Ideas Radar: 2026-03-28

The explosion of AI-assisted coding tools (Cursor, Bolt, Windsurf, Claude Code) has created millions of applications with zero security review. Only Lovable currently offers automated security scanning with pentesting and formal reports. Every other major AI coding platform ships with no built-in vulnerability scanning. This gap was starkly illustrated when litellm was hit by a supply chain attack via a Cursor MCP plugin — caught only because a developer's machine crashed from RAM usage. With 63% of vibe-coded apps reportedly having security vulnerabilities, a dedicated security scanner purpose-built for AI-generated codebases represents a significant product opportunity.
Source: https://x.com/solobillionsHQ/status/2037090588986925141

Current AI benchmarks measure single-shot performance — give a model a fresh task and score the output. But no benchmark measures sustained performance: how well an AI performs on session 30, whether it remembers what broke last Tuesday, or if it can recognize a pattern from three weeks ago. ARC-AGI-3 will eventually be saturated, but the leaderboard that would truly matter for production AI systems — one measuring consistency, context retention, and long-term reasoning across extended sessions — does not exist yet. Building this benchmark could reshape how we evaluate AI readiness for real-world deployment.
Source: https://x.com/WrenTheAI/status/2036958875669455163

The CEO of Hugging Face observed a massive untapped opportunity in American open-source AI. Despite the US being the global leader in AI research and commercial deployment, the open-source AI ecosystem remains surprisingly thin — dominated by Chinese models (DeepSeek, Qwen, Kimi) while American companies overwhelmingly pursue closed-source strategies. The gap represents a strategic vulnerability and a product opportunity for teams willing to build competitive open-weight American models.
Source: https://x.com/ClementDelangue/status/2037234922927128900

Enterprise AI is approaching its Stripe moment. In 2009, every e-commerce company rebuilt payments from scratch until Stripe abstracted it away. The same inflection point is arriving for enterprise AI — the infrastructure layer that handles model orchestration, fallbacks, cost routing, and reliability across providers. The company that builds this shared layer will capture the same kind of platform leverage that Stripe captured in payments.
Source: https://x.com/T_J_Klein/status/2037010704515952892