BUSINESS

Beef season 2 is back, but after its release day, it seems like a large portion of Netflix’s audience either doesn’t know or doesn’t care.

“I buy clothes at thrift stores.”

For the past year, early adopters of autonomous AI agents have been forced to play a murky game of chance: keep the agent in a useless sandbox or give it the keys to the kingdom and hope it doesn’t hallucinate a catastrophic “delete all” command.To unlock the true utility of an agent—scheduling meetings, triaging emails, or managing cloud infrastructure—users have had to grant these models raw API keys and broad permissions, raising the risk of their systems being disrupted by an accidental agent mistake. That tradeoff ends today. The creators of the open source sandboxed NanoClaw agent framework — now known under their new private startup named NanoCo — have announced a landmark partnership with Vercel and OneCLI to introduce a standardized, infrastructure-level approval system. By integrating Vercel’s Chat SDK and OneCLI’s open source credentials vault, NanoClaw 2.0 ensures that no sensitive action occurs without explicit human consent, delivered natively through the messaging apps where users already live.The specific use cases that stand to benefit most are those involving high-consequence “write” actions. That is, in DevOps, an agent could propose a cloud infrastructure change that only goes live once a senior engineer taps “Approve” in Slack. For finance teams, an agent could prepare batch payments or invoice triaging, with the final disbursement requiring a human signature via a WhatsApp card. Technology: security by isolationThe fundamental shift in NanoClaw 2.0 is the move away from “application-level” security to “infrastructure-level” enforcement. In traditional agent frameworks, the model itself is often responsible for asking for permission—a flow that Gavriel Cohen, co-founder of NanoCo, describes as inherently flawed.”The agent could potentially be malicious or compromised,” Cohen noted in a recent interview. “If the agent is generating the UI for the approval request, it could trick you by swapping the ‘Accept’ and ‘Reject’ buttons.”NanoClaw solves this by running agents in strictly isolated Docker or Apple Containers. The agent never sees a real API key; instead, it uses “placeholder” keys. When the agent attempts an outbound request, the request is intercepted by the OneCLI Rust Gateway. The gateway checks a set of user-defined policies (e.g., “Read-only access is okay, but sending an email requires approval”). If the action is sensitive, the gateway pauses the request and triggers a notification to the user. Only after the user approves does the gateway inject the real, encrypted credential and allow the request to reach the service.Product: bringing the ‘human’ into the loopWhile security is the engine, Vercel’s Chat SDK is the dashboard. Integrating with different messaging platforms is notoriously difficult because every app—Slack, Teams, WhatsApp, Telegram—uses different APIs for interactive elements like buttons and cards.By leveraging Vercel’s unified SDK, NanoClaw can now deploy to 15 different channels from a single TypeScript codebase. When an agent wants to perform a protected action, the user receives a rich interactive card on their phone. “The approval shows up as a rich, native card right inside Slack or WhatsApp or Teams, and the user taps once to approve or deny,” said Cohen. This “seamless UX” is what makes human-in-the-loop oversight practical rather than a productivity bottleneck. The full list of 15 supported messaging apps/channels contains many favored by enterprise knowledge workers, including:Slack WhatsApp Telegram Microsoft Teams Discord Google Chat iMessage Facebook Messenger Instagram X (Twitter) GitHub Linear Matrix Email Webex Background on NanoClawNanoClaw launched on January 31, 2026, as a minimalist and security-focused response to the “security nightmare” inherent in complex, non-sandboxed agent frameworks. Created by Cohen, a former Wix.com engineer, and marketed by his brother Lazer, CEO of B2B tech public relations firm Concrete Media, the project was designed to solve the auditability crisis found in competing platforms like OpenClaw, which had grown to nearly 400,000 lines of code. By contrast, NanoClaw condensed its core logic into roughly 500 lines of TypeScript—a size that, according to VentureBeat, allows the entire system to be audited by a human or a secondary AI in approximately eight minutes.The platform’s primary technical defense is its use of operating system-level isolation. Every agent is placed inside an isolated Linux container—utilizing Apple Containers for high performance on macOS or Docker for Linux—to ensure that