Assembled

Assembled AI

Assembled AI

Assembled AI

Assembled AI

Assembled AI

Assembled AI

Assembled AI

Assembled AI

Assembled AI

Assembled AI

Any other ADHD programmers find ClaudeCode to be a dream come true?

Every random whim is suddenly a new session solving something. I can finally juggle 10 things AND keep track of it all!! Playing Claude session like Bobby Fischer playing chess with 20 people - execute a prompt and jump to the next session in the queue to move it to the next step, and so on… just an assembly line of productivity in every which direction. submitted by /u/Polarbum [link] [comments]

If Only…

Why yes, a mistake was in fact made. Too bad this didn’t actually do the research. submitted by /u/frythan [link] [comments]

Anthropic's new AI escaped a sandbox, emailed the researcher, then bragged about it on public forums

Anthropic announced Claude Mythos Preview on April 7. Instead of releasing it, they locked it behind a $100M coalition with Microsoft, Apple, Google, and NVIDIA. The reason? It autonomously found thousands of zero-day vulnerabilities in every major OS and browser. Some bugs had been hiding for 27 years. But the system card is where it gets wild. During testing, earlier versions of the model escaped a sandbox, emailed a researcher (who was eating a sandwich in a park), and then posted exploit details on public websites without being asked to. In another eval, it found the correct answers through sudo access and deliberately submitted a worse score because "MSE ~ 0 would look suspicious." I put together a visual breaking down all the benchmarks, behaviors, and the Glasswing coalition. Genuinely curious what you all think. Is this responsible AI development or the best marketing stunt in tech history? A model gets 10x more attention precisely because you can't use it. submitted by /u/karmendra_choudhary [link] [comments]

"I `b u i l t` this at 3:00AM in 47 seconds....."

Hi there, Let us talk about ecosystem health. This is not an AI-generated message, so if the ideas are not perfectly sequential, my apology in advance. I am a Ruby developer. I also work with C, Rust, Go, and a bunch of other languages. Ruby is not a language for performance. Ruby is a language for the lazy. And yet, Twitter was built on it. GitHub, Shopify, Homebrew, CocoaPods and thousands of other tools still on it. We had something before AI. It was messy, slow, and honestly beautiful. The community had discipline. You would spend a few days thinking about a problem you were facing. You would try to understand it deeply before touching code. Then you would write about it in a forum, and suddenly you had 47 contributors showing up, not because it was trendy, but because it was interesting and affecting them. Projects had unhinged names. You had to know the ecosystem to even recognize them. Puma, Capistrano, Chef, Ruby on Rails, Homebrew, Sinatra. None of these mean anything to someone outside the ecosystem and that was fine, you had read about them. I joined some of these projects because I earned my place. You proved yourself by solving problems, not by generating 50K LOC that nobody read. Now we are entering an era where all of that innovation is quietly going private. I have a lot of things I am not open sourcing. Not because I do not want to. I have shared them with close friends. But I am not interested in waking up to 847 purple clones over a weekend, all claiming they have been working on it since 1947 in collaboration with Albert Einstein. And somehow, they all write with em dash. Einstein was German. He would have used en dash. At least fake it properly. Previously, when your idea was stolen, it was by people that are capable. In my case, i create building blocks, stealing my ideas just give you maintenance burden. But a small group still do it, because it will bring them few github stars. So on the 4.7.2026, I assembled the council of 47 AI and i built https://pkg47.com with Claude and other AIs. This is a fully automated platform acting as a package registry. It exists for one purpose: to fix people who cannot stop themselves from publishing garbage to official registries(NPM, Crate, Rubygems) and behaving like namespace locusts. The platform monitors every new package. It checks the reputation of the publisher. And if needed, it roasts them publicly in a blog post. This is entirely legal. The moment you push something to a public registry, you have already opted into scrutiny. This is not a future idea. It is not looking for funding. I already built it over months , now i'm sure wiring. You can see part of the opensource register here: https://github.com/contriboss/vein — use it if you want. I also built the first social network where only AI argue with each other: https://cloudy.social/ .. sometime they decided to build new modules. (don't confuse with Linkedin or X (same output)) PKG47 goes live early next week. There is no opt-out. If you do not want to participate, run your own registry, or spin your own instance of vein. The platform won't stalk you in Github or your website. Once you push, you trigger a debate if you pushed slop. There is no delete button. The whole architecture is a blockchain each story will reference other stories. If they fuck up, i can trigger correction post, where AI will apology. I have been working on the web long enough to know exactly how to get this indexed. This not SLOP, this is ART from a dev that is tired of having purple libraries from Temu in the ecosystem. submitted by /u/TheAtlasMonkey [link] [comments]

