reeslo

japon bir geliştirici, claude code'un kimsenin konuşmadığı trick'ini buldu. "find skills" diye bir skill kurdu. claude code'un içine küçük bir mcp paketi gibi oturuyor. yapacağı işi bir kere yazıyor. claude, anthropic ekosistemindeki yüzlerce skill'i tarıyor, en uygun workflow'u kendi kuruyor. > video script (notion + claude) > b-roll seçimi (veo3) > thumbnail (sora) > caption + zamanlama (buffer) > performans takibi (typefully) hepsi tek prompt'la. youtube kanalı durmadan içerik basıyor. o sadece outcome yazıyor. millet hala "ai zaman kazandırıyor" sanıyor. o ai'ya bütün workflow'unu yedirdi. bizimkiler hala chatgpt'ye "şunu yaz" diyor. KAYDET.

Anthropic just paid millions to hire Andrej Karpathy. He gave you the same knowledge for $0 the same week. Co-founder of OpenAI. Former head of AI at Tesla. The man who coined vibe coding. No recruitment fee. No exclusive access. Just a link and 29 minutes. LLMs are ghosts not animals. Vibe coding is dead. Software 3.0 is here. Watch it. Then read this. Because Karpathy tells you what Software 3.0 is. This shows you how to build one - a software factory with Claude Code that ships features while you sleep. The full build guide is below.

Depuis 5 jours (date du tweet cité), tous les scientifiques du climat sont traités de "menteurs", de "vendus", de "catastrophistes", d'exagérer ou d'employer des termes inadéquates. Pour la 1ère fois, @meteofrance déclenche une vigilance orange #canicule en mai. On vient de franchir un nouveau cap, mais cette fois-ci avec une anomalie statistique inédite.

Claude Code is about to release a feature called /workflows that I think will be extremely significant. Especially for Enterprise AI. I talked about this in 2024 in a post called Companies Are Just Graphs of Algorithms. Basically the idea is that all work is just an algorithm, i.e., a series of steps to accomplish a goal. Skills and Cowork have been heading in this direction already, and we've seen what that's done to company valuations in various spaces. Well this is closer to the final form. It's turning the regular, expected work that's done in companies into pseudo-deterministic workflows that follow defined SOPs. The human role will be determining what problems to solve (taste, expeirence, etc), building new products from that, and then optimizing these workflows from above. But the work itself will be these workflows executed according to SOPs.

@Suryanshti777 I dropped cocoindex to this. I don't measure benefits..

This is wild 🤯 Somebody finally realized AI coding agents spend half their time searching your codebase instead of actually understanding it. So they built a local knowledge graph for Claude Code, Cursor, Codex CLI, OpenCode, and Hermes Agent. Not another wrapper Not another “AI devtool” landing page An actual semantic layer that indexes your entire repo and lets agents query relationships, call graphs, routes, symbols, and dependencies instantly. The wild part? On real repos like VS Code, Django, Excalidraw, Tokio, and OkHttp, CodeGraph cut: → ~59% tokens → ~70% tool calls → ~49% execution time → ~35% cost Instead of Claude Code or Codex endlessly grepping files and spawning exploration agents, they query a pre-built graph and move straight to the relevant context. That changes the feel of AI coding completely. Especially on larger codebases where Cursor, Claude Code, and Codex usually start drowning in file reads. And the setup is absurdly simple: npx @colbymchenry/codegraph No external APIs No cloud dependency No weird config hell Just local semantic intelligence for your codebase. This is one of those repos where you instantly understand why it blew up to 14k+ stars so fast. 100% open source Link in comments

🥵 L'épisode de #chaleur qui débute s'annonce exceptionnel voire historique pour la saison : "J’ai l’impression d’utiliser ces termes à chaque fois... J’essaie de trouver d’autres qualificatifs, mais je n’en ai pas !" Petit fil ⤵️ @le_Parisien 1/6 leparisien.fr/meteo/jusqua-p…

Je pense que dans 2 ans, cacher des collections Eloquent complètes sera considéré comme un anti-pattern Laravel. Laravel 13 vient de lancer la guerre contre la sérialisation sauvage 💀 Et énormément d’apps vont casser. Apprenez tout ça sur laraveljutsu.com

Au vu des dernières supply-chain attaques, il y a une dernière étape que vous pouvez ajouter si vous êtes dans l'écosystème JS, Python ou Rust (en plus de tout ce que j'ai déjà cité dernièrement). Mettre un firewall devant votre package manager 🔐 Socket Firewall analyse les packages avant installation et peut bloquer automatiquement des comportements suspects ou connus comme malveillants.

