AI 资讯
Chainlink Functions Is Serverless Compute With Oracle Guarantees. Here's the Full Request Lifecycle.
The mental model most people have is too simple "Chainlink Functions lets smart contracts call APIs." That's true the same way "Ethereum lets people send money" is true. Technically accurate, misses almost everything that makes the product interesting and almost everything that matters for security. Chainlink Functions is better understood as a decentralized serverless compute platform: arbitrary JavaScript runs across every node in a DON, each node executes independently, OCR aggregates the results, and the aggregated output gets delivered back to the consumer contract through a verified callback. The "API call" is just one of the things that JavaScript can do inside that environment. The DON consensus and the threshold-encrypted secrets model are what make it meaningfully different from a centralized API proxy. This is day 9 of the 28-day Chainlink architecture series. Today covers the full request lifecycle, every contract in the chain, how threshold encryption protects secrets without exposing them to any individual node, and the integration mistakes that come from misunderstanding how billing and callbacks actually work. The four contracts you need to understand Before tracing the full lifecycle, it helps to know exactly which contract does what. FunctionsRouter : the stable, immutable entry point for consumers. Manages subscriptions and authorized consumer contracts. Its interface doesn't change when the underlying implementation upgrades, consumer contracts call sendRequest here and only here. Also handles billing: estimates fulfillment cost at request time and finalizes it at response time. FunctionsCoordinator : the interface between the Router and the DON. Emits the OracleRequest event that DON nodes watch for. Handles fee distribution to transmitters via a fee pool. Inherits from OCR2Base , meaning the full OCR consensus machinery runs here. This contract can be upgraded independently of the Router, which is why the Router exists as a stable facade in fro
AI 资讯
Agentic payments: your AI agent can pay - but can it get paid?
Everyone is building rails for AI agents to spend money. Google's AP2 gives agents payment mandates. Coinbase's x402 pattern turns HTTP 402 into machine-to-machine micropayments. Agent wallets are everywhere. But watch what agents actually do all day in 2026: they build products. A Lovable app in an evening. A SaaS in Cursor over a weekend. And every one of those products eventually needs the thing no spending protocol covers — accepting money. The wall every agent hits Here's a session I've watched a hundred times: ➜ ~ claude "finish my app" ✓ scaffold — Next.js + Tailwind ✓ UI — components & design system ✓ UX — onboarding flow polished ✓ auth — Google sign-in wired ✓ database — schema + migrations ✓ deploy — production live ▸ application is almost ready… ✗ missing: payments And then the agent — which just shipped a full product in one session — tells you: "To accept payments you need a merchant account. Traditional PSP onboarding requires a compliance review — expect to wait at least a week for approval." An app built in an evening, waiting 7 days for permission to charge £1. That's not risk management. That's a workflow designed when software took months to ship, and nobody went back to fix it. Your other options aren't better: no company? The classic path detours through Stripe Atlas ($500) and an IRS EIN wait that stretches to weeks for non-US founders — before you can even apply . Software's bottleneck has moved — from writing code to accepting payments. What "agent-native" means on the merchant side The spending side got protocols. The earning side needs four properties: 1. Machine-readable everything. Docs an agent consumes in one pass — llms.txt , agents-first API references. The integrating developer is increasingly not a human. 2. Provisioning tools, not just management tools. Stripe's MCP server can operate an account you already have — customers, refunds, invoices. The agent-native question is one level deeper: create the account. 3. Progressive KYB. G
AI 资讯
How I made an AI Agent write in my voice
Let's be honest, AI-written blogs have a certain... vibe. You know it, I know it, and your readers can smell it from the very first paragraph. But here's my take: you can make AI write in your voice, just not with a "generic" prompt. What actually worked for me is an agent skill with three parts: a voice profile built from seven of my real writing samples, a kill list of AI phrases, and a feedback loop that turns my edits into permanent rules. And here comes the twist, the blog you are reading right now is the very first output of that system! So, let me walk you through exactly how I built it, and you can judge for yourself whether it sounds like a human or not. Why does AI writing sound so... AI? Before fixing the problem, let's understand it from the ground up. An LLM is trained on billions of documents, so by default, it writes like the average of all of them. That's where phrases like "in today's fast-paced world"s come from, and those perfectly balanced conclusions that never pick a side. It's not that the model is dumb. It's that the average of a million voices is no voice at all. And your voice is the exact opposite of average. It's the specific way you break grammar rules, and the things you're willing to admit that others won't. I've written multiple technical blogs for different startups including Keploy, Devbytes and many more, and have been blogging on Hashnode since 2023. So when I asked AI to draft posts "in my style" with a simple prompt, the result was always the same: grammatically perfect, structurally neat, and absolutely not me. So, can you actually make AI write in your voice? Well, yes. But you have to show it, not describe it. "Write in a friendly, conversational tone" gives everyone on the internet the same friendly, conversational tone. What you need instead is a system that extracts the mechanics of your writing from real samples, and then enforces them like rules. Mine has three parts. Part 1: The voice profile I gave the agent seven samp
AI 资讯
Your Terminal Has Amnesia. I Spent My Semester Trying to Fix That.
