Basel Ismail

Introducing Skillful.sh! I got tired of checking 10 different directories every time I needed to find an MCP server, an AI skill, or an AI agent framework. So I built Skillful.sh. It crawls and indexes 55+ directories, registries, and package managers across the AI agent ecosystem. Right now, it's tracking 314,000+ tools across MCP servers, AI skills, and AI agents. Every tool gets a security score (A+ through F) based on static analysis, dependency vulnerabilities, and AI code review. You can filter by category, security grade, star count, downloads, license, whatever you need. One search instead of twelve tabs. It's free to use, and as a developer, you can publish your package to all directories at once! No need to worry about the exact formatting requirements for publishing to each service! skillful.sh

@brennhill @magheru_san Will try it, thank you!

@magheru_san @BaselIsmail github.com/brennhill/slop… This is why i built this. It blocked axios attack and the litellm attack

URGENT PSA - New supply chain attack vector that I found WILD > AI LLMs hallucinate package names roughly 18-21% of the time. Hackers have started pre-registering those hallucinated names on PyPI and npm with malicious payloads; they call it "slopsquatting" You can only imagine what's next

@magheru_san I couldn’t agree more, it doesn’t take longer than 2-3 minutes to scan each incoming package submission, I’m sure publishers and devs would be completely fine waiting a few minutes before it’s published to the libraries if it helps keep everyone secure!

The solution for this problem is for NPM and PyPy improve their static scanners and block packages with names similar to prominent existing packages. Last week there was a supply chain attack that was found in no time by someone running some automated scanner better than what NPM was using.

EXACTLY! It angers people when I compare open source and close source, but we don’t have a choice, close source models are exceptionally expensive when you’re using them for advanced work and/or a client needs data to be completely private and needs to maintain data confidentiality, that’s why we are forced to explore open source options and I’ve been quite pleased with the open source models

@BaselIsmail @LangChain you start comparing outputs and suddenly question why you’ve been paying so much all along

Open source models are now scoring within a few points of Claude Opus and GPT-5.4 on agentic evals by @Langchain, and the cost difference is fairly absurd. This is a very controversial topic, because it ruffles many feathers when you evaluate an open-source model (at 1/10th to 1/20th of the price) relative to its more expensive benchmark

The questions I keep coming back to are: > Whether the remaining gaps in conversation and memory tasks matter enough for your specific use case, or if 90% of the way there at 10% of the cost is the better trade, time will tell. >> I have been running a few social experiments on this front to see whether a group of users can differentiate a Frontier Model from a less expensive model for specific functions. I will write more about this later, if more folks are interested in it I would love to share notes

That maps well to how we think about cost management when you're running agents at scale. This is a challenge I struggle with daily with my projects, because the model cost is only one small component of the larger infrastructure costs, and it is not a simple optimization problem. > For anyone building AI products right now, the calculus on model selection just changed.

@ronsh725 Yes, absolutely, but the security score itself is less important than the actual security vulnerability analysis which outlines concerning lines of code, that’s far more critical to review

@BaselIsmail Would the security scoring mechanism not be susceptible to such an attack as well, if an LLM is involved in scoring itself?

skills are doing to MCP what npm packages did to Node.js security, and we're making the same mistakes everyone's been focused on securing MCP at the protocol layer. process isolation, scoped credentials, transport security, important work but while we were locking the front door, a new layer showed up with no locks at all skills. the packaged bundles of instructions and code that agents load at runtime. It bypasses MCP's isolation model from above here's why this is the biggest gap in agentic security right now 🧵

@bcherny I understand the business decision, I do, but I believe it will drive more users towards competitive platforms which are offering a superior onboarding process like connecting OpenClaw to OpenAI OAuth, albeit it asks you to reauthenticate often, but still natively supports it!

Starting tomorrow at 12pm PT, Claude subscriptions will no longer cover usage on third-party tools like OpenClaw. You can still use these tools with your Claude login via extra usage bundles (now available at a discount), or with a Claude API key.

I wonder how many tech and engineering departments are genuinely pre-planning for a world where mid to late 2028 is the number?

The gap between "useful coding assistant" and "autonomous coder" is closing faster than the benchmarks would even suggest. As wild as that may sound, that is the truth, and I am not convinced enough business executives are grasping that.

The AI Futures Project just shifted its median Automated Coder (AC) timeline forward by about 1.5 years. @DKokotajlo moved it from late 2029 to mid 2028, @eli_lifland from early 2032 to mid 2030 The AC milestone is basically the point in time where an AGI-powered company would likely consider laying off all of their actual software engineers, rather than slowing down AI software engineering adoption

@antononone @Fai5alAld0sar1 I could not agree more, I always say that to others, just jump in and try it firsthand! There is no better way to find what suits you best, but people are always trying to take shortcuts and skip steps

@Fai5alAld0sar1 @BaselIsmail When gpt was realised I saw some marketer asking opinions on his tech-stack in Linkedin. Mostly devs calling out the stack AI generated bullshit. Anyways if you have to ask what is the best tool you don’t really know programming. Part of the fun in testing tools and what suits u