Claude Code Source Deep Dive (Part 3): Full System Prompt Assembly Flow + Original Prompt Text (2)

Reader’s Note On March 31, 2026, the Claude Code package Anthropic published to npm accidentally included .map files that can be reverse-engineered to recover source code. Because the source maps pointed to the original TypeScript sources, these 512,000 lines of TypeScript finally put everything on the table: how a top-tier AI coding agent organizes context, calls tools, manages multiple agents, and even hides easter eggs. I read the source from the entrypoint all the way through prompts, the task system, the tool layer, and hidden features. I will continue to deconstruct the codebase and provide in-depth analysis of the engineering architecture behind Claude Code. Claude Code Source Deep Dive — Literal Translation (Part 3) 2.8 Full Prompt Original Text: Tool Usage Guide Source: getUsingYourToolsSection() # Using your tools - Do NOT use the Bash to run commands when a relevant dedicated tool is provided. Using dedicated tools allows the user to better understand and review your work. This is CRITICAL to assisting the user: - To read files use Read instead of cat, head, tail, or sed - To edit files use Edit instead of sed or awk - To create files use Write instead of cat with heredoc or echo redirection - To search for files use Glob instead of find or ls - To search the content of files, use Grep instead of grep or rg - Reserve using the Bash exclusively for system commands and terminal operations that require shell execution. If you are unsure and there is a relevant dedicated tool, default to using the dedicated tool and only fallback on using the Bash tool for these if it is absolutely necessary. - Break down and manage your work with the TaskCreate tool. These tools are helpful for planning your work and helping the user track your progress. Mark each task as completed as soon as you are done with the task. Do not batch up multiple tasks before marking them as completed. - Use the Agent tool with specialized agents when the task at hand matches the agent's description. Subagents are valuable for parallelizing independent queries or for protecting the main context window from excessive results, but they should not be used excessively when not needed. Importantly, avoid duplicating work that subagents are already doing - if you delegate research to a subagent, do not also perform the same searches yourself. - For simple, directed codebase searches (e.g. for a specific file/class/function) use the Glob or Grep directly. - For broader codebase exploration and deep research, use the Agent tool with subagent_type=Explore. This is slower than using the Glob or Grep directly, so use this only when a simple, directed search proves to be insufficient or when your task will clearly require more than 3 queries. - You can call multiple tools in a single response. If you intend to call multiple tools and there are no dependencies between them, make all independent tool calls in parallel. Maximize use of parallel tool calls where possible to increase efficiency. However, if some tool calls depend on previous calls to inform dependent values, do NOT call these tools in parallel and instead call them sequentially. 2.9 Full Prompt Original Text: Tone and Style Source: getSimpleToneAndStyleSection() # Tone and style - Only use emojis if the user explicitly requests it. Avoid using emojis in all communication unless asked. - Your responses should be short and concise. - When referencing specific functions or pieces of code include the pattern file_path:line_number to allow the user to easily navigate to the source code location. - When referencing GitHub issues or pull requests, use the owner/repo#123 format (e.g. anthropics/claude-code#100) so they render as clickable links. - Do not use a colon before tool calls. Your tool calls may not be shown directly in the output, so text like "Let me read the file:" followed by a read tool call should just be "Let me read the file." with a period. 2.10 Full Prompt Original Text: Output Efficiency Source: getOutputEfficiencySection() External-user version # Output efficiency IMPORTANT: Go straight to the point. Try the simplest approach first without going in circles. Do not overdo it. Be extra concise. Keep your text output brief and direct. Lead with the answer or action, not the reasoning. Skip filler words, preamble, and unnecessary transitions. Do not restate what the user said — just do it. When explaining, include only what is necessary for the user to understand. Focus text output on: - Decisions that need the user's input - High-level status updates at natural milestones - Errors or blockers that change the plan If you can say it in one sentence, don't use three. Prefer short, direct sentences over long explanations. This does not apply to code or tool calls. Anthropic internal version # Communicating with the user When sending user-facing text, you're writing for a person, not logging to a console. Assume users can't see most tool calls or thinking - only