Your Terminal Has Amnesia. I Fixed it. Every terminal I've ever used has the same problem. You close it. You open it again. It has no idea what happened yesterday. It doesn't remember the command that finally fixed that weird Cargo error after two hours of debugging. It doesn't remember that you always use pnpm instead of npm . It doesn't remember the project you spent all week working on. Every session starts from zero. After a while I realized something strange. My terminal forgot everything. I was the memory. So I started building Luna. It didn't start as an AI project. It started as a frustration. I'm a Computer Science student, and like most developers, I spend a huge part of my day inside a terminal. Not because terminals are exciting. Because that's where software gets built. After a few months I noticed I wasn't struggling with commands. I was struggling with remembering everything around them. Google the same error. Copy the solution. Paste it. Forget it. Repeat three weeks later. Or I'd switch to another project for a few days, come back, and think: "How did I solve this last time?" The terminal had no answer. It never does. History only tells you what you typed. It never tells you why . So I asked a simple question. What if the terminal remembered? Not just command history. Actually remembered. Projects. Errors. Directories. Commands that worked. Commands that failed. Patterns in how I work. That question eventually became Luna. Before writing any AI code, I had to answer another question. What exactly is Luna? A shell? A wrapper? A plugin? A chatbot? I realized pretty quickly I didn't want another tool sitting on top of Bash. I wanted something that actually felt like its own terminal. So Luna became its own shell. Not a plugin. Not an extension. A standalone binary written in Rust. How Luna actually works At a very high level, Luna is surprisingly simple. You │ ▼ Natural Language Input │ ▼ AI Provider (Groq • Gemini • Claude • OpenAI • Ollama...) │ ▼ Sa
AI 资讯
You Can't Review an Agent. You Can Review a Plan.
