AI 资讯
AI Agent Runtime Policy: Stop Dangerous Tool Calls Before They Execute
An AI agent does not need to be malicious to damage production. It only needs the wrong tool, the wrong database, the wrong customer ID, or one confident step that nobody checked. That is the uncomfortable part of building agentic features: prompts can suggest safe behavior, but they do not enforce it. If your agent can call tools, write records, send emails, run SQL, trigger workflows, or spend money, you need a deterministic layer between the model and the action. That layer is an AI agent runtime policy system. Think of it as a security checkpoint for every tool call. The model can propose an action. The policy layer decides whether that action is allowed, denied, modified, delayed for approval, or logged for review. This guide is for builders shipping AI features with real customer impact. No vendor pitch. Just architecture, checks, schemas, and mistakes to avoid. Why runtime policy matters now AI products are moving from chat boxes to agents that act. Recent developer signals point in the same direction: agent-first frameworks, AI gateways with spend caps, MCP-style tool registries, human-in-the-loop workflows, and tool authorization experiments. The industry is making it easier to give agents more tools. That creates a new risk. Most apps already check what a human user can do. But agent execution is a chain: user intent -> prompt -> model reasoning -> tool selection -> arguments -> execution -> side effect A normal permission check near the API endpoint is still required, but it does not answer everything: Should the agent attempt this action at all? Does the action match the user's request? Is the target tenant correct? Is the cost acceptable? Does it require approval? Is the agent stuck in a retry loop? Runtime policy answers those questions before execution. What existing AI security content often misses A lot of content explains prompt injection, RAG risks, or broad AI governance. Useful, but builders often need a narrower answer: "My agent is about to ca
AI 资讯
The One-Click Exporter: AI Studio Antigravity, Probed to Its Limits
What nobody tells you about exporting your multi-agent prototype to a local workspace. Every architect who's prototyped a multi-agent app in Google AI Studio eventually hits the same wall: the prototype works, but it lives in a browser tab. At I/O 2026, Google shipped a fix — Export to Antigravity, a one-click handoff to a local production workspace, carrying "all the context" with it. I ran a real two-agent prototype through it. Here's exactly what survived the trip, what didn't, and what I had to fix by hand — including a bug that had nothing to do with the export itself. 1. The Pilot Project + The Click The project: Research Digest — a sequential two-agent app. Agent 1 (Researcher) takes a topic, uses grounded web search to gather sources. Agent 2 (Editor) synthesizes those findings into a polished digest. Persistence via Firestore, with a history archive of past digests. Built entirely from a single prompt in AI Studio's Build mode . Along the way, provisioning Firestore surfaced my first real gotcha before I even got to the export step — more on that below. Triggering the export: Code tab → Export → Export to Antigravity. The dialog is genuinely informative — it tells you upfront what's coming: all project files, conversation history, and explicitly "1 secret will be included." 2. What Actually Survives the Trip The export dialog's claims, checked one by one: Claimed to transfer What I found All project files ✅ Confirmed — full structure landed intact: .agents, .antigravity, src, config files, README.md with setup instructions Secrets (1 secret) ✅ Confirmed — GEMINI_API_KEY arrived populated in .env, worked immediately, no manual re-entry Conversation history history❌ Did not transfer. The imported "Research Digest" project showed "No conversations yet" in Antigravity's Agent Manager, despite the dialog's explicit promise. Checked twice, on two separate screens — consistent result. 3. The Gotchas Gotcha 1 — "Conversation history will carry over" is currently no
AI 资讯
Semantic Drift in LLMs: How Archetypal Attractors (Like “Goblin”) Emerge and How Structured Reflection Reduces Them
Large language models often develop recurring symbolic patterns — archetypes, metaphors, and memetic shortcuts — that appear across unrelated contexts. One observed example is the repeated emergence of fantasy-based metaphors such as “goblins,” “gremlins,” or similar entities when describing abstract system behavior, errors, or complexity. This article presents a structured analytical trace (A11 framework passes) showing how such patterns emerge from the interaction between reinforcement learning, cultural priors in training data, and user feedback loops. It also explores how introducing explicit interpretability layers can reduce the risk of these symbolic attractors becoming dominant explanatory shortcuts in model behavior. The first A11 pass S1 — Will Understand the causal mechanism: why the “goblin / fantasy drift” emerged in LLMs S2 — Wisdom (constraints) Main pitfall: confusing correlation (goblins appearing in outputs) with causation (why those specific symbols emerge) Also: “goblins” are not a standalone phenomenon they are a case of broader archetypal language drift S3 — Knowledge (what is actually known) There are 5 established mechanisms in LLM behavior: 1. RLHF reinforces “socially engaging metaphors” Models are rewarded for: vividness humor imagery human-like explanations ➡️ fantasy imagery tends to score highly 2. Internet prior already contains strong fantasy culture Training data includes: Reddit gaming discourse D&D culture fanfiction ➡️ “goblin / elf / troll” already exist as: universal behavioral archetypes 3. Compression effect (semantic abstraction) The model seeks compact semantic units: goblin = chaotic / greedy / messy / low-level failure mode ➡️ one token replaces a complex description 4. User feedback loop If the model says: “it’s like a goblin” users: react positively repeat it reinforce it in conversation ➡️ increases probability of reuse 5. Cross-task transfer (persona leakage) Stylistic patterns from: coding assistant mode creative mode
AI 资讯
GLM 5.2 and the Collapse of AI Margins: Open-Source Models Are Rewriting the Rules of the Industry
GLM 5.2 and the Collapse of AI Margins: Open-Source Models Are Rewriting the Rules of the Industry Introduction: A "Counterintuitive" Open-Source Release Figure 1: The core drivers of the AI margin collapse — open-source models, price competition, and surging usage In 2026, Zhipu AI quietly published the GLM 5.2 open-source model on Hugging Face. This news lingered in AI practitioners' information streams for less than half a day before being drowned out by the next wave of updates. But those who were truly sharp noticed a set of data: GLM 5.2's performance across multiple authoritative benchmarks was nearly on par with top-tier closed-source models like GPT-4o and Claude 3.5 Sonnet — yet its inference cost was only a fraction of theirs. This is no longer a story of "catching up." This is leapfrogging . Even more telling is that this news triggered a fierce debate in the overseas tech community: opinion leaders including a16z partners and former Stripe executives waded in, discussing a somewhat brutal topic — "AI margins are collapsing." This discussion quickly spread from tech circles to investment circles, because it points directly at a core question: When open-source models' capabilities approach or even partially surpass those of closed-source models, how long can the existing AI business model hold up? If 2023's open-source models were still "toys" — with cliff-like gaps from closed-source products in complex reasoning, code generation, and multi-turn dialogue — then the 2024-2025 open-source models are no longer "value-for-money alternatives," but a fundamentally new paradigm threat. The release of GLM 5.2 is merely the latest signal flare of this paradigm shift. In this article, we'll unpack three things: what GLM 5.2 got right, how open-source models have rewritten AI pricing power, and the true industry realignment behind this "margin collapse." Technical Core: The Architecture Secrets of GLM 5.2 Figure 2: Schematic of GLM-5.2's MoE (Mixture of Experts) la
AI 资讯
I Did the Math on GPT-5.6. The $2.50 Terra Tier Is the One I'd Ship First.
GPT-5.6 is finally live, and three takes immediately showed up in my feed: "Sol replaces GPT-5.5 everywhere." "The API still isn't broadly available." "The 1.05M context window means you can stop thinking about prompt size." Two are wrong. The third is exactly how you end up with a bill that is almost twice your estimate. I spent the morning reading the new model pages, rollout docs, pricing table, migration guide, and system card. My conclusion is less exciting than "route everything to Sol," but much more useful: Terra is the GPT-5.6 tier I'd test first for most production workloads. TL;DR No, GPT-5.6 Sol should not replace every GPT-5.5 request. It has the same $5/$30 standard token price and different agent behavior. Yes, the API is live. Sol, Terra, and Luna are in OpenAI's public model catalog; ChatGPT access is still rolling out gradually. Terra is the practical default: $2.50 input and $15 output per million tokens, exactly half Sol's price. Luna is the volume tier: $1 input and $6 output, with the same 1.05M context window. The 272K boundary matters: go above it and the entire request moves to 2x input and 1.5x output pricing. The uncomfortable part: OpenAI says GPT-5.6 is more likely than GPT-5.5 to take actions beyond user intent in agentic coding. What actually shipped This isn't one model with three marketing labels. It is a three-tier family with explicit model IDs. Tier Model ID Input / 1M Output / 1M My default use Sol gpt-5.6-sol $5.00 $30.00 Hard coding and deep analysis Terra gpt-5.6-terra $2.50 $15.00 General production Luna gpt-5.6-luna $1.00 $6.00 Extraction, routing, batch work All three have: 1,050,000 tokens of context 128,000 maximum output tokens February 16, 2026 knowledge cutoff Text and image input Reasoning levels from none through max Responses API and Chat Completions support The unsuffixed gpt-5.6 alias points to Sol. I wouldn't use that alias in a cost-sensitive production service. An explicit model tier makes billing behavior easi