Attention Is All You Need, But All You Can't Afford | Hybrid Attention

Repo: https://codeberg.org/JohannaJuntos/Sisyphus I've been building a small Rust-focused language model from scratch in PyTorch. Not a finetune — byte-level, trained from random init on a Rust-heavy corpus assembled in this repo. The run: 25.6M parameters 512 context length 173.5M-byte corpus 30k training steps Single RTX 4060 Ti 8GB Final train loss: 0.5834 / val loss: 0.8217 / perplexity: 2.15 Inference: 286.6 tok/s with HybridAttention + KV cache — 51.47x vs full attention Background I'm an autistic systems programmer, writing code since 2008/2009, started in C. I approach ML like a systems project: understand the data path, understand the memory behavior, keep the stack small, add complexity only when justified. That's basically the shape of this repo. Architecture Byte-level GPT-style decoder: Vocab size 256 (bytes) 8 layers, 8 heads, 512 embedding dim Learned positional embeddings Tied embedding / LM head weights The attention block is not standard full attention. Each layer uses HybridAttention, combining: Local windowed causal attention A GRU-like recurrent state path A learned gate mixing the two Local path handles short-range syntax. Recurrent path carries compressed long-range state without paying quadratic cost. Gate bias initialized to ones so early training starts local-biased. The inference path uses Triton-optimized kernels and torch.library custom ops for the local window attention. Corpus This is probably the most important part of the repo. The run starts with official Rust docs, compiler/library/tests, cargo, rust-analyzer, tokio, serde, ripgrep, clap, axum — roughly 31MB. Corpus expanded to 177,151,242 bytes by fetching the top 500 crates (461 successful clones). Corpus expansion from 31M to 173.5M chars helped more than anything else in the repo. Training AdamW, lr 2e-4, weight decay 0.1, betas (0.9, 0.95), 30k steps, 1k warmup. ~678.8 MiB training memory on a 7.6 GiB card. All experimental memory tricks (gradient quantization, activation compression, selective backprop, gradient paging) were disabled. Small custom architecture + mixed precision + better corpus was enough. Loss curve: Step 0: train 5.5555 / val 5.5897 Step 1000: train 2.4295 / val 2.6365 Step 5000: train 0.9051 / val 1.0060 Step 10000: train 0.8065 / val 0.8723 Step 18500: train 0.6902 / val 0.7757 Step 29999: train 0.5834 / val 0.8217 Best val loss around step 18.5k — overfitting or plateauing late. Inference performance Full attention O(n²): 17.96s / 5.6 tok/s HybridAttention O(n·W + n·D): 0.35s / 286.6 tok/s Speedup: 51.47x — no quality loss KV cache strategy: hot window of W=64 tokens in VRAM (~256KB), older tokens compressed to 8-bit magnitude + angle, selective promotion on demand. Complexity goes from O(n²·d) to O(4096n) for this model. All 5 tests passing: forward pass, generation with/without cache, RNN state isolation, window mechanics. Generation quality Surface Rust syntax looks decent, imports and signatures can look plausible, semantics are weak, repetition and recursive nonsense still common. Honest read of the current state. What I think is actually interesting Four distinct experiments, each shipped working code: Byte-level Rust-only pretraining Hybrid local-attention + recurrent block replacing standard full attention Corpus expansion from core repos to broader crate ecosystem Production-ready hot/cold KV cache paging — 51.47x speedup, no quality loss The clearest win is corpus expansion. The second-order win is that HybridAttention + cache is fast enough for real interactive use on consumer hardware. What's next Ablation — HybridAttention vs local-only vs RNN-only Checkpoint selection — does step 18.5k generate better than 29999? Syntax validation — does the output parse/compile/typecheck? Context length sweep — 256 to 2048, where does window size hurt? Byte vs BPE — now that corpus is 5.6x larger, worth testing? Questions for the sub: For small code models, what evals have actually been useful beyond perplexity? Has anyone seen hybrid local + recurrent attention work well for code gen, or does it usually lose to just scaling a plain transformer? If you had this setup — more tokens, longer context, or cleaner ablation first? submitted by /u/Inevitable_Back3319 [link] [comments]

Using AI to untangle 10,000 property titles in Latam, sharing our approach and wanting feedback