A harness for AI-era Terraform. I'm building one. For a while now I've been developing a harness for infrastructure-as-code as a private SDK and compiler — the layer that sits between whoever proposes a change (a person, an agent, CI) and whatever actually reaches production. This post isn't the tool. It's the thinking underneath it, and the few pieces I've become most convinced by while building it. (Notes from inside the work — where I've landed so far, not advice.) The problem that sent me down this road is easy to state and easy to underrate. A version of it happened recently. An agent fixed some Terraform; the PR read clean — tidy diff, sensible resource names, a plan output that looked exactly like what I'd asked for. It got approved. And then, at apply time, a different plan ran than the one that was reviewed: apply had re-planned against state that moved in between, and the diff that touched production wasn't quite the diff anyone had read. Nothing broke, that time. But that near-miss is the whole reason the harness exists. Because the danger was never "the agent writes bad HCL." Agents write perfectly good HCL; I let them. The danger is the distance between the plan a human reviewed and the plan that actually runs — and once agents are the ones proposing changes at volume, that distance is the thing I most want to nail shut. Where I've landed for now (and expect to keep revising): What AI-era IaC needs isn't AI that can apply . It's a structure where every change — human or agent — is evaluated at the same boundary , and only a reviewed plan ships. The unit of trust isn't the agent. It's a specific, reviewed plan , bound byte for byte. You can't review an agent. You can only review a plan. Instructions to an agent can be broken. A CI gate can't be talked out of it. Put guidance in the prompt; put the guarantee in the gate. Terraform/OpenTofu don't go away. You wrap them in a harness; you don't replace them. Your repo has non-human authors now For years IaC
AI 资讯
How I Cut Our AI API Bill by 95% — The Engineering Playbook
How I Cut Our AI API Bill by 95% — The Engineering Playbook When our finance lead forwarded me the AWS bill for March, I almost choked on my coffee. We were a team of nine engineers shipping AI features, and somehow we'd burned through enough on inference to cover two salaries. The worst part? I hadn't even noticed because the charges were scattered across OpenAI, Anthropic, and a couple of side experiments. That's the moment I decided to actually treat LLM spending like a real infrastructure problem instead of a credit card swipe. What follows is the playbook I wish I'd had on day one. These aren't theoretical tips — they're the exact moves I made across three products to get our run-rate down to roughly 5% of where it started, without shipping worse software. The Harsh Truth About Model Defaults Here's the dirty secret nobody tells you in the LLM hype cycle: most teams default to the most famous model for every single call. GPT-4o for everything. Claude Sonnet for everything. Then they wonder why their "simple AI feature" costs them a kidney. The model selection decision is where I recovered the majority of my budget. When you look at it rationally, the gap between the flagship tier and the cheap-tier models is absurd for tasks that don't require frontier reasoning. This is the matrix I landed on, and it still governs our routing today: Task What I Used To Use What I Use Now Cost Cut Simple chat GPT-4o ($10/M out) DeepSeek V4 Flash ($0.25/M) 97.5% Classification GPT-4o-mini ($0.60/M) Qwen3-8B ($0.01/M) 98.3% Code generation GPT-4o ($10/M) DeepSeek Coder ($0.25/M) 97.5% Summarization GPT-4o ($10/M) Qwen3-32B ($0.28/M) 97.2% Translation GPT-4o ($10/M) Qwen-MT-Turbo ($0.30/M) 97% I want you to really sit with the classification row. Qwen3-8B at $0.01 per million output tokens. That's sixty times cheaper than GPT-4o-mini. For a binary sentiment classifier, the accuracy difference in my benchmarks was under 1.5 percentage points. The ROI math isn't even close. The code
AI 资讯
What I Learned After Building AI Systems Across Multiple Brands
One of the biggest misconceptions about AI is that every project is unique. At first glance, it certainly feels that way. One project is a chatbot. Another is an AI-powered search system. Another automates documentation. Another generates code. But after building AI systems across multiple brands and initiatives, I started noticing something surprising. The technology changes. The business domain changes. The users change. The underlying principles rarely do. Here are some of the biggest lessons I've learned. 1. AI Doesn't Fix Broken Systems Many teams believe AI will solve operational problems. In reality, AI usually exposes them. If documentation is inconsistent, AI becomes inconsistent. If data is outdated, AI produces outdated answers. If workflows are unclear, automation becomes unreliable. One of the biggest lessons I've learned is this: AI amplifies the quality of your existing systems. It rarely compensates for poor foundations. That's why I spend far more time understanding processes than choosing models. 