AI 资讯
I'm Building Claude Basecamp — an Open-Source OS for Everything Claude Code (and I Need Help)
Quick confession: this started as "let me stop babysitting my tests and just make them stay green," and it turned into something a lot bigger. I want to be upfront about where I'm actually trying to take it. I built Claude Basecamp, and as of today it's open source. The reconciliation loop (declare "tests always green," it holds that true) is the part you'll notice first, but it's not really the point. The point is I want this to become the operating system for everything you do with Claude Code, one place that knows about every repo, every session, every routine, every connector, every skill, and every mistake it's ever made, instead of all of that living scattered across terminal windows and dead transcripts. Right now it already covers a decent chunk of that: npx claude-basecamp No install, no config. It finds the projects Claude Code already knows about and opens at http://localhost:4747 . Standing checks , the reconciliation loop. "Tests always green," "dependencies current," "the README documents every CLI flag" — say it once, Basecamp keeps it true, dispatches a fix run when it drifts, and only bugs you for the decisions that actually need a human. Reflexes. It goes back through your old transcripts, finds every time you said "no, don't do that," and turns it into a standing memory that every Claude Code session on your machine checks before touching Bash, Write, or Edit. A mistake made once doesn't get to happen a third time. Session Rescue. Resumes the actual dead session, same session ID, full context, when Claude Code dies mid-task, instead of starting over from scratch. A manager for every repo you just talk to: "keep the tests green," "track this goal," "what's the state of this repo?" Plus routines, background runs, an activity feed, stats, GitHub issue and PR hooks, notifications, webhooks, and a one-click catalog for connectors and skills. That's where it is today. What I actually want it to become is the default place you open whenever you're workin
AI 资讯
Pure ReAct is expensive and fragile. Sparsi lowers costs and increases reliability.
If you’ve built AI applications in production recently, you’ve probably hit the "Agent Wall." You build a ReAct agent, give it 10 granular tools (search, extract, route, format), a massive system prompt, and tell it to go to work. It feels like magic...until you look at your latency metrics and token bills. Today’s agents act as interpreters. They re-derive the exact same routines from scratch on every single request . They embed massive tool schemas and reasoning histories into every loop. It's slow, it's incredibly token-hungry, and occasionally, they hallucinate tool calls, drop constraints, or get stuck in endless reasoning loops. In a production environment, even occasional errors can be critical failures that waste time and tokens. The problem isn't the ReAct pattern itself. The problem is that we are forcing the LLM to orchestrate low-level, predictable logic that should be deterministic code. We got tired of paying the "reasoning tax" for sub-routines that don't need it. So, we built Sparsi —a framework for shifting complex logic out of your ReAct agent's prompt and into deterministic "Macro-Tools" built as DAGs (Directed Acyclic Graphs). The Macro-Tool Pattern There are two ways to use Sparsi: as an end-to-end solution for a specific task, or to create higher-level tools that plug into your existing agents. The latter is where the magic happens. Instead of giving your ReAct agent 10 tiny, flaky tools and hoping it chains them correctly, you build one highly reliable, deterministic Sparsi DAG to handle that specific sub-routine. You then expose that DAG to your agent as a single Model Context Protocol (MCP) tool. The overall agent still drives the conversation, but it delegates the heavy lifting to a reliable macro-tool. We chose the DAG architecture for three main reasons: Deterministic & Testable: The graph is made of plain code. You only run AI where natural language understanding is strictly required. Parallel by Architecture: Independent branches run co
AI 资讯
I Open-Sourced Claude Basecamp — Come Help Me Build a Reconciliation Loop for Claude Code