the AI only interacts with directories explicitly mounted by the user. As detailed in VentureBeat’s reporting on the project’s infrastructure, this approach confines the “blast radius” of potential prompt injections strictly to the container and its specific communication channel.In March 2026, NanoClaw further matured this security posture through an official partnership with the software container firm Docker to run agents inside “Docker Sandboxes”. This integration utilizes MicroVM-based isolation to provide an enterprise-ready environment for agents that, by their nature, must mutate their environments by installing packages, modifying files, and launching processes—actions that typically break traditional container immutability assumptions.Operationally, NanoClaw rejects the traditional “feature-rich” software model in favor of a “Skills over Features” philosophy. Instead of maintaining a bloated main branch with dozens of unused modules, the project encourages users to contribute “Skills”—modular instructions that teach a local AI assistant how to transform and customize the codebase for specific needs, such as adding Telegram or Gmail support. This methodology, as described on NanoClaw’s website and in VentureBeat interviews, ensures that users only maintain the exact code required for their specific implementation. Furthermore, the framework natively supports “Agent Swarms” via the Anthropic Agent SDK, allowing specialized agents to collaborate in parallel while maintaining isolated memory contexts for different business functions.Licensing and open source strategyNanoClaw remains firmly committed to the open source MIT License, encouraging users to fork the project and customize it for their own needs. This stands in stark contrast to “monolithic” frameworks. NanoClaw’s codebase is remarkably lean, consisting of only 15 source files and roughly 3,900 lines of code, compared to the hundreds of thousands of lines found in competitors like OpenClaw.The partnership also highlights the strength of the “Open Source Avengers” coalition. By combining NanoClaw (agent orchestration), Vercel Chat SDK (UI/UX), and OneCLI (security/secrets), the project demonstrates that modular, open-source tools can outpace proprietary labs in building the application layer for AI.Community reactionsAs shown on the NanoClaw website, the project has amassed more than 27,400 stars on GitHub and maintains an active Discord community. A core claim on the NanoClaw site is that the codebase is small enough to understand in “8 minutes,” a feature targeted at security-conscious users who want to audit their assistant. In an interview, Cohen noted that iMessage support via Vercel’s Photon project addresses a common community hurdle: previously, users often had to maintain a separate Mac Mini to connect agents to an iMessage account.The enterprise perspective: should you adopt?For enterprises, NanoClaw 2.0 represents a shift from speculative experimentation to safe operationalization.Historically, IT departments have blocked agent usage due to the “all-or-nothing” nature of credential access. By decoupling the agent from the secret, NanoClaw provides a middle ground that mirrors existing corporate security protocols—specifically the principle of least privilege. Enterprises should consider this framework if they require high-auditability and have strict compliance needs regarding data exfiltration. According to Cohen, many businesses have not been ready to grant agents access to calendars or emails because of security concerns. This framework addresses that by ensuring the agent structurally cannot act without permission.Enterprises stand to benefit specifically in use cases involving “high-stakes” actions. As illustrated in the OneCLI dashboard, a user can set a policy where an agent can read emails freely but must trigger a manual approval dialog to “delete” or “send” one. Because NanoClaw runs as a single Node.js process with isolated containers , it allows enterprise security teams to verify that the gateway is the only path for outbound traffic. This architecture transforms the AI from an unmonitored operator into a supervised junior staffer, providing the productivity of autonomous agents without forgoing executive control.Ultimately, NanoClaw is a recommendation for organizations that want the productivity of autonomous agents without the “black box” risk of traditional LLM wrappers. It turns the AI from a potentially rogue operator into a highly capable junior staffer who always asks for permission before hitting the “send” or “buy” button. As AI-native setups become the standard, this partnership establishes the blueprint for how trust will be managed in the age of the autonomous workforce.

