rewritten agent, Agent Command Center as the new home screen, and open ACP protocol letting any agent run alongside Devin in the same workspace.
The Platform Bet: GitHub shipped Agentic Workflows in public preview, GitHub Copilot Sandboxes, and the Copilot SDK GA all in the same week — making GitHub the platform layer for running agents, not just the host for their output.
If you only read one thing this week: Claude Fable 5 launched on June 9 as the first publicly available Mythos-class model, and the benchmark gap is significant: 80.3% on SWE-bench Pro versus 69.2% for Opus 4.8 and 58.6% for GPT-5.5. The real number isn’t on a leaderboard, though — it’s in a Stripe engineering report. Fable 5 completed a codebase-wide migration of a 50-million-line Ruby codebase in one day. The same task had been estimated at two months of team work. At $10/$50 per million input/output tokens (2× Opus 4.8), it was free on all paid Claude plans through June 22 — but the story took a sharp turn on June 12, when a US government export-control directive forced Anthropic to suspend access to Fable 5 and Mythos 5 worldwide, for every customer inside and outside the United States, citing national-security concerns over a potential jailbreak of Fable’s safeguards. Anthropic disputes the decision — calling the vulnerability a “narrow, non-universal jailbreak” no different from competing models — but is complying. All other Anthropic models remain available. The most capable coding model of the year was publicly accessible for three days. Read more →
Key Takeaways
GitHub Copilot’s billing shock is the first crack in the “unlimited AI for a flat fee” model: Developers report projections jumping from $29/month to $750 and from $50/month to $3,000 — agentic coding sessions routinely hit $30–$40 each, blowing through a Pro user’s $10 monthly credit ceiling in one sitting. Code completions remain unlimited, but the economics of agentic workflows at scale have fundamentally changed. Read more →
GitHub Agentic Workflows in public preview lets you define CI automation in plain Markdown: The system compiles natural-language workflow descriptions into standard GitHub Actions YAML, supports issue triage, CI failure analysis, and code simplification, and runs agents in sandboxed containers with an Agent Workflow Firewall — no personal access token required, GITHUB_TOKEN is enough. Read more →
The Copilot SDK GA turns GitHub’s agentic engine into an embeddable building block: Available across six languages (Node.js, Python, Go, .NET, Rust, Java), it exposes custom tool registration, MCP server integration, lifecycle hook interception, and OpenTelemetry tracing — meaning any developer tool can now embed Copilot’s agentic reasoning layer, not just use it through GitHub’s surfaces. Read more →
OpenCode sub-agents can now spawn sub-agents up to 5 levels deep: This mirrors Claude Code’s own nested sub-agent architecture (also shipping this week in v2.1.172) — a convergence across tools toward multi-agent pipeline depth as the default architectural pattern for complex coding tasks. Read more →
Cursor Bugbot is now 3x faster, finds 10% more bugs, and costs 22% less: The combination of speed, quality, and cost moving simultaneously in the same direction is unusual — Bugbot previously felt like a slow tax you paid for safety, and the
/reviewcommand now makes it a natural pre-push habit. Read more →Kiro’s spec-driven workflow now works on GitLab and in the browser: Teams that live in GitLab can now plan work as reviewable requirements and task files in Kiro Web before the agent writes a line of code — extending a Spec-First approach that was previously limited to GitHub-connected repositories. Read more →
The stories this week aren’t hard to find. What’s hard is knowing which ones actually matter before your team asks you on Monday.
That’s the only thing Vibe Coding Weekly does: cut through the volume so you arrive at the week with context, not anxiety.
Subscribers also get Change Management in Agentic AI Adoption — the framework for the conversation that always comes after “we should use AI more”: how to actually move an organization that didn’t ask to be moved. Included with every subscription.
📦 Releases & News
Windsurf Is Now Devin Desktop
Cognition retired the Windsurf brand on June 2 and shipped Devin Desktop as a standard over-the-air update. Three things materially changed: Cascade is replaced by Devin Local — a Rust rewrite that is up to 30% more token efficient and supports subagents; the Agent Command Center is now the default screen when you open the app instead of the code editor; and the product ships with open Agent Client Protocol support, letting Claude Agent, Codex, and OpenCode run alongside Devin in the same workspace. Existing Windsurf plans, pricing, and extensions carry over without changes. Cascade remains available until July 1, 2026.
OpenAI Launches Codex for Every Role: Role-Specific Plugins and Sites
OpenAI launched six role-specific Codex plugins (data analytics, creative production, sales, product design, equity investing, investment banking) alongside Codex Sites — the ability to create and host interactive web apps and dashboards that you can share via URL. Codex now has 5 million weekly active users, up 6x since the desktop app launched in February. Knowledge workers, who make up 20% of users but are growing 3x faster than developers, are the intended primary audience for this expansion. This marks a deliberate move from Codex as a coding tool to Codex as a cross-functional work platform.
Claude Code v2.1.169: Safe Mode and /cd Command
Claude Code ships two significant quality-of-life changes on June 8–9: --safe-mode disables all customizations while preserving authentication, giving you a clean diagnostic environment when a plugin or configuration breaks things; and /cd moves your session to a new working directory without breaking the prompt cache. The same release adds post-session hooks, fixes Up/Down arrow history navigation for long inputs, and tightens enterprise MCP policy enforcement on reconnect.
Claude Code v2.1.172: Sub-Agents Spawn Sub-Agents
The June 10 release enables sub-agents to spawn their own sub-agents up to 5 levels deep, unlocking recursive multi-agent pipeline architectures inside a single Claude Code session. Also in this release: a plugin marketplace search bar in /plugin, model attribute added to OTEL metrics for per-model cost attribution, and performance improvements that reduce idle CPU usage. Background agent directory isolation is also fixed, preventing cross-agent state leakage.