@eng_khairallah1 @threadreaderapp unroll

Boris Cherny, the creator of Claude Code at Anthropic, just explained why most people aren't getting real results from Claude in this podcast he breaks down exactly how most people never actually set up Claude: - the 14% you lose to CLAUDE.md before typing a word - the features that change how Claude thinks before you type a word - the settings 95% of users have never opened - the workflows hiding behind one toggle if you've been using Claude for more than a month and never left the chat window, you have at least 30 untouched features. probably 38 instead of another show tonight, watch this make sure to bookmark it before it gets lost in your feed my breakdown of all 40 features is below

🦔Microsoft canceled its internal Claude Code licenses this week after token-based billing made the cost untenable, even for a company with effectively infinite cloud resources. Uber's CTO sent an internal memo warning the company burned through its entire 2026 AI budget in just four months. American AI software prices have jumped 20% to 37%, and GitHub (owned by Microsoft) is dropping flat-rate plans for usage-based billing across its products. My Take The AI subsidy era is ending in real time. The same company that put $13 billion into OpenAI and built the Azure infrastructure powering most of Anthropic's compute just looked at the bill from a competitor's coding tool and decided it was not worth paying. That is not a productivity failure on Anthropic's end. Token-based pricing is forcing every enterprise customer to confront the actual cost of running these models at scale, and the number turns out to be far higher than the flat-rate experiments suggested. This ties directly to my Gemini Flash post yesterday. Anthropic, OpenAI, and Google all raised effective prices in the last six months. Enterprises that built workflows assuming AI costs would keep falling are now watching annual budgets evaporate in months. Two outcomes look likely from here. Either enterprises scale back AI usage to fit budgets, which slows the revenue ramp the labs need to justify their valuations ahead of IPOs, or the labs cut prices and absorb the losses, which makes the unit economics worse at exactly the wrong moment. Both paths land in the same place, the numbers stop working, and somebody has to take the writedown. Hedgie🤗

Les modèles IA audio peuvent être piratés via des sons inaudibles. Un son caché dans un audio peut pousser les assistants à lancer des recherches web, télécharger des fichiers ou envoyer des données… sans que l’utilisateur ne s’en rende compte. 👉 spectrum.ieee.org/audio-adversar…

@bearstech Oopsie Doopsie 😅

GitHub a confirmé qu’environ 3 800 dépôts internes ont été compromis après qu’un employé a installé une extension VS Code vérolée 👉 bleepingcomputer.com/news/security/…

🇫🇷📺 FLASH | M6 annonce « un élément inédit » et de nouvelles RÉVÉLATIONS dans l’affaire Xavier Dupont de Ligonnès. Les équipes de l’émission Appel à témoins affirment avoir retrouvé un indice pouvant être une « preuve de vie récente » de Xavier Dupont de Ligonnès. Ces révélations seront dévoilées lors de l’émission diffusée le 2 juin prochain. (Le Dauphiné Libéré)

@hasantoxr @threadreaderapp unroll

Someone just open-sourced a local dubbing studio that kills $700/year in ElevenLabs and HeyGen subscriptions. It's called OmniVoice Studio. Drop in any MP4. It handles everything: - Auto-transcribes the speech with Whisper - Translates into your chosen language - Clones the original voice from 3 seconds of audio - Separates background music with Demucs - Mixes the dubbed voice back with the original soundtrack 600 languages. Runs locally on Mac, NVIDIA, AMD, or CPU. No subscription. No voice data leaving your machine. No monthly bill. 100% Opensource.

there's no catch; SAM3 is open source and really good one of the things it does really well is object tracking, even in crazy complex scenes like basketball probably my favorite computer vision model ever

@sarah_edo @UnrollHelper unroll

💥 Game changer for Web Development announced at GoogleIO- Modern Web Guidance! It’s expert-vetted skills for web development based on best practices of latest specs and APIs. It ensures your agent/coding harness doesn’t default to older and out of date patterns to build sites.