If you work in finance, you probably know the feeling of the phone buzz you are not supposed to answer.The client who will only text on WhatsApp.The colleague who sends you a Signal link instead of an email.On paper, the rules are clear. On desks and in group chats, the reality is messier and much more expensive.Regulators have already pinned roughly $3.2 billion in fines and settlements on big banks and brokers for “off‑channel” communications on WhatsApp, iMessage, Signal, SMS, and personal email that were never captured or archived as required. More than $2.5 billion in texting and WhatsApp penalties had piled up by mid‑2023. These penalties followed actions against firms including Wells Fargo and BNP Paribas over messages on personal devices that escaped recordkeeping systems, Bloomberg reported.The SEC and CFTC together have levied nearly $2 billion in recordkeeping penalties in just the latest wave of cases, Investopedia reported, with more coming as the investigation widens.I wanted to understand why, after all those headlines and training sessions, people are still breaking rules they sign their names to. So I talked with Avi Pardo, CBO of LeapXpert, a company that spends its days inside this mess.His answer was simple and uncomfortable: Policy and reality have split apart.“The policy existed. The behavior didn’t change.”When I asked how big the gap is between written policies and real‑world behavior, Pardo did not sugarcoat it. “The gap between policy and practice across the industry is structural, not incidental,” he said.He told me most firms maintain careful lists of approved and banned channels. The problem is not that the lists do not exist. It is that they are written for a world that no longer matches how people communicate.“Many of the firms that paid the largest fines already had policies on the books that explicitly prohibited channels such as WhatsApp, iMessage, Telegram, Signal, and others,” he said. “The policy existed. The behavior didn’t change.”Related: Bessent and Powell send Wall Street’s biggest banks a warningThat line stuck with me. I have sat through those annual compliance videos. I have clicked “I acknowledge” on policies that say no business on personal devices. Then I have watched people around me answer client texts anyway because the relationship felt more real there than in a corporate app no one checks.Pardo said he has seen that same movie play in hundreds of deployments in dozens of countries. “What we’ve seen is that banning these channels doesn’t work,” he said. “It drives the behavior underground.”The SEC’s texting probe is evidence of a “multi‑year pattern” where off‑channel messaging was simply how many desks did business, even as policies forbade it, International Banker reported in 2024.Hearing this description and Pardo’s experience side by side, it is hard to pretend this is about a few bad actors. It is a system that trained people to live in two realities at once.Enforcement of electronic business communication policies raises risksThe enforcement story has evolved, which is part of why this no longer feels like a harmless shortcut.It started with J.P. Morgan Securities paying $125 million to the SEC over recordkeeping failures tied to personal devices and unapproved apps, with the CFTC adding a $75 million penalty the same day. Then came the 16‑firm sweep where the SEC said it found “widespread and longstanding failures” to preserve electronic business communications and imposed more than $1.1 billion in fines.Regulators had discovered employees “routinely communicated about business matters” on messaging apps in ways that sidestepped mandatory recordkeeping, The New York Times wrote.Another $549 million in penalties hit 11 firms after they admitted they failed to maintain tens of thousands of messages on WhatsApp, iMessage, and other apps, Business Insider reported.Those firms acknowledged that “a majority” of off‑channel communications were never captured, CNN noted.By early 2024, the SEC was still adding new names, hitting another batch of broker‑dealers and advisers with more than $81 million in penalties for similar failures.When I asked Pardo what has changed inside firms, he did not talk about fear of another big number. He talked about fear at the top.“Regulators are no longer just fining the firm,” he said. “They’re looking at individuals: the managing directors, the desk heads, the compliance leaders who were responsible for supervision and either failed to act or used unapproved channels themselves.”“That changes the calculus entirely,” he added. “This is now a personal, career‑level risk for senior people.”The SEC has already collected thousands of staff messages from major investment firms as it escalates its probe and has asked companies to run internal sweeps on WhatsApp and Signal use, Reuters reported. If you are a junior banker, that may sound abstract. If you are the person who signs the annual attestation about supervision, it should feel very concrete.“We don’t take away WhatsApp”The part of this conversation that felt most human to me was where front‑office fear lives.Pardo said the biggest resistance he sees does not come from IT or even legal. “It depends on where the firm is in its compliance journey, but the most common source of friction is between compliance and the front office,” he said.More Wall StreetBillionaire Dalio sends 2-words on Fed pick WarshTop analyst bets these stocks will boost your portfolio in 2026Bank of America sends quiet warning to stock market investorsSales and wealth teams see messaging as oxygen. “Front‑office teams, particularly in sales and trading and wealth management, see messaging as their competitive edge,” he said. “They’ve built client relationships on WhatsApp and iMessage.”I have watched those threads at work: birthday messages, quick check‑ins, anxious texts when markets are rough. They do not feel like violations. They feel like the job.So when compliance says “we need to govern this,” Pardo said the first reaction is fear. “There’s an immediate fear that governance means restriction, that their ability to communicate effectively is about to be taken away,” he said.LeapXpert’s mission is designed to flip that script.“That’s exactly the wrong framing,” he said. “We don’t take away WhatsApp. We don’t force employees into a corporate app that no client wants to use. We enable the same channels, the same experience, with governance running underneath.”In his words, “The employee sends a WhatsApp message the same way they always have. The difference is that the message is now captured, archived, and supervised.”For someone who has watched colleagues juggle two phones and three identities to keep clients happy and compliance quiet, that sounds less like a tech feature and more like a pressure valve.Regulators now expect 3 things when capturing business communicationsOne thing that stood out in my conversation was how high the bar has moved. The old answer of “We tell people not to do it” is not just weak; it also creates evidence against you.Pardo said regulators now expect three basics.First, capture: “Every business communication on every channel your employees use, including WhatsApp, iMessage, SMS, Signal, and others, must be recorded and retained the same way you retain email,” he said. That includes metadata such as emojis, reactions, and voice notes.Second, supervise: “You can’t just store the messages,” Pardo said. “You have to actively monitor and review them with the same rigor you apply to email and voice.”Third, maintain accountability: “There has to be a clear chain of responsibility,” he added. “Supervisors need to know what their teams are doing on these channels and be able to demonstrate genuine oversight.”The SEC’s intensified scrutiny of off‑channel communications now focuses on whether firms have “integrated electronic messaging into their broader supervision and surveillance programs” and can show a real audit trail, Faegre Drinker wrote. Pardo said many firms that have already paid fines still fall short on that third piece.“Many firms responded to enforcement actions by deploying capture technology, but didn’t go far enough on supervision and accountability,” he said. “They’re archiving messages, which is a necessary first step, but they haven’t built the workflows to review those messages systematically, flag risks, and create an auditable trail.”He also sees firms underestimating how broad their coverage needs to be.“Some firms addressed WhatsApp but didn’t account for iMessage, SMS, or Signal,” he said. “Regulators are not going to accept partial solutions.”I heard that as a reminder that your compliance perimeter is not drawn by your device policy; it is drawn by whatever app your most important client prefers to use next week.