GitHub Copilot App Opens to All Subscribers with Canvases
The GitHub Copilot app technical preview expands to all Pro, Pro+, Business, and Enterprise subscribers. The focal feature is Canvases — bidirectional work surfaces where agents write to actual work objects (plans, PRs, checklists) rather than chat messages, making progress visible and editable in real time. Voice input via on-device speech recognition is also included, and cloud-based agent sessions let you hand off from CLI into the app interface.
Cloud and Local Sandboxes for GitHub Copilot in Public Preview
GitHub ships two sandbox types for Copilot agents: local sandboxes (built on Microsoft MXC technology, enabled via /sandbox enable) restrict Copilot’s access to filesystem, network, and system capabilities while running on your machine; cloud sandboxes (copilot --cloud) launch isolated GitHub-hosted Linux environments for stronger security boundaries. Both are included in standard Copilot seats, giving teams agentic workflow security without upgrading their plan.
Copilot CLI: Rubber Duck Agent, Prompt Scheduling, and Voice Input
The GitHub Copilot CLI gets four new capabilities at once: a Rubber Duck agent that critiques plans, designs, implementations, and tests before you ship; /every and /after slash commands for scheduling recurring or delayed prompts (e.g., /every 30m run the frontend tests); hold-space-bar voice dictation with on-device audio processing; and a redesigned experimental terminal UI with tabs for Sessions, Issues, PRs, and Gists. Rubber duck and voice are GA; scheduling and the new UI are via /experimental.
Gemini CLI v0.45.0: Context Management Refactor and A2A Metadata
The June 3 stable release completes a significant refactor of Gemini CLI’s context management system for improved architectural reliability, adds usage metadata exposure to the Agent-to-Agent (A2A) protocol for transparent resource monitoring across multi-agent flows, and resolves critical PTY resize errors and Termux relaunch loops that had been affecting terminal stability. This is likely one of the final major releases before Gemini CLI stops serving free and Google AI Pro/Ultra users on June 18.
OpenCode v1.17.0: WSL Desktop and Faster File Search
OpenCode v1.17.0 (June 10) adds WSL-backed Desktop support and Windows server management, making OpenCode a fully viable option for Windows-native development for the first time. File search is now faster using fff-backed tools, and a revamped sessions and servers UI improves navigation in long-running projects. The follow-on v1.17.4 (June 12) adds workspace-relative directory support for local MCP servers and connector-based authentication with provider credential storage.
Kiro Pro Max: $100/Month Tier and Self-Correcting Subagent Pipelines
Kiro launches a Pro Max tier at $100/month offering 5,000 monthly credits — 2.5x the Pro+ allocation — with premium model access and the full feature set. The same release ships a subagent self-correction pipeline: a reviewer stage can send tasks back to the implementer and loop until the work passes the bar, turning multi-agent pipelines into self-correcting workflows for use cases like code review and refactoring.
📚 Tutorials and Resources
Cursor SDK Updates: Custom Tools, Auto-Review Routing, and Nested Subagents
Cursor’s June 4 SDK update adds significant programmability for teams building on the platform. Custom tools can be registered via local.customTools and exposed to the agent at runtime; auto-review routing lets teams define per-tool permission policies in permissions.json so approved tool calls run without interruption while higher-risk calls escalate; nested subagents are now supported; and JSONL and SQLite custom store options enable persistent agent memory across sessions. Worth reading for any team building internal tooling on top of Cursor’s agent runtime.
Enterprise-Managed Plugins in VS Code: Distributing Agents at Scale
Enterprises can now configure and auto-install Copilot CLI plugins across all licensed VS Code users via settings.json, removing manual setup from developer onboarding. Custom agents, shared MCP configurations, and enterprise-wide hook policies apply automatically — a meaningful governance lever for teams that have been managing plugin sprawl manually. The feature is in public preview and requires VS Code release 1.122 or later.
GitHub Copilot CLI /security-review: On-Demand Security Scanning Before You Push
The new /security-review slash command (experimental, public preview) analyzes local code changes and returns high-confidence findings scored by severity and confidence — covering injection flaws, XSS, insecure data handling, path traversal, and weak cryptography. It runs as an independent AI scan, designed to complement Dependabot and code scanning rather than replace them. The value proposition is speed: findings arrive without leaving the terminal, before code ever hits a PR.
💡 Others
Cursor Design Mode: Select UI Elements, Talk to the Agent, Watch It Edit
Cursor 3.7’s Design Mode inside Canvases lets users select and annotate UI elements directly in-browser — the agent sees the element, surrounding layout, and visual relationships, and can act on voice narration or typed annotations. It closes a workflow gap that has existed since canvas editing launched: the inability to communicate visually about specific components without describing them in text. The companion Context Usage Report breaks down exactly where your tokens go across system prompt, tool definitions, rules, and skills.
Next week, the stack keeps moving. So does this newsletter. Fall behind one week, and you’ll spend the next three catching up.
Every week, a new model drops. A new agent framework ships. A new “this changes everything” thread goes viral. And you still have actual code to write.
Every Monday, you open your inbox and already know what matters. You’ve skipped three viral threads that turned out to be nothing. You know that Claude Fable 5 compressed two months of Stripe engineering into a single day, that GitHub’s billing change made the agentic workflows your team relies on dramatically more expensive, and that sub-agents can now spawn sub-agents — five levels deep — across every major tool in your stack. You didn’t spend your weekend reading to know this. We did.
That’s what Vibe Coding Weekly is. For developers, architects, tech leads, and everyone building or managing software in the age of AI.
Clean code and positive vibes,
Angel.