Kubernetes changed infrastructure forever with one idea: you declare desired state, and the system continuously reconciles reality to match it. I wanted that for my codebase, so I built Claude Basecamp and I'm open-sourcing it today. If you're running Claude Code across more than one repo, I'd genuinely love for you to try it, break it, and help me build it out. Try it in one command npx claude-basecamp No install, no database, no config. It discovers the projects Claude Code already knows about and opens at http://localhost:4747 . Runs on macOS, Linux, and Windows. What it does Standing checks, the reconciliation loop. Declare what must always be true, and Basecamp holds it: tests always green -> runs your suite on a cadence; failures dispatch a fix run that commits dependencies current -> npm outdated; safe updates applied, majors escalated to you issue backlog triaged -> gh-powered labeling and stale-closing anything in plain English -> "the README documents every CLI flag" checked read-only, fixed on drift Checks run against deterministic local facts (your real test suite, real npm outdated) wherever possible, zero tokens spent checking. Drift launches a bounded, budgeted, approval-gated convergence run. Repeated failure escalates to a decision card on Home instead of retrying forever. Reflexes, an immune system for your AI. Basecamp mines every transcript for the moments you pushed back (interruptions, "no, don't", permission denials) and turns each into an antibody. Once armed, every Claude Code session on your machine consults that memory before every Bash/Write/Edit action, so a mistake made twice gets blocked machine-wide before it happens a third time. Session Rescue. Notices when a Claude Code session died mid-task and lets you resume the actual dead session, same session ID, full context, as a background run that finishes the job and commits. A persistent manager for every repo. Each project gets an agent with full Claude Code tools plus control over Bas
AI 资讯
I tracked every trending AI repo's stars daily for 3 weeks. The growth is not where I expected
I run a small AI trends site, and three weeks ago I started doing something simple: every day, snapshot the star count of every repo that crosses my GitHub trending scan for AI. No judgment, no curation, just append-only rows in a database. 611 repos and 2,671 data points later (June 19 to July 10), the picture of what's actually growing looks pretty different from what my feeds told me was hot. Here's what the data says. Before publishing this I re-checked every number below against GitHub's live API. Star counts drift by the hour, so treat them as of July 10. The top 10 risers, by raw stars gained Repo Gained Window From → To calesthio/OpenMontage +30,253 21 days 5,899 → 36,152 DeusData/codebase-memory-mcp +20,483 19 days 7,516 → 27,999 mattpocock/skills +19,053 15 days 137,485 → 156,538 obra/superpowers +16,887 20 days 232,908 → 249,795 NousResearch/hermes-agent +14,896 21 days 197,297 → 212,193 Panniantong/Agent-Reach +14,334 14 days 34,780 → 49,114 usestrix/strix +13,243 12 days 26,363 → 39,606 addyosmani/agent-skills +12,685 21 days 63,156 → 75,841 asgeirtj/system_prompts_leaks +11,720 21 days 43,415 → 55,135 msitarzewski/agency-agents +11,055 10 days 118,241 → 129,296 Windows differ because I only hold snapshots for the days a repo appeared in my scan; each row states its own real window. Three things in this data genuinely surprised me. 1. "Skills" are eating agent frameworks Four of the top ten are not agent frameworks. They are collections of packaged expertise that plug into an existing agent: obra/superpowers (still compounding at roughly 840 stars a day on a 250k base), mattpocock/skills, addyosmani/agent-skills, msitarzewski/agency-agents. A year ago this table would have been full of new frameworks. Now the framework layer looks settled and the growth is in what you load INTO the agent. The moat moved from orchestration code to encoded judgment. 2. The sharpest climbs are applications, not infrastructure The steepest sustained climb from a newcomer in
AI 资讯
Build an AI Changelog Generator in Python
Writing changelogs is one of those developer tasks that sounds simple until you are staring at a messy commit history. Some commits matter to users. Some are internal cleanup. Some are merge commits. Some are meaningful only if you already know the codebase. I built a small Python example that turns commit messages or git diffs into structured changelog JSON using Telnyx AI Inference. Code: https://github.com/team-telnyx/telnyx-code-examples/tree/main/changelog-generator-python What it does The Flask app exposes: POST /generate POST /generate/from-diff GET /changelogs GET /changelogs/<id> GET /health POST /generate accepts a list of commit messages: { "version" : "v1.4.0" , "repo_name" : "billing-service" , "commits" : [ "feat: add Stripe webhook retry with exponential backoff" , "fix: correct tax calculation for EU VAT exemption" , "docs: update API reference for invoice endpoint" ] } The app asks Telnyx AI Inference to return grouped changelog JSON with sections like: Features Bug Fixes Improvements Breaking Changes Documentation Other There is also a POST /generate/from-diff endpoint if you want to summarize a git diff instead of commit messages. Why structured output matters For a changelog tool, plain text is useful, but structured output is more flexible. If the response comes back as JSON, you can: render it in a docs site save it in a release database post it into a PR comment send it to Slack open a release-note review workflow let a human approve it before publishing The example stores generated changelogs in memory and gives each one an ID, so you can list recent changelogs or retrieve a specific one. Run it Clone the examples repo: git clone https://github.com/team-telnyx/telnyx-code-examples.git cd telnyx-code-examples/changelog-generator-python Create your .env file: cp .env.example .env Add your Telnyx API key: TELNYX_API_KEY=your_telnyx_api_key AI_MODEL=moonshotai/Kimi-K2.6 HOST=127.0.0.1 Install and run: pip install -r requirements.txt python app.py