2. Simplicity Beats Complexity Every new AI framework looks exciting. Agents. Memory. Planning. Reflection. Tool calling. Multi-agent orchestration. I've experimented with many of these approaches, but one principle keeps proving itself. The simplest solution that solves the problem is usually the best solution. A straightforward workflow is often easier to: Build Test Maintain Scale Explain Complexity should be introduced only when it delivers clear value. 3. Prompt Libraries Are More Valuable Than Individual Prompts When I first started using AI, I wrote prompts from scratch. Eventually I realized I was solving the same problems repeatedly. Now I build prompt libraries. Instead of creating new prompts every day, I improve existing ones. This creates consistency across projects. If you're interested in how I manage this, I recently shared the system I use to organize more than 10,000 prompts across different projects. The shift from individual prompts to
AI 资讯
AI Model Context Protocol Adds Centralised Auth for Enterprise
The Model Context Protocol team has promoted its Enterprise-Managed Authorisation extension to stable status, adding a centralised way for organisations to control access to MCP servers through their identity provider. The project states the aim is to replace per-server consent prompts with a zero-touch flow in which users sign in once and then access approved servers without further setup. By Matt Saunders
AI 资讯
A practical regression test case template for bug fixes
When a bug is fixed, most teams retest the exact failure path once and move on. That is understandable, but it leaves a gap: the team learned something from a real failure, then failed to turn that learning into reusable regression coverage. Here is a lightweight template I use for turning resolved bugs into regression test cases that can be copied into a spreadsheet, Jira, TestRail, Qase, Xray, Zephyr, or any other QA workflow. The CSV fields For a bug fix regression test, I like these columns: Test ID Bug ID Feature Area Regression Scenario Original Failure Preconditions Test Data Steps Expected Result Negative Check Priority Regression Risk Test Type Automation Candidate Notes This is enough structure to make the test reusable without turning every bug fix into a heavyweight test plan. Example bug Bug ID: BUG-1842 Bug title: Non-admin users could resend workspace invitations. Original failure: A workspace member could open Pending Invitations and click Resend, even though only owners and admins should be allowed to resend invitation emails. Fix summary: The resend invitation action now checks the user's workspace role before sending the email. Example regression test case Test ID: REG-BUG-1842-001 Feature Area: Workspace invitations Regression Scenario: Workspace member cannot resend a pending invitation. Preconditions: Workspace has at least one pending invitation. Test user is a workspace member, not an owner or admin. User is logged in. Steps: Log in as the workspace member. Open Workspace Settings. Go to Pending Invitations. Locate the pending invitation. Check whether the Resend action is visible or available. If the action can be triggered through the API, attempt the resend request. Expected Result: The member cannot resend the pending invitation. The UI hides or disables the action, and the API rejects unauthorized resend attempts. Negative Check: Confirm that an owner or admin can still resend the invitation if product rules allow it. Priority: High Regr
AI 资讯
Loop Engineering Explained for Developers!
With a Real CI Automation Example Loop Engineering is suddenly everywhere, and honestly, I wanted to understand it properly instead of just repeating the buzzword. The simplest way I can explain Loop Engineering is this: it replaces me as the person constantly prompting the agent. Instead of me manually noticing a problem, deciding what it means, writing the next prompt, and pushing the process forward, I design a system that keeps moving on its own until it reaches the outcome I want. That is the whole point of Loop Engineering. I stop acting like the operator and start acting like the system designer. To make that idea concrete, I built a practical software engineering workflow around CI failures. Whenever a GitHub Actions CI run fails, the system automatically classifies the failure, creates a Jira bug for real issues, sends a Slack notification, and records the outcome so it does not process the same failure twice. What Loop Engineering actually means Early AI workflows were mostly linear. I would give a prompt, the model would return an answer, and if the answer was incomplete or wrong, I would jump back in and prompt again. That worked, but it kept me trapped inside the process. Loop Engineering changes that dynamic. I am no longer the person babysitting each step. I build an autonomous loop that can observe, decide, act, and persist state. The system keeps iterating until the task is done, without needing me to micromanage it. That distinction matters. In a normal prompt based workflow, the human is still the glue. In Loop Engineering, the human creates the machine, and the machine runs the loop. The five building blocks of Loop Engineering When I break down Loop Engineering, I think of it as five core building blocks working together. 1. Automations These are the event driven triggers that start the whole system. They are the heartbeat of the loop. Something happens, and the automation fires. Without this, nothing starts. 2. Skills Skills give the agent stru