@sarah_edo @threadreaderapp unroll

I resurrected my 8-year-old phone into a Hermes Agent server⚕️ Replaced Android with postmarketOS (Alpine Linux on ARM64), runs Hermes as a systemd service. I chat with it over Matrix (E2E encrypted) One less piece of e-waste + no need to buy a Mac mini now

anybody who uses or learns agentic systems, SHOULD READ THIS the install order I run before any new agentic project: 1. PRIVACY: direnv + a real secrets manager install direnv, then plug it into your team's password manager (1Password CLI via op run, doppler, infisical, vault, pick one) what direnv does: loads per-folder environment variables when you cd in, unloads when you cd out. the real move is wiring it into your secrets manager so credentials NEVER live in plain text on disk what this stops: - API keys accidentally committed to git history, the most common AI agent breach pattern in 2026 - credentials leaking from one project into another through your shell history - shared .env files that one teammate quietly backs up to Dropbox - secrets that survive a laptop theft because they were sitting in /Users/you/projects the part nobody mentions: most "my agent got jailbroken" stories actually trace back to one credential the agent had access to that it shouldn't have. scope keys to projects, scope projects to folders, and the blast radius of any single compromise drops dramatically I shipped 2 agents with keys in .env files before switching. the day I plugged direnv into op run I stopped having that whole class of nightmare 2. TOKENS: litellm or portkey as your model proxy one URL that fronts every AI provider (Anthropic, OpenAI, Google, Mistral, local models). all your spend flows through one place what it saves you: - response caching keyed by prompt hash, cuts your bill 30-60% on repeat tasks - automatic fallback on rate limits (Sonnet hits a 429? falls to Opus, then GPT, then your local backup, no broken users) - per-feature and per-user budget caps, block the call before it costs $200 instead of auditing it after - model routing rules, cheap tasks to Haiku, expensive ones to Opus, never the wrong way - PII redaction before requests leave your network, security side benefit the part nobody mentions: every "$4k AI bill" story I've heard ends with "we didn't have a proxy in front." this is where you put guardrails around spend BEFORE the spend happens I built my own router for 2 weeks. it took 20 minutes to replace with litellm. I will be embarrassed about this forever 3. CONTEXT: uv + git commit on every passing eval install uv (the new Python package manager, 10-100x faster than pip+venv, by the Astral team behind ruff). then commit every time an eval suite PASSES, with the model version and pass rate in the commit message what this preserves: - exact dependency set via uv.lock, you always know which packages your agent was using, no nasty surprises from a quiet update - exact prompt + code state, you can reproduce any past run from a single git hash - exact model version paired to exact pass rate, a paper trail when prod breaks weeks later - one-command rollback to a known-working state when a refactor goes sideways - a compliance story, every prompt version tied to a model version in your commit log the security side: when something blows up in prod, you want to say "the prompt was version X, model was Sonnet 4.6.1, last eval pass rate was 94%." not "I think we deployed on Tuesday?" the first is an incident report. the second is a resignation letter I've lost more agents to "I changed 3 prompts in one session and broke something" than to any actual bug 4. VISIBILITY: mitmproxy in front of every LLM call it's basically a wiretap for your agent. install it, point your agent through it, and now you see every conversation your agent has with the model in real time what actually shows up: - every silent retry your SDK sneaks in when a call fails - the full prompt being sent (including any creds you accidentally embedded) - what the model returns BEFORE your code reacts to it - exact token cost per call, per tool, per loop iteration - responses that quietly trigger your code into doing something you didn't intend, this is where prompt injection lives the part nobody talks about: if a website your agent scraped slipped instructions into its data, mitmproxy is how you SEE the moment your agent decides to follow them. without this layer, you're trusting your agent did the right thing, not verifying I shipped 3 agents before adding this. I have no honest idea what they were doing in production 5. EVALS: inspect-ai (the framework the labs actually use) an eval framework is what tells you "this agent works" with numbers instead of vibes. inspect-ai is the one Anthropic, DeepMind, and the UK AI Safety Institute use for the eval reports you read in their papers. open source, MIT licensed what your homegrown version won't have: - run the same task across 5 different models and compare scores side by side - pre-built tests for risky agent behavior (lying, manipulating, misusing tools) - proper structure for evaluating tool-using agents, not just chat - repeatable scoring, the same input always gets graded the same way - reproducible eval seeds, so a flaky test is actually flaky and not just unlucky I wrote my own eval harness 4 times across 4 projects. threw it out 4 times if you ever want to say "my agent passes safety checks" out loud, the check has to come from a framework someone else can re-run. this is that framework the move that ties this together: keep a /lessons.md in every repo. every weird agent behavior, every edge case, every config change you find at 2am, write it down you will not remember it. you'll come back in 3 weeks and the lessons file is the only reason you still know what's going on lock these 5, keep the lessons file, your next agentic system takes 2 days instead of 2 months p.s. half of "AI agent" content online is people who've never run mitmproxy on their own loop. they don't actually know what their agent is doing. they're shipping demo videos. don't be that guy