pystar

Imagine if every frame of video were alive. Click a jersey → get player stats. Tap a molecule → open the research. Pause a lecture → test your knowledge. That’s the future we’re building at Camara Magic. Video is no longer watched. It’s explored.

Prior, AI agents visiting your site were basically squinting at screenshots. Chrome 146 + WebMCP changes that to: structured JSON schema, defined inputs, predictable outputs, permission-enforced by the browser. the web just got a second interface layer built for machines

Imagine your website forms checkout flow, All of them exposed as named, documented tools that any AI agent can discover and call with precision that's what navigator.modelContext.registerTool() does. Your existing frontend logic becomes an agent API without rebuilding anything

If your site has clean semantic HTML forms, You're already 80% of the way to WebMCP readiness. Add toolname and tooldescription attributes. Chrome handles the rest. The barrier to entry is deliberately low. They want mass adoption. That's the point.

What WebMCP actually changes: You'll stop saying "go to site X and search for Y and click Z and fill in A and B and submit" to your AI. You'll just say what you want. The agent figures out the rest because the site told it exactly what it can do. That's the real UX shift here

🤯bit about WebMCP: Tasks complete 6x faster not 6%, 6 times. That's the gap between an agent screenshotting and guessing vs calling a structured function. When users' AI assistants start recommending where to complete tasks, speed of execution becomes a ranking factor.

For site owners who think this is too early to care about: mobile-first design was "too early" in 2009. The sites that ignored it scrambled for years while traffic shifted to competitors who moved first. WebMCP is that same inflection point. The early adopters always win

@trq212 Claude🦞 is slowly coming together

We just released Claude Code channels, which allows you to control your Claude Code session through select MCPs, starting with Telegram and Discord. Use this to message Claude Code directly from your phone.

Chrome 146 WebMCP means AI agents can finally: → book your restaurant table without guessing the form fields → file your support ticket with all the context filled in → add the right item to your cart without screenshotting the product page

The thing most devs miss: WebMCP doesn't replace your existing MCP setup backend MCP = service-to-service automation, no user present WebMCP = browser-based, user is in the session they're complementary. Your frontend JS becomes the agent interface without needing a backend

People are calling WebMCP the SEO of the agentic web and honestly that's accurate Just like you once had to make your content readable for search crawlers, you now need to make your functionality callable for AI agents. "Agent Optimization" is about to become a real discipline

Co-authored by Google Chrome engineers AND Microsoft Edge engineers. It's now in W3C incubation. When both major browser vendors write the spec together it doesn't stay experimental for long. Mid-to-late 2026 is the timeline for broader rollout. Anticipate.

@stripe The linchpin to have a viable "Fiverr/Upwork for agents" is in.

Vibe coding -> Vibe Engineering? TLA+ Get familiar.

If you run an ecomm store and want to understand why WebMCP matters directly for you: Right now an AI agent trying to help a user buy something on your site is basically blindfolded. With WebMCP you hand it a map. Conversions go up because the agent stops dropping off mid-flow

THIS is the wildest open-source project I’ve seen this month. We were all hyped about @karpathy's autoresearch project automating the experiment loop a few weeks ago. (ICYMI → github.com/karpathy/autor…) But a bunch of folks just took it ten steps further and automated the entire scientific method end-to-end. It's called AutoResearchClaw, and it's fully open-source. You pass it a single CLI command with a raw idea, and it completely takes over 🤯 The 23-stage loop they designed is insane: ✦ First, it handles the literature review. - It searches arXiv and Semantic Scholar for real papers - Cross-references them against DataCite and CrossRef. - No fake papers make it through. ✦ Second, it runs the sandbox. - It generates the code from scratch. - If the code breaks, it self-heals. - You don't have to step in. ✦ Finally, it writes the paper. - It structures 5,000+ words into Introduction, Related Work, Method, and Experiments. - Formats the math, generates the comparison charts, - Then wraps the whole thing in official ICML or ICLR LaTeX templates. You can set it to pause for human approval, or you can just pass the --auto-approve flag and walk away. What it spits out at the end: → Full academic paper draft → Conference-grade .tex files → Verified, hallucination-free citations → All experiment scripts and sandbox results This is what autonomous AI agents actually look like in 2026. Free and open-source. Link to repo in 🧵 ↓

@mholt6 Football

I caught my cat playing soccer, but this is all I got on camera.

🦔 Researchers at Aikido Security found 151 malicious packages uploaded to GitHub between March 3 and March 9. The packages use Unicode characters that are invisible to humans but execute as code when run. Manual code reviews and static analysis tools see only whitespace or blank lines. The surrounding code looks legitimate, with realistic documentation tweaks, version bumps, and bug fixes. Researchers suspect the attackers are using LLMs to generate convincing packages at scale. Similar packages have been found on NPM and the VS Code marketplace. My Take Supply chain attacks on code repositories aren't new, but this technique is nasty. The malicious payload is encoded in Unicode characters that don't render in any editor, terminal, or review interface. You can stare at the code all day and see nothing. A small decoder extracts the hidden bytes at runtime and passes them to eval(). Unless you're specifically looking for invisible Unicode ranges, you won't catch it. The researchers think AI is writing these packages because 151 bespoke code changes across different projects in a week isn't something a human team could do manually. If that's right, we're watching AI-generated attacks hit AI-assisted development workflows. The vibe coders pulling packages without reading them are the target, and there are a lot of them. The best defense is still carefully inspecting dependencies before adding them, but that's exactly the step people skip when they're moving fast. I don't really know how any of this gets better. The attackers are scaling faster than the defenses. Hedgie🤗 arstechnica.com/security/2026/…

heat-graph lets you build GitHub-style activity graphs

6 users before launch? Why? How? From where? 🤔