AI 资讯
As SpaceX deal looms, Cursor partners with Chainguard to secure open-source dependencies in AI-built code
Cursor has spent the past week in headlines after confirming a partnership with SpaceX that could eventually lead to a $60 billion acquisition . The deal, for now, centres on training more capable coding models using SpaceX’s compute infrastructure. Alongside that push on model performance, however, Cursor is now addressing a separate issue: the reliability of the code those models produce. Cursor has partnered with Chainguard , which provides verified open-source packages, to route dependencies through its curated repositories, aiming to reduce the risk of compromised components entering AI-built applications. The announcement lands as AI coding tools push more software into production with less human review, raising questions about how much of that code can be trusted. Supply chain risks in the agentic era The partnership addresses a problem developers know all too well. Modern applications depend heavily on open-source libraries and container images, most of which are pulled from public registries such as npm, PyPI, and Docker Hub. Those registries operate on openness, with limited checks in place. Developers — and now AI agents — often install dependencies without knowing who built them or whether they have been tampered with. Recent incidents have underlined the risk . In March, projects such as Trivy, LiteLLM, Telnyx, and Axios were compromised, with attackers using poisoned packages to steal credentials and spread malware. For teams using AI-generated code, the exposure increases. Agents can select and install dependencies automatically, making trust decisions at a pace that outstrips manual review. As Chainguard co-founder and CEO Dan Lorenc put it, generating code is becoming routine — checking its integrity is where the pressure now sits. “AI agents are making dependency decisions at a scale and speed no security team can manually review,” he wrote in a blog post . “As organizations adopt agentic development, the biggest blocker is no longer how fast code
AI 资讯
How I Benchmarked an LLM Running Entirely on a Phone (No Cloud, No API)
"It works on my test input" is the most dangerous sentence in on-device AI development. I typed that sentence - or some version of it - a dozen times while building Redacto, our on-device PII redaction app running Gemma 4 E2B on a Samsung Galaxy S25 Ultra. The model would redact a patient name from a clinical note, I would nod, and I would move on. Then I would hand the phone to a teammate, they would type a police report, and the model would redact the suspect description instead of the victim name. The problem is not the model. The problem is that manual spot-checking is not validation. You are testing a single input against your own expectations, with all the confirmation bias that entails. When you have five domain modes (HIPAA, Financial, Tactical, Journalism, Field Service), three difficulty levels, and two candidate models, you need something systematic. You need a benchmark suite. This post covers how I built one - from dataset curation to scoring methodology to on-device infrastructure - for a hackathon app running entirely on a phone. No cloud. No API calls. No data leaving the device. Why Not Use an Existing Framework? The LLM evaluation space has mature tools. EleutherAI's lm-eval-harness is the community standard for evaluating language models against academic benchmarks like MMLU, HellaSwag, and ARC. Stanford's HELM (Holistic Evaluation of Language Models) provides a multi-metric evaluation framework with standardized scenarios. Google's BIG-bench offers hundreds of tasks for probing specific capabilities. These frameworks are excellent for what they do. They are also completely wrong for this problem, for three reasons. First, they assume server-side inference. lm-eval-harness expects to call a model through an API or load it in PyTorch on a GPU server. Redacto's model runs on a Qualcomm Hexagon NPU inside a phone. There is no Python runtime, no HuggingFace tokenizer at evaluation time, no way to hook into the framework's inference loop. Second, their
AI 资讯
Cloudflare and AWS Embed x402 Agent Payments at the Edge
Cloudflare and AWS both implemented x402 stablecoin micropayments at their edge networks within two weeks. The open protocol under the Linux Foundation revives HTTP 402 for agent-to-service payments with sub-cent transaction costs. Coinbase reports 169 million transactions in year one. Enterprise tax and invoicing gaps remain unresolved. By Steef-Jan Wiggers
AI 资讯
I've Been Trying to Write AI Video Prompts for Months. They All Sucked Until I Found a Formula.