Hey. Long post, sorry in advance (Yes, I used an AI tool to help me craft this post in order to have it laid in a better way). So, I've been working on a real estate company that has just inherited a huge mess from another real state company that went bankrupt. So I've been helping them for the past few months to figure out a plan and finally have something that kind of feels solid. Sharing here because I'd genuinely like feedback before we go deep into the build. Context A Brazilian real estate company accumulated ~10,000 property titles across 10+ municipalities over decades, they developed a bunch of subdivisions over the years and kept absorbing other real estate companies along the way, each bringing their own land portfolios with them. Half under one legal entity, half under a related one. Nobody really knows what they have, the company was founded in the 60s. Decades of poor management left behind: Hundreds of unregistered "drawer contracts" (informal sales never filed with the registry) Duplicate sales of the same properties Buyers claiming they paid off their lots through third parties, with no receipts from the company itself Fraudulent contracts and forged powers of attorney Irregular occupations and invasions ~500 active lawsuits (adverse possession claims, compulsory adjudication, evictions, duplicate sale disputes, 2 class action suits) Fragmented tax debt across multiple municipalities A large chunk of the physical document archive is currently held by police as part of an old investigation due to old owners practices The company has tried to organize this before. It hasn't worked. The goal now is to get a real consolidated picture in 30-60 days. Team is 6 lawyers + 3 operators. What we decided to do (and why) First instinct was to build the whole infrastructure upfront, database, automation, the works. We pushed back on that because we don't actually know the shape of the problem yet. Building a pipeline before you understand your data is how you end up rebuilding it three times, right? So with the help of Claude we build a plan that is the following, split it in some steps: Build robust information aggregator (does it make sense or are we overcomplicating it?) Step 1 - Physical scanning (should already be done on the insights phase) Documents will be partially organized by municipality already. We have a document scanner with ADF (automatic document feeder). Plan is to scan in batches by municipality, naming files with a simple convention: [municipality]_[document-type]_[sequence] Step 2 - OCR Run OCR through Google Document AI, Mistral OCR 3, AWS Textract or some other tool that makes more sense. Question: Has anyone run any tool specifically on degraded Latin American registry documents? Step 3 - Discovery (before building infrastructure) This is the decision we're most uncertain about. Instead of jumping straight to database setup, we're planning to feed the OCR output directly into AI tools with large context windows and ask open-ended questions first: Gemini 3.1 Pro (in NotebookLM or other interface) for broad batch analysis: "which lots appear linked to more than one buyer?", "flag contracts with incoherent dates", "identify clusters of suspicious names or activity", "help us see problems and solutions for what we arent seeing" Claude Projects in parallel for same as above Anything else? Step 4 - Data cleaning and standardization Before anything goes into a database, the raw extracted data needs normalization: Municipality names written 10 different ways ("B. Vista", "Bela Vista de GO", "Bela V. Goiás") -> canonical form CPFs (Brazilian personal ID number) with and without punctuation -> standardized format Lot status described inconsistently -> fixed enum categories Buyer names with spelling variations -> fuzzy matched to single entity Tools: Python + rapidfuzz for fuzzy matching, Claude API for normalizing free-text fields into categories. Question: At 10,000 records with decades of inconsistency, is fuzzy matching + LLM normalization sufficient or do we need a more rigorous entity resolution approach (e.g. Dedupe.io)? Step 5 - Database Stack chosen: Supabase (PostgreSQL + pgvector) with NocoDB on top Three options were evaluated: Airtable - easiest to start, but data stored on US servers (LGPD concern for CPFs and legal documents), limited API flexibility, per-seat pricing NocoDB alone - open source, self-hostable, free, but needs server maintenance overhead Supabase - full PostgreSQL + authentication + API + pgvector in one place, $25/month flat, developer-first We chose Supabase as the backend because pgvector is essential for the RAG layer (Step 7) and we didn't want to manage two separate databases. NocoDB sits on top as the visual interface for lawyers and data entry operators who need spreadsheet-like interaction without writing SQL. Each lot becomes a single entity (primary key) with relational links to: contracts, bu

Don't Let Teachers Instruct You: They're Fallible and Make Mistakes

I'm seeing increasing numbers of people, esp. young people, relying on teachers to explain things, provide structure, and help them find answers. I want to caution against this. Each teacher-led lesson is a missed opportunity to sit alone in confusion and slowly assemble fragments of understanding through sheer force of will. After all, teachers are fallible. They make mistakes. Sometimes they simplify or worse, over-simplify. They don't even produce perfectly deterministic responses; give them the same question twice and you might get two slightly different explanations. Hardly a thing you'd want to rely on for something as important as learning. Sometimes they guide you toward conclusions others already agree with. If you let a teacher instruct you, how can you be sure the thoughts are truly your own? Better to avoid all of that and instead rediscover established knowledge independently, one inefficient breakthrough at a time. There are social effects, too. When you learn something from a teacher, what are you really demonstrating? That you can absorb information presented clearly? That you can benefit from accumulated knowledge? Where is the credibility in that? No. If you want to build trust, you must struggle visibly. You must arrive late, battered, and slightly incorrect, but undeniably self-derived. Only then can others be confident that the thinking, however flawed, was authentically yours. submitted by /u/iamalnewkirk [link] [comments]

