Forgework

2.8K posts

Forgework banner
Forgework

Forgework

@Forgework_

Personalize your Framework Desktop with high quality customized tiles!

Utah, USA Katılım Ağustos 2025
305 Takip Edilen888 Takipçiler
Sabitlenmiş Tweet
Forgework
Forgework@Forgework_·
Time to switch things up on your Framework Desktop? We can help: forgework.shop :)
English
2
2
16
2.7K
Ayla Croft
Ayla Croft@aylacroft·
Also so excited to showcase the incredible systems Hermes from @nous, Jido agent in runtime & Nemoclaw toolkit from @NVIDIAAI
Ayla Croft@aylacroft

Authority-Bound Agentic Flywheel aka Project HolyTrinity — Technical Overview The one-sentence version: an AI agent that can reason, plan, draft, and use tools freely — but is architecturally incapable of becoming the authority that decides whether its actions actually happen. The model proposes; a deterministic system authorizes. And every authorization leaves court-admissible proof. The problem it solves Every current approach to "safe AI agents" tries to make the model trustworthy — better guardrails, better prompt-injection classifiers, better alignment. All of it is probabilistic, and the published attack literature is unambiguous that none of it holds: indirect prompt injection defeats detectors at will, and a model that's 99% safe is still a model you cannot let touch money or send mail on its own. Trinity refuses the premise. It assumes the agent will eventually be wrong, jailbroken, prompt-injected, or outright hostile — and makes that assumption survivable by ensuring the agent's output is never the thing that authorizes an action. Authority lives in deterministic, auditable systems the model cannot reach into. The agent can be completely compromised and still cannot send an email, move a dollar, or mutate a record without the boundary independently authorizing it. How it actually works — the control loop A user asks Trinity to do something. Trinity is genuinely capable — it plans, drafts, looks things up, uses tools. Before the agent sees any external content (a document, an email, a web result), that content is quarantined and provenance-checked. Untrusted material can't smuggle instructions into the agent's context — every result re-entering the agent passes a content firewall, with no trusted exceptions, including the system's own database. When Trinity wants to do something with a side effect — send, spend, mutate — it doesn't do it. It emits a structured proposal. The agent has no path to a side effect; the only thing it can produce is a request. Sensitive proposals become an approval bound to an exact execution envelope — not a vague "approve this?" but a cryptographic fingerprint of precisely what will happen: recipient, amount, operation, scope, expiry. A human approves that exact thing. At execution, a single side-effect boundary (nothing bypasses it) re-validates everything — the approval, the scope, the payload hasn't changed, the account isn't frozen — and only then does an adapter execute. The provider's own receipt is fetched and matched against the local record. An independent verification layer checks the action was required, exact, timely, permissioned, and receipt-matched. All of it composes into a proof packet: a tamper-evident, hash-chained record of the entire chain, exportable as audit evidence, that exposes what happened without exposing secrets. If the agent's runtime behavior looks compromised — claims it already acted, tries to bypass the boundary, drifts from policy — it's treated as a supervised runtime failure: the worker is killed and reseeded from an immutable policy baseline, the unsafe output is suppressed, and an incident is recorded. You don't negotiate with a suspicious agent; you reset it. Why the architecture is the novel part Trinity is built on the BEAM (Elixir/OTP) — the runtime behind telecom systems that famously don't go down. This isn't an aesthetic choice; it's load-bearing. Nearly all agent-security work assumes Python. On the BEAM: Each agent session is an isolated, supervised process. "Kill and reseed a compromised agent" isn't a feature bolted on — it's what OTP supervision is. The runtime forces the right discipline: process memory is disposable, so durable authority has to live in the database, not in the agent's head. The architecture makes "the agent's memory is never the authority" structurally true rather than aspirational. The boundary is enforced at compile time: the system literally will not build unless every side-effecting operation is bound to a policy, an invariant, and a receipt type. Completeness of the safety boundary is a compiler guarantee, not a code-review hope. What it proves, concretely There are working demonstrations where: an approved action flows all the way through proposal → approval → execution → receipt → verification → proof; an action whose payload changes after approval is denied before it executes; a replayed action can't duplicate a side effect; a prompt-injected document is quarantined before it reaches the agent; and an agent that tries to bypass the boundary triggers an incident and gets reset. The whole point, made visible: the agent can be wrong, and it doesn't matter. Why it matters beyond the demo This is agent governance built as a control plane rather than a guardrail — durable authority records, receipt chains, proof packets, and runtime integrity in one system, deterministic where every competitor is probabilistic. The proof packets are designed to be real audit evidence (mapping to SOC 2 and emerging AI-governance requirements), which turns "provably governed AI" from a slogan into something an enterprise or a regulator can actually verify. As agents proliferate and the first serious agent-caused incidents land, the market shifts from "can the agent do impressive things" to "can you prove it can't do catastrophic ones." Trinity is built for that second question.