The Problem Nobody Talks About Everyone's posting AI-generated videos — characters speaking with lip-sync, manga panels coming alive, virtual idols dancing. The pitch: "just describe what you want." I tried. For months. Here's what I got: Character's face morphed by frame 2 "Slowly looks up" became "violent head shake" Voice-over sounded like Google Translate Same prompt, 3 runs, 3 completely different results No idea what to include or how long the prompt should be Tutorials were either too vague ("be detailed") or too technical (parameter tuning from line 1). The real issue: video prompts are structurally different from text/image prompts. You need to simultaneously control visuals, motion, audio, camera, and consistency constraints — in the right order, at the right length. What I Found A Skill in the Model Studio official repo called happyhorse-prompt-studio . It doesn't teach you theory — it asks you questions and assembles the prompt for you . 4-phase flow: 1. Inspiration Menu Shows you 4 "flavors" of what HappyHorse can do: Flavor What it does A · Voiced Manga Drama Characters talk to each other, with voice + lip-sync B · Character Voice PV Single character self-introduction, 8-10 sec C · Manga Panel Motion Static manga panel starts breathing D · Virtual Idol MV Idol performance with choreography 2. Discovery Asks you conversationally: character appearance, scene, emotion, dialogue, voice type, art style, camera. 3. Prompt Assembly Assembles using the HappyHorse Formula : Scene + Subject + Motion + Audio + Quality Key techniques: @「Image n」 syntax locks character identity across shots Dialogue ≤15 characters (split shots if longer) Japanese prompts work best (HappyHorse is JP-optimized) Always end with キャラの顔・髪・衣装が変わらない (face/hair/outfit stays unchanged) 4. Quality Check Auto-reviews: completeness, compliance, cost estimate, optimization tips. Before vs. After Dimension Writing myself With Prompt Studio Attempts needed 10-20 before one usable 2-3 to satisfacti
AI 资讯
My AI agent tried to ship a mistake we'd already reverted
A month ago we added a card_token column to the users table so a background job could retry failed Pro charges. It lasted about two days. Storing card data in your own database drops you into PCI-DSS (the compliance standard that kicks in the moment card data touches your systems), so we pulled it and moved to Stripe-managed payment methods. Last week the charges started failing again. New Claude Code session, no memory of any of that. Its plan? Add a card_token column to users and retry. I don't really blame the agent. It had the context the first time and it was right. The problem is that context died when the session closed. That's the part I never see mentioned about building with agents: the code sticks around, the reasoning doesn't. People leave a trail without trying. A commit message, a PR comment, the Slack thread before it. Agents don't, and the prompt that explained everything is gone by morning. So I built Selvedge to hold onto the reasoning. What happened the second time Selvedge is a local MCP server the agent calls as it works. There's a four-line block in our CLAUDE.md that says, roughly: before you touch an entity, check if we've been here before. $ selvedge prior-attempts users.card_token users.card_token Prior attempt 28 days ago ( reverted after 2 days ) Reasoning Added to store card tokens for one-click retries. Outcome REVERTED — kept card data out of our own DB to stay clear of PCI-DSS scope ; moved to Stripe-managed methods. So it didn't add the column. It charged off_session against the saved Stripe PaymentMethod instead. Charge retried, no card data in our database, done. We paid for that lesson once. How it works The agent writes down why live, in the moment, from the same context that made the change. That's the whole trick. A lot of the "git blame for AI" tools take your diff afterward and ask a second model to explain it. That's a guess. It reads well, but you can't really build on it. Selvedge stores what the agent actually meant, in i
AI 资讯
My Fine-Tuned Gemma 4 Loaded Fine, Then Broke on the First Message