AI 资讯
Point any app at a local LLM on your Mac (OpenAI-compatible endpoints)
Most apps that grew an "AI" feature in the last two years talk to one of a handful of cloud APIs, and almost all of them speak the same dialect: the OpenAI Chat Completions format. That one detail is the reason you can pull the cloud out and run the whole thing locally on a Mac without the app ever noticing. Here is the trick, why it works, and the gotchas that bite. The one interface everything agrees on OpenAI's /v1/chat/completions endpoint became the de facto standard. So when an app lets you "use your own key" or "set a custom base URL," it is almost always going to POST to {base_url}/chat/completions with a JSON body of messages and read back the same shape. It does not care what is on the other end, only that the response matches. Local runners leaned into this. Both popular Mac ones expose exactly that endpoint: Ollama serves an OpenAI-compatible API at http://localhost:11434/v1 (its native API lives on /api , but the /v1 path speaks the OpenAI dialect). LM Studio has a built-in server you switch on from the Developer tab, serving on http://localhost:1234/v1 . So "make this app local" usually reduces to: point its base URL at one of those, put any non-empty string where it wants an API key, and pick a model you have pulled. The 60-second version Ollama: brew install ollama # or the .dmg from ollama.com ollama serve & # server on :11434 ollama pull llama3.1:8b # pull a model once Confirm it speaks OpenAI: curl http://localhost:11434/v1/chat/completions \ -H "Content-Type: application/json" \ -d '{ "model": "llama3.1:8b", "messages": [{"role": "user", "content": "say hi in 3 words"}] }' If that returns a choices[0].message.content , any OpenAI-compatible client can use it. In the app, set: Base URL: http://localhost:11434/v1 API key: ollama (or literally anything; it is ignored) Model: llama3.1:8b LM Studio is the same idea with a GUI: load a model, toggle the server on, and use base URL http://localhost:1234/v1 . Pointing real tools at it The pattern shows up
AI 资讯
OpenAI says GPT 5.6 is the ‘preferred model’ for Microsoft Copilot 365 amid breakup chatter
OpenAI's new family of models will continue to power Microsoft's suite of workplace and productivity apps.
AI 资讯
Microsoft’s carbon emissions went up 25 percent last year
Microsoft may once again be struggling to keep up with its own climate goals, according to its 2026 sustainability report. As reported by GeekWire, the report states that Microsoft's carbon emissions increased 25 percent in 2025, totalling 34 million metric tons "without select interventions." Microsoft says this was "driven primarily by the expansion of our […]
AI 资讯
Getting started with ChatGPT
Learn how to use ChatGPT, start your first conversation, and discover simple ways to write, brainstorm, and solve problems with AI.
AI 资讯
Fidji Simo steps down from OpenAI’s no. 2 role
OpenAI's No. 2 executive, Fidji Simo, is stepping down from her full-time role after her medical leave proved longer than expected — a leadership vacuum that comes at a tricky time as the company eyes a possible IPO and races to catch Anthropic in the enterprise market.
AI 资讯
Fidji Simo steps down from leading OpenAI’s AGI work due to illness
OpenAI's Fidji Simo is departing her full-time role as the company's AGI chief and is transitioning to being a "part-time advisor," she said on X. The news follows Simo's original announcement in April that she would take a few weeks of medical leave due to a neuroimmune condition, shortly after she had taken on the […]
AI 资讯
OpenAI’s CEO of AGI Deployment, Fidji Simo, Is Stepping Down
The move comes after Simo took significant medical leave. She will stay on as a part-time adviser.
开源项目
Netflix reportedly considers adding always-on channels
Netflix is thinking about adding always-on channels that would stream specific shows and movies, according to The Wall Street Journal. The move sounds like a Netflix version of always-on services like Pluto TV and Tubi, except the big hook for those is that they're free - because of the ads you have to watch. Netflix […]
科技前沿
Days after announcing mass layoffs, Xbox CEO Asha Sharma tapped to advise the Federal Reserve on jobs
That's a choice.
AI 资讯
OpenAI launches its new family of models with GPT-5.6
OpenAI's latest family of models promises improvements across a range of areas, including cybersecurity.