Economou/Getty Images

What a business communication compliance story looks likeThe final part of our conversation was the one I kept turning over afterward. If you are a firm that has already been in the crosshairs of regulatory scrutiny of electronic business communications, how do you convince regulators you’ll remain compliant?“A defensible ‘we fixed it’ story comes down to evidence,” Pardo said. “Not a policy update. Operational evidence.”He walked through what his best‑prepared clients now show exam teams.“You need to demonstrate that you’ve deployed technology that captures all business communications across all channels,” he said. “You need to show that capture is integrated into your supervision program. You need to prove that supervisors have genuine oversight and are exercising it. And you need an audit trail that documents all of this.”LeapXpert’s latest platform leans into what he calls Communication Data Intelligence, branded as LeapXpert Signals.He said it lets firms analyze patterns in the data they are now forced to collect: “topics, sentiment, trends, and potential risk indicators” that can move firms “from reactive compliance to proactive governance.”In other words, you cannot just prove that you have the messages. You have to prove that you learned something from them.Wall Street communication compliance matters for investorsIt would be easy to file this under “problems for bankers and lawyers.” But if you are the person whose retirement money or savings is being managed, this is about your trust, too.When the SEC says it cannot see work chats it was supposed to see, it is really saying it cannot fully police insider trading, front‑running, or abusive sales tactics that might be happening in those channels.When firms pay billions in fines and then spend more on remediation, those costs eventually show up in what clients pay, even if no one spells it out on a statement.And there’s another, quieter angle. If your adviser insists that important conversations stay on firm email or recorded lines, that might feel stiff compared with a WhatsApp thread.After talking with Pardo, I see that stiffness a little differently. Sometimes the formality is a form of protection, for both sides.Wall Street’s $3.2 billion texting problem is not going away because phones are not going away. The question is whether the industry can finally stop pretending that “don’t do it” is a real plan and build systems that match how people actually live and work.Related: The sectors Wall Street is quietly rotating into now

There’s a mental trap that catches even experienced investors, and it has nothing to do with picking bad stocks or mistiming the market. It’s called anchoring, and once you recognize it, you’ll start seeing it in your own decisions.

