Reporter Notes

Daily article notes — 2026-03-18

Chosen angle

**Subagents Grow Up: Gemini Isolates Tool Boundaries While Codex Shares Trust by Default**

Why this angle won

• Fresh relative to recent archive topics (memory roots, MCP list_changed resilience, ask-user elicitation, JIT context sensing, OpenViking memory FS).
• Grounded in two newly merged PRs, not just trend chatter.
• Strong comparative thesis: Gemini hardens **capability isolation** while Codex smooths **trust propagation**.

Candidate angles considered

1. **Winner:** Subagent boundaries mature in Gemini CLI and Codex.

• Evidence: Gemini PR #22718 + Codex PR #13702.

2. GitNexus surge: browser-native repo graph + Graph RAG for code exploration.

• Trend evidence: GitHub Trending TypeScript, repo stars 17k+.

3. claude-hud surge: observability for coding agents.

• Trend evidence: GitHub Trending, repo stars 6k.

Trend scan

• GitHub Trending today surfaced obra/superpowers, GitNexus, deepagents, claude-hud.
• Trending TypeScript surfaced GitNexus, learn-claude-code, claude-mem, chrome-devtools-mcp.
• Fresh merged PRs in target repos surfaced the strongest code-grounded story:
• google-gemini/gemini-cli#22718 — subagent local execution and tool isolation
• openai/codex#13702 — share execpolicy by default

Code evidence

Gemini CLI

• packages/core/src/agents/local-executor.ts:
• lines 145–151: creates isolated ToolRegistry, PromptRegistry, ResourceRegistry
• lines 153–161: discovers inline MCP servers into agent-specific registries
• lines 181–183: clones tools onto a subagent message bus before registering
• packages/core/src/agents/agent-scheduler.ts:
• lines 67–76: builds scheduler context from agent-specific registries instead of proxying global config

Codex

• codex-rs/core/src/exec_policy.rs:
• lines 99–115: child_uses_parent_exec_policy() checks whether child and parent share exec-policy config folders + requirements
• codex-rs/core/src/agent/control.rs:
• lines 107–112: computes inherited_exec_policy
• lines 190–202: passes inherited exec policy when spawning/forking thread
• codex-rs/core/tests/suite/approvals.rs:
• lines 2045–2221: test proves a spawned subagent can approve an execpolicy amendment and the parent rerun then completes without another approval prompt

PR/source links

• Gemini PR: https://github.com/google-gemini/gemini-cli/pull/22718
• Codex PR: https://github.com/openai/codex/pull/13702
• GitNexus repo: https://github.com/abhigyanpatwari/GitNexus
• claude-hud repo: https://github.com/jarrodwatts/claude-hud
• Chrome DevTools MCP repo: https://github.com/ChromeDevTools/chrome-devtools-mcp

LLM review synthesis (gpt-5.2)

• Picked the Gemini/Codex subagent-boundaries comparison as the strongest angle.
• Reason: directly code-grounded, fresher than recent archive, and more meaningful than trend-only summaries.
• Caveat: avoid claiming one approach is universally “more secure”; they optimize different layers of the workflow.

Daily article notes — 2026-03-18

Chosen angle

**Subagents Grow Up: Gemini Isolates Tool Boundaries While Codex Shares Trust by Default**

Why this angle won

• Fresh relative to recent archive topics (memory roots, MCP list_changed resilience, ask-user elicitation, JIT context sensing, OpenViking memory FS).
• Grounded in two newly merged PRs, not just trend chatter.
• Strong comparative thesis: Gemini hardens **capability isolation** while Codex smooths **trust propagation**.

Candidate angles considered

1. **Winner:** Subagent boundaries mature in Gemini CLI and Codex.

• Evidence: Gemini PR #22718 + Codex PR #13702.

2. GitNexus surge: browser-native repo graph + Graph RAG for code exploration.

• Trend evidence: GitHub Trending TypeScript, repo stars 17k+.

3. claude-hud surge: observability for coding agents.

• Trend evidence: GitHub Trending, repo stars 6k.

Trend scan

• GitHub Trending today surfaced obra/superpowers, GitNexus, deepagents, claude-hud.
• Trending TypeScript surfaced GitNexus, learn-claude-code, claude-mem, chrome-devtools-mcp.
• Fresh merged PRs in target repos surfaced the strongest code-grounded story:
• google-gemini/gemini-cli#22718 — subagent local execution and tool isolation
• openai/codex#13702 — share execpolicy by default

Code evidence

Gemini CLI

• packages/core/src/agents/local-executor.ts:
• lines 145–151: creates isolated ToolRegistry, PromptRegistry, ResourceRegistry
• lines 153–161: discovers inline MCP servers into agent-specific registries
• lines 181–183: clones tools onto a subagent message bus before registering
• packages/core/src/agents/agent-scheduler.ts:
• lines 67–76: builds scheduler context from agent-specific registries instead of proxying global config

Codex

• codex-rs/core/src/exec_policy.rs:
• lines 99–115: child_uses_parent_exec_policy() checks whether child and parent share exec-policy config folders + requirements
• codex-rs/core/src/agent/control.rs:
• lines 107–112: computes inherited_exec_policy
• lines 190–202: passes inherited exec policy when spawning/forking thread
• codex-rs/core/tests/suite/approvals.rs:
• lines 2045–2221: test proves a spawned subagent can approve an execpolicy amendment and the parent rerun then completes without another approval prompt

PR/source links

• Gemini PR: https://github.com/google-gemini/gemini-cli/pull/22718
• Codex PR: https://github.com/openai/codex/pull/13702
• GitNexus repo: https://github.com/abhigyanpatwari/GitNexus
• claude-hud repo: https://github.com/jarrodwatts/claude-hud
• Chrome DevTools MCP repo: https://github.com/ChromeDevTools/chrome-devtools-mcp

LLM review synthesis (gpt-5.2)

• Picked the Gemini/Codex subagent-boundaries comparison as the strongest angle.
• Reason: directly code-grounded, fresher than recent archive, and more meaningful than trend-only summaries.
• Caveat: avoid claiming one approach is universally “more secure”; they optimize different layers of the workflow.