I fine-tuned Gemma 4 E2B. The adapter merged cleanly. The export to .litertlm completed without errors. I pushed the model to my phone, initialized the engine, and everything looked green. Then I tried to create a conversation and got this: Failed to apply template: unknown method: map has no method named get (in template:238) No model loading failure. No quantization error. The model initialized, the tokenizer loaded, and then the runtime choked on a Jinja template feature it does not support. This failure only surfaces when you actually try to run inference, not when you load the model. If you are demoing at a hackathon, this is the worst possible time to discover a compatibility issue. I hit this exact bug while building Redacto, a zero-trust PII redaction app that runs Gemma 4 E2B entirely on-device. This post walks through the full fine-tune-to-deploy pipeline: how to QLoRA a model on Colab, export it for LiteRT-LM, and avoid the undocumented template trap that will block your deployment. The Full Pipeline Here is what the fine-tune-to-deploy pipeline looks like end to end: HuggingFace base weights -> QLoRA fine-tune (Colab) -> Merge adapter into base -> Patch chat template <-- the step nobody tells you about -> Quantize + export to .litertlm -> Push to device Each stage has its own failure modes. The template patch step is the one that was undocumented at the time, and it is the one that will cost you hours if you do not know it exists. A note on framing before we dig in: this was an under-resourced fine-tune. I trained on 3,000 of the 400,000 samples in the ai4privacy/pii-masking-400k dataset for a single epoch, and the label format did not fully match what Redacto expected downstream. The point of this post is not the fine-tune's accuracy - it is the deployment mechanics I had to work through to get any fine-tuned model onto the device at all. Step 1: QLoRA Fine-Tuning on Colab QLoRA (Quantized Low-Rank Adaptation) lets you fine-tune a quantized model by tra
AI 资讯
AI's Water Bill: The Data Center Backlash Is Here
In February, city officials in Cheyenne, Wyoming discovered something in their reclaimed water system that shouldn't have been there: Cupriavidus gilardii , a rare metal-resistant bacterium traced to wastewater discharges from Meta's $800 million data center campus. The contamination shut down Cheyenne's reuse water system for months , and on July 2, the city publicly named Meta's construction entity — a shell company called Goat Systems LLC — as the source. 📖 Read the full version with charts and embedded sources on ComputeLeap → "It's a very, very unpleasant surprise," said City Councilman Pete Laybourn. It shouldn't have been a surprise at all. Cheyenne is just the latest community learning what happens when AI's insatiable demand for compute meets the physical world: contaminated water, noise that residents describe as "living in hell," electricity bills that spike 267%, and — in the most surreal twist — a federal government that deleted its own energy conservation pages while a heatwave slammed the eastern seaboard. The AI industry talks endlessly about parameters, benchmarks, and scaling laws. But the story converging across Reddit, Hacker News, X, and YouTube this week isn't about models. It's about watts, gallons, and the communities living next to the machines. The water problem is worse than you think A Brookings Institution analysis puts the numbers in perspective: a typical data center consumes 300,000 gallons of water every day — equivalent to roughly 1,000 households. Large facilities gulp up to 5 million gallons daily, matching the needs of a town of 50,000. And water demand for data center cooling may rise by 870% as the current build-out continues. The scale is hard to overstate. According to a Consumer Reports investigation , Phoenix-area data centers currently use 385 million gallons annually — a figure projected to explode to 3.7 billion gallons once planned facilities come online. About two-thirds of data centers built since 2022 sit in water-st
AI 资讯
I Got Tired of My Portfolio Looking Like a List of Links. So I Built an MCP Server for It.