English
1
0
6
893
Geidel Guerra
Geidel Guerra@geidelguerra·
@Forgework_ I already upgraded my gaming PC, but it was time to upgrade the workstation and the 13 Pro is a great laptop. I hope it to be my workstation for many years.
English
1
0
1
18
Forgework
Forgework@Forgework_·
Probably need another framework desktop.
English
2
0
4
143
Forgework
Forgework@Forgework_·
@geidelguerra Ooo that’s also been catching my eye. But I need a dedicated comfy UI machine.
English
1
0
0
10
Kanye East
Kanye East@FuckedUpYogis·
Twitter INCELS are not capable of matching even 1 percent misogyny of ed twt.
English
9
13
414
11.8K
Forgework
Forgework@Forgework_·
@Teknium No… I just approve everything without reading it to pretend I’m responsible.
English
0
0
0
26
Teknium 🪽
Teknium 🪽@Teknium·
Do you use YOLO mode in your Hermes Agent?
English
101
2
116
23.8K
Bjarne Øverli
Bjarne Øverli@iamdothash·
Brrrrrr they say under heavy load
English
4
0
12
884
Forgework
Forgework@Forgework_·
Any SaaS company you can imagine is probably handleable at this point already. We are working on an entertainment company toolset that should be running this week. Then it’s onto the big boy: Setting up production and fulfilling manufactured goods. With those 3 tool sets we should be in a good spot to just let our system build to its hearts content in any industry it wants to! If you are interested in that check out @SALTY_ALTY555 he would share some of the GitHub links!
English
0
0
0
16
Abdul Șhakoor
Abdul Șhakoor@abxxai·
Decart just dropped Lucy 2.5 and it completely changes what live video can do. This is their Live AI model that edits video as it streams, no post production needed. > add, replace, or remove anything mid stream > restyle entire scenes on the fly > generate realtime VFX with a single prompt > better prompt adherence and more realism than before > already live across streaming, e-commerce, and advertising We are officially in the era where AI does not just generate video, it directs it live.
Decart@DecartAI

Meet Lucy 2.5, our most advanced Live AI model yet. Lucy edits videos in realtime, now with more capabilities and greater control. See how it's being used across streaming, e-commerce, advertising, and more 🧵

English
31
61
666
200.1K
Forgework
Forgework@Forgework_·
We keep throwing it out, and every morning it appears back on our desktop.
English
0
1
2
82
Forgework
Forgework@Forgework_·
@opencode Can we make an opencode tile for the framework desktop? 👉👈?
English
0
0
1
1.8K
OpenCode
OpenCode@opencode·
there's a lot of excitement around Kimi K3 so we are making it available immediately to OpenCode Go users we have not yet been able to negotiate a discount yet so it will currently consume your limits at a higher rate hopefully will figure this out soon
English
154
277
7.7K
610.1K
ByteDrag𝟶n
ByteDrag𝟶n@bdragoncore·
I want some taco bell iceburg lettice
English
6
1
15
699
Alex Ker 🔭
Alex Ker 🔭@thealexker·
underrated gems in Kimi-K3 release: > an early K3 wrote the majority of the kernels in the late development stages > it built a triton-class compiler from scratch, MiniTriton, that delivers performance on par with or better than Triton and torch.compile > then it designed a chip, by a model, for a model, in one 48-hour autonomous run the model is rewriting and optimizing every layer of the stack it runs on: kernels for its own training. A compiler for its own kernels. silicon for its own weights. we're watching software build its own hardware
Kimi.ai@Kimi_Moonshot

Introducing Kimi K3: Open Frontier Intelligence 🔹 2.8 Trillion Parameters, 1 Million Context, Native Multimodal 🔹 Kimi Delta Attention enables up to 6.3x faster decoding in million-token contexts 🔹 Attention Residuals deliver ~25% higher training efficiency at <2% additional cost 🔹 Built for long-horizon agentic coding and self-evolving workflows Kimi K3 is now live on on Kimi.com, Kimi Work, Kimi Code, and the Kimi API. Open Weights by July 27, 2026. 🔗 API: platform.kimi.ai 🔗 Tech blog: kimi.com/blog/kimi-k3

English
50
173
2K
305.1K
Forgework
Forgework@Forgework_·
@aylacroft Thanks so much! Hopefully with Hermes help we will be more consistent with posting!
English
0
0
1
32
Ayla Croft
Ayla Croft@aylacroft·
@Forgework_ Its true, your talent and ideas are under rated and need more attention
English
1
0
4
143