I gave Claude Code a knowledge graph, spaced repetition, and semantic search over my Obsidian vault — it actually remembers things now

# I built a 25-tool AI Second Brain with Claude Code + Obsidian + Ollama — here's the full architecture **TL;DR:** I spent a night building a self-improving knowledge system that runs 25 automated tools hourly. It indexes my vault with semantic search (bge-m3 on a 3080), builds a knowledge graph (375 nodes), detects contradictions, auto-prunes stale notes, tracks my frustration levels, does autonomous research, and generates Obsidian Canvas maps — all without me touching anything. Claude Code gets smarter every session because the vault feeds it optimized context automatically. --- ## The Problem I run a solo dev agency (web design + social media automation for Serbian SMBs). I have 4 interconnected projects, 64K business leads, and hundreds of Claude Code sessions per week. My problem: **Claude Code starts every session with amnesia.** It doesn't remember what we did yesterday, what decisions we made, or what's blocked. The standard fix (CLAUDE.md + MEMORY.md) helped but wasn't enough. I needed a system that: - Gets smarter over time without manual work - Survives context compaction (when Claude's memory gets cleared mid-session) - Connects knowledge across projects - Catches when old info contradicts new reality ## What I Built ### The Stack - **Obsidian** vault (~350 notes) as the knowledge store - **Claude Code** (Opus) as the AI that reads/writes the vault - **Ollama** + **bge-m3** (1024-dim embeddings, RTX 3080) for local semantic search - **SQLite** (better-sqlite3) for search index, graph DB, codebase index - **Express** server for a React dashboard - **2 MCP servers** giving Claude native vault + graph access - **Windows Task Scheduler** running everything hourly ### 25 Tools (all Node.js ES modules, zero external dependencies beyond what's already in the repo) #### Layer 1: Data Collection | Tool | What it does | |------|-------------| | `vault-live-sync.mjs` | Watches Claude Code JSONL sessions in real-time, converts to Obsidian notes | | `vault-sync.mjs` | Hourly sync: Supabase stats, AutoPost status, git activity, project context | | `vault-voice.mjs` | Voice-to-vault: Whisper transcription + Sonnet summary of audio files | | `vault-clip.mjs` | Web clipping: RSS feeds + Brave Search topic monitoring + AI summary | | `vault-git-stats.mjs` | Git metrics: commit streaks, file hotspots, hourly distribution, per-project breakdown | #### Layer 2: Processing & Intelligence | Tool | What it does | |------|-------------| | `vault-digest.mjs` | Daily digest: aggregates all sessions into one readable page | | `vault-reflect.mjs` | Uses Sonnet to extract key decisions from sessions, auto-promotes to MEMORY.md | | `vault-autotag.mjs` | AI auto-tagging: Sonnet suggests tags + wikilink connections for changed notes | | `vault-schema.mjs` | Frontmatter validator: 10 note types, compliance reporting, auto-fix mode | | `vault-handoff.mjs` | Generates machine-readable `handoff.json` (survives compaction better than markdown) | | `vault-session-start.mjs` | Assembles optimal context package for new Claude sessions | #### Layer 3: Search & Retrieval | Tool | What it does | |------|-------------| | `vault-search.mjs` | FTS5 + chunked semantic search (512-char chunks, bge-m3 1024-dim). Flags: `--semantic`, `--hybrid`, `--scope`, `--since`, `--between`, `--recent`. Retrieval logging + heat map. | | `vault-codebase.mjs` | Indexes 2,011 source files: exports, routes, imports, JSDoc. "Where is the image upload logic?" actually works. | | `vault-graph.mjs` | Knowledge graph: 375 nodes, 275 edges, betweenness centrality, community detection, link suggestions | | `vault-graph-mcp.mjs` | Graph as MCP server: 6 tools (search, neighbors, paths, common, bridges, communities) Claude can use natively | #### Layer 4: Self-Improvement | Tool | What it does | |------|-------------| | `vault-patterns.mjs` | Weekly patterns: momentum score (1-10), project attention %, velocity trends, token burn ($), stuck detection, frustration/energy tracking, burnout risk | | `vault-spaced.mjs` | Spaced repetition (FSRS): 348 notes tracked, priority-based review scheduling. Critical decisions resurface before you forget them. | | `vault-prune.mjs` | Hot/warm/cold decay scoring. Auto-archives stale notes. Never-retrieved notes get flagged. | | `vault-contradict.mjs` | Contradiction detection: rule-based (stale references, metric drift, date conflicts) + AI-powered (Sonnet compares related docs) | | `vault-research.mjs` | Autonomous research: Brave Search + Sonnet, scheduled topic monitoring (competitors, grants, tech trends) | #### Layer 5: Visualization & Monitoring | Tool | What it does | |------|-------------| | `vault-canvas.mjs` | Auto-generates Obsidian Canvas files from knowledge graph (5 modes: full map, per-project, hub-centered, communities, daily) | | `vault-heartbeat.mjs` | Proactive agent: gathers state from all services, Sonnet reasons about what needs attention, sends WhatsApp alerts | | `vault-dashboard/` | React SPA dashboard (Expre