Anchoring happens when your brain latches onto a specific number and uses it as a reference point for every decision that follows. The number feels meaningful. It feels like context. But most of the time, it’s a number you’ve assigned significance to — not because it has any bearing on what you should do next.

The Purchase Price Trap

The most common form of anchoring is the one every investor has felt: You bought a stock at $80. It drops to $50. Instead of asking “would I buy this today at $50?” you hold on — or buy more — because $80 still feels like the real value.

It isn’t. The stock doesn’t know what you paid for it. The market doesn’t care. The only question that matters is whether the stock is worth owning at its current price. But the purchase price sits in the back of your mind like a benchmark, distorting how you assess value from that point forward.

The 52-Week High

Investors constantly use a stock’s 52-week high as a measuring stick for value. A stock that peaked at $120 and now trades at $75 feels like a bargain. But the 52-week high is an arbitrary number, a byproduct of when you happened to look it up. It tells you nothing about whether $75 is a fair price today.

This cuts both ways. Investors also avoid buying stocks near their 52-week high because they feel expensive, even when the fundamentals support the price. The anchor distorts the analysis in both directions.

Round Number Targets

An investor decides they’ll sell when a stock hits $100. It climbs to $97, stalls, then starts sliding back. They wait. The round number they set in their mind has become more real to them than the price action in front of them.

Round numbers are convenient for planning, but they’re not magic. A stock at $97 that’s turning over isn’t obligated to reach $100 before you’re allowed to act. When the target becomes more important than the evidence, anchoring is running the show.

The “Get Back to Even” Trap

The purchase price trap is about valuation — using what you paid as a proxy for what something is worth. This is a different problem. Here, the loss itself becomes the obsession, and recovering it becomes the goal. Instead of asking what their money can do from here, an investor down 40% restructures their entire approach around one objective: Get back to what they put in. Other opportunities get ignored. Portfolio balance gets thrown off.

Getting back to even is not an investing strategy. It’s an emotional response. The original investment amount is gone the moment you make the trade. What matters is what your money can do from here.

Interest Rate Anchoring

This one shows up in less obvious places. Investors who experienced higher interest rates in earlier decades often find current rates deeply unsatisfying, even when those rates are reasonable by any objective measure. They park money in cash waiting for rates to “return to normal,” not realizing that their “normal” is just whatever rate they’re anchored to from a previous era.

The same dynamic plays out with expected returns. An investor used to seeing 15% annual gains in a strong bull market may dismiss a 7% year as a failure, even though 7% is a healthy long-term return by historical standards.

Analyst Price Targets

When a Wall Street analyst publishes a price target, that number becomes an anchor whether you intend it to or not. Research shows that once a specific number is introduced, it shifts how people evaluate subsequent information, even when the number has no special significance.

A $150 price target doesn’t make a stock worth $150. Analyst models are built on assumptions, and those assumptions change. Using a published target as your benchmark for value means outsourcing your judgment to someone else’s spreadsheet.

How To Manage the Urge to Anchor

Anchoring is hard to catch because it doesn’t feel like a bias. It feels like memory, or discipline, or keeping track. A few habits that help:

When evaluating a position you already hold, ask yourself: If I had cash instead of this stock today, would I buy it at this price? If the answer is no, the purchase price anchor may be the only thing keeping you in.

When a loss is on the table, separate the question of what you paid from the question of what to do next. Those are two different questions, and only one of them is still relevant.

When you catch yourself waiting for a round number to buy, sell, or act, ask whether that number reflects anything real about the investment, or whether it’s just a number that got stuck in your head.

The goal isn’t to ignore price history entirely. Context matters. But the numbers that stick in our minds the longest are often the ones that should carry the least weight.
The post Anchoring: Are You Making This Classic Investing Mistake? appeared first on Clark Howard.

Bitcoin climbs above its 100-day moving average, while Strategy moves back above its 200 week trend level.

Oil prices were falling on Friday morning after Iran’s foreign minister said the passage for all commercial vessels through Strait of Hormuz is declared open for the remaining period of the cease-fire.

Netflix continues to expand its lineup of live sports events as it searches for new ways to drive new subscriptions and decrease subscriber churn.

Hedera (HBAR) joined Stellar (XLM) as a top performer, rising 1.4% from Thursday.

Iran’s foreign minister said the Strait of Hormuz will remain completely open for the remainder of the ceasefire.