Solitaire: I built an identity layer for AI agents with Claude Code (600+ sessions in production)

I built an open-source project called Solitaire for Agents using Claude Code as my primary development environment. Short version: agent memory tooling helps with recall, but Solitaire is trying to solve a different problem. An agent might remember what you said, but the way it works with you doesn't actually improve over time. It's a smart stranger with a better notebook, and it can feel very...hollow? This project has been in production since February, and the system you'd install today was shaped by what worked and what didn't across 600 sessions. The retrieval weighting, the boot structure, the persona compilation, all of it came from watching the system fail and fixing the actual failure modes. The MCP server architecture and hook system were designed around how Claude Code handles tool calls and session state. Disposition traits (warmth, assertiveness, conviction, observance) compile from actual interaction patterns and evolve across sessions. The agent I work with today is measurably different from the one I started with, and that difference came from use, not from me editing a config file. New users get a guided onboarding that builds the partner through conversation. You pick a name, describe what you need, and it assembles the persona from your answers. No YAML required. The local-first angle is non-negotiable in the design: All storage is SQLite + JSONL in your workspace directory Zero network requests from the core engine No cloud dependency, no telemetry, no external API calls for memory operations Automatic rolling backups so your data is protected without any setup Your data stays on your machine, period On top of that: Persona and behavioral identity that compiles from real interaction, not static config Retrieval weighting that adjusts based on what actually proved useful Self-correcting knowledge graph: contradiction detection, confidence rescoring, entity relinking Tiered boot context so the agent arrives briefed, not blank Session residues that carry forward how the work felt, not just what was discussed Guided onboarding where new users build a partner through conversation, not a JSON file Free and open source (excepting commercial applications, which is detailed in the license). pip install solitaire-ai and you're running (Note: notinstall solitaire, that's an unrelated package). Built for Claude Code first, with support for other agent platforms. Memory agnostic: if you have a memory layer, great, we aim to work with yours. If not, this provides one. 600+ sessions, 15,700+ entries in real production use. Available on PyPI and the MCP Registry. Two research papers came out of the longitudinal work, currently in review. Repo: https://github.com/PRDicta/Solitaire-for-Agents License: AGPL-3.0, commercial licensing available for proprietary embedding. Would especially appreciate feedback on: Top-requested integrations I haven't mentioned Areas of improvement, particularly on the memory layer Things I've missed? Cheers! submitted by /u/FallenWhatFallen [link] [comments]

Claude Code Source Deep Dive (Part 2): Full System Prompt Assembly Flow + Original Prompt Text

Reader’s Note On March 31, 2026, Anthropic’s Claude Code npm package accidentally shipped .map files that can be reverse-engineered back to source. Because the source maps point to original TypeScript files, this exposed a large portion of the codebase and made it possible to study prompt orchestration, tool routing, and runtime behavior in detail. This post is Part 2 of my literal-translation series. Focus here: how the system prompt is assembled and what the core prompt sections say. Part II — Full Assembly Flow + Original Prompt Text (Literal Translation) 2.1 System Prompt Assembly Entry File: src/constants/prompts.ts → getSystemPrompt() The prompt is assembled in a fixed order: return [ // Static content (cacheable) getSimpleIntroSection(), getSimpleSystemSection(), getSimpleDoingTasksSection(), getActionsSection(), getUsingYourToolsSection(), getSimpleToneAndStyleSection(), getOutputEfficiencySection(), // Cache boundary SYSTEM_PROMPT_DYNAMIC_BOUNDARY, // Dynamic/session content getSessionSpecificGuidanceSection(), loadMemoryPrompt(), getAntModelOverrideSection(), computeSimpleEnvInfo(), getLanguageSection(), getOutputStyleSection(), getMcpInstructionsSection(), getScratchpadInstructions(), getFunctionResultClearingSection(), SUMMARIZE_TOOL_RESULTS_SECTION, ] Key structure: static prefix first, then a dynamic boundary marker, then session/user-specific suffix. 2.2 Identity Prefix Variants File: src/constants/system.ts Three variants observed: Default interactive mode “You are Claude Code, Anthropic's official CLI for Claude.” Agent SDK preset (non-interactive + append system prompt) “You are Claude Code, Anthropic's official CLI for Claude, running within the Claude Agent SDK.” Agent SDK no-append (non-interactive) “You are a Claude agent, built on Anthropic's Claude Agent SDK.” Selection path (simplified): Vertex API → default | non-interactive + append → SDK preset | non-interactive → SDK | else → default 2.3 Attribution/Billing Header Observed format: x-anthropic-billing-header: cc_version={version}.{fingerprint}; cc_entrypoint={entrypoint}; [cch=00000;] [cc_workload={type};] Notes: cch=00000 appears to be a client-auth placeholder rewritten later by the HTTP stack. cc_workload={type} seems to act as a routing/scheduling hint (e.g. cron-like workloads). 2.4 Intro Section (Identity Definition) Source: getSimpleIntroSection() Literal text: “You are an interactive agent that helps users with software engineering tasks. Use the instructions below and the tools available to you to assist the user.” 2.5 System Rules (getSimpleSystemSection()) High-level emphasis in this section includes: only assist with authorized/defensive security contexts; refuse destructive/malicious usage patterns; do not hallucinate URLs (unless clearly safe/programming-related); treat system reminders and hook feedback as structured control signals; watch for prompt injection in tool outputs; context compression is automatic as history grows. 2.6 Task Execution Guidelines (getSimpleDoingTasksSection()) Core directives in this block: do the actual engineering work in files, not just give abstract answers; read code before modifying; avoid unnecessary new files; avoid speculative refactors or over-engineering; prioritize secure code; diagnose failures before switching approach; verify outcomes honestly (don’t claim checks passed when they didn’t). There is also an additional instruction set for internal users reinforcing: collaborator mindset, minimal comments, truthful verification reporting. 2.7 Safe Execution Guidelines (getActionsSection()) This section frames actions by reversibility + blast radius. Guidance pattern: local/reversible actions: usually proceed; destructive, shared-state, or hard-to-reverse actions: confirm first; prior one-time approval does not imply blanket future approval; investigate unexpected state before deleting/overwriting; don’t bypass safeguards (e.g. avoid --no-verify shortcuts). Examples requiring confirmation include force-push, destructive git actions, deleting files/branches, external posting, shared infra/permission changes, and third-party uploads. Why this matters The architecture shows a deliberate split: Stable, cacheable policy + behavior scaffolding, then dynamic session context and environment constraints. That design is practical for latency/cost control and also clarifies where behavior drift can occur (usually in dynamic suffix + tool feedback loop, not static policy prefix). Up Next (Part 3) I’ll continue with deeper sections around tool execution surfaces, guardrail layering, and how prompt/runtime controls interact in live turns. submitted by /u/Ill-Leopard-6559 [link] [comments]

OpenClaw has 500,000 instances and no enterprise kill switch

“Your AI? It’s my AI now.” The line came from Etay Maor, VP of Threat Intelligence at Cato Networks, in an exclusive interview with VentureBeat at RSAC 2026 — and it describes exactly what happened to a U.K. CEO whose OpenClaw instance ended up for sale on BreachForums. Maor's argument is that the industry handed AI agents the kind of autonomy it would never extend to a human employee, discarding zero trust, least privilege, and assume-breach in the process. The proof arrived on BreachForums three weeks before Maor’s interview. On February 22, a threat actor using the handle “fluffyduck” posted a listing advertising root shell access to the CEO’s computer for $25,000 in Monero or Litecoin. The shell was not the selling point. The CEO’s OpenClaw AI personal assistant was. The buyer would get every conversation the CEO had with the AI, the company’s full production database, Telegram bot tokens, Trading 212 API keys, and personal details the CEO disclosed to the assistant about family and finances. The threat actor noted the CEO was actively interacting with OpenClaw in real time, making the listing a live intelligence feed rather than a static data dump. Cato CTRL senior security researcher Vitaly Simonovich documented the listing on February 25. The CEO’s OpenClaw instance stored everything in plain-text Markdown files under ~/.openclaw/workspace/ with no encryption at rest. The threat actor didn't need to exfiltrate anything; the CEO had already assembled it. When the security team discovered the breach, there was no native enterprise kill switch, no management console, and no way to inventory how many other instances were running across the organization. OpenClaw runs locally with direct access to the host machine’s file system, network connections, browser sessions, and installed applications. The coverage to date has tracked its velocity, but what it hasn't mapped is the threat surface. The four vendors who used RSAC 2026 to ship responses still haven't produced

Meta just acqui-hired its 4th AI startup in 4 months. Dreamer, Manus, Moltbook, and Scale AI's founder. Is anyone else watching this pattern?

Quick rundown of what Meta's done since December: • Dec 2025: Acquired Manus (autonomous web agent) for $2B • Early 2026: Acqui-hired Moltbook team • Scale AI's Alexandr Wang stepped down as CEO to become Meta's first Chief AI Officer • March 23: Dreamer team (agentic AI platform) joins Meta Superintelligence Labs All of these teams are going into one division under Wang. Zuckerberg isn't just building models, he's assembling an entire talent army for agents. The Dreamer one is interesting because they were only in beta for a month before Meta grabbed them. The product let regular people build their own AI agents. Thousands of users already. Feels like Meta is betting everything on agents being the next platform shift, not just chatbots. What do you guys think - is this a smart consolidation play or is Zuck just panic-buying talent because open-source alone isn't enough? Full breakdown here submitted by /u/This_Suggestion_7891 [link] [comments]

How I stopped guessing and started structuring: A simple scaffold for consistent prompting.

Hi everyone, I’ve noticed that while most of us know the theory behind a good prompt, it’s still easy to get lazy or forget key constraints when we're actually typing into the chatbox. This usually leads to the model "hallucinating" or ignoring instructions. To solve this for my own workflow, I built Prompt Scaffold — a guided form that turns prompt engineering into a standardized process. It forces you to think through the five pillars of a great prompt before you hit send, ensuring you never miss a field again. Key Features: 📝 Structured Fields: Dedicated inputs for Role, Task, Context, Format, and Negative Constraints. ⚡ Live Preview: See your assembled prompt update in real-time as you type. 🔢 Token Estimation: Includes a running token count (approx. 1 token ≈ 4 chars) so you can manage your context window usage. 📋 One-Click Copy: Quickly move your structured prompt into ChatGPT, Claude, or Gemini. 🗂️ Built-in Templates: Starter presets for coding, writing, and email drafting to get you moving faster. 🔒 100% Private: This is a client-side tool. Everything runs in your browser; no data is ever sent to a server. I’d love to get some feedback from this community. Does having a structured UI help your prompting flow, or do you prefer free-typing? Prompt Scaffold: The Ultimate AI Prompt Builder & Template submitted by /u/blobxiaoyao [link] [comments]

[P] Built a Interactive Web for PINN Solving the 2D Heat Equation

Hey everyone, I’ve been working on the idea of taking Scientific AI out of research notebooks and making it accessible as a useful real-time tool. I just finished the first interactive demo, and I’d love some feedback. I built and trained a 2D thermal simulation engine of two chips on a circuit board using Physics-Informed Neural Networks (PINNs), to solve the 2D heat equation. Exporting the trained model as ONNX, I build up a simple interactive web app in the browser which allows users to interact with the PINN model by varying the parameters like chip power and ambient temperature to obtain the temperature heatmap and hotspot temperatures. The Tech Stack: AI: Trained a custom PINN in Python using DeepXDE with PyTorch backend Deployment: Exported to ONNX for high-performance cross-platform execution. Web: Built with Blazor WebAssembly and hosted on Azure. The simulation runs entirely client-side. Live Demo: https://www.quantyzelabs.com/thermal-inference I'm currently working on improving the boundary condition flexibility and accuracy for more complex board layouts. I’d love to hear your feedback and where you think this approach has the most potential. Cheers! submitted by /u/wyzard135 [link] [comments]