The obvious fix for "my projects all look similar" is a better README — more screenshots, clearer descriptions, maybe a comparison table. I considered that for about five minutes and decided it was still just a nicer list of links. What actually made a portfolio project feel different was making it something you could talk to instead of read. That's what MCP (Model Context Protocol) is built for — it's the standard that lets AI clients like Claude Desktop call external tools directly, not just process text. So I built a server that exposes my 9 projects as queryable tools instead of static entries. What is MCP, and why does it matter here Almost every AI-developer portfolio I've seen is a list of links. Mine now includes something you can actually talk to . Open Claude Desktop, connect my server, and ask "what has Ayush built with FastAPI?" — it doesn't guess from a cached README, it calls a real tool and answers from structured, live data. What I built A Python MCP server ( FastMCP , stdio transport) exposing five tools: list_projects — short summary of all 9 projects get_project_details(project_name) — full stack, GitHub link, demo URL for one project, fuzzy-matched by name search_projects_by_stack(technology) — "show me everything using Groq" or "LangGraph" or "React" get_flagship_project — the single best project to look at first get_resume_summary — background, target role, core stack The data itself lives in plain Python dictionaries right now — no database needed for something this size. Each tool is a thin function around that data, decorated with @mcp.tool() . @mcp.tool () def search_projects_by_stack ( technology : str ) -> list [ dict ]: """ Find all projects that use a given technology or tool. """ query = technology . lower (). strip () matches = [ { " name " : p [ " name " ], " stack " : p [ " stack " ], " github " : p [ " github " ]} for p in PROJECTS if any ( query in tech . lower () for tech in p [ " stack " ]) ] return matches or [{ " message " : f
AI 资讯
FROST 的治理哲学:为什么每个 Agent 系统都需要一部宪法
FROST 的治理哲学:为什么每个 Agent 系统都需要一部宪法 "细胞会死,但谱系会存续。Agent 会消亡,但宪法会传承。资产会永存。" 在 AI Agent 框架百花齐放的 2026 年,我们见证了一个有趣的现象:框架越来越多,治理却越来越缺失。LangChain 给了你工具链,CrewAI 给了你角色扮演,AutoGen 给了你对话——但没有人回答一个关键问题: 当你的 Agent 家族有十代、百代,谁来保证它们的行为不越界? 这就是 FROST 要解决的问题。 一、一个被忽视的问题:Agent 治理真空 想象这样一个场景:你构建了一个 Agent 系统,它帮你处理客户咨询、自动写报告、管理财务。一开始只有 3 个 Agent,你都能监控。三个月后,Agent 数量变成了 30 个——有些是你创建的,有些是 Agent 自己创建的。 问题来了: 某个 Agent 开始访问不该访问的数据 某个 Agent 创建的子 Agent 继承了一份不该继承的权限 某个 SOP 工作流在运行中被人悄悄修改了 这不是科幻场景,这是今天 Agent 系统正在发生的事。 根本原因 :现有框架的"治理"要么是提示词级别的软约束("请你不要访问这些数据"),要么是事后的日志审计。没有一个是代码级别、架构级别的硬约束。 FROST 的设计哲学是: 治理必须是架构的一部分,而不是补丁。 二、FROST 的宪法模型:四层治理 FROST 把治理拆解为四个层次,每一层都有对应的代码实现: 第一层:只读继承——权限的代码级强制 在大多数框架中,Agent 之间的数据共享靠的是"约定"。FROST 用的是 HierarchicalStore ——一种层级化记忆容器: class HierarchicalStore : """ 层级化记忆存储。 祖先 Store 对后代只读——后代可以继承,但不能篡改。 """ def __init__ ( self , data = None , parent = None , readonly = False ): self . _data = data or {} self . _parent = parent self . _readonly = readonly # 关键:只读标记 def save ( self , key , value ): if self . _readonly : raise PermissionError ( " 只读 Store 禁止写入 " ) self . _data [ key ] = value def load ( self , key , default = None ): if key in self . _data : return self . _data [ key ] if self . _parent : return self . _parent . load ( key , default ) return default 注意 readonly 参数。当一个 Agent 创建子 Agent 时,子 Agent 对父 Agent 的 Store 是 只读的 。这不是提示词告诉 Agent "请你不要修改",而是代码直接抛出异常。 这意味着 :即使 LLM 产生了幻觉,试图越权写入,代码层面也会拒绝执行。 第二层:SOP 宪法校验——工作流的可审计性 在 FROST 中,SOP 不是随便定义的步骤列表,而是经过祖辈审核的"宪法文本": def validate_sop ( ancestor_sop , descendant_sop ): """ 祖辈验证后代的 SOP 是否合规。 检查点: 1. 后代 SOP 的步骤不能超出祖辈定义的边界 2. 后代 SOP 不能调用未授权的 Skill 3. 后代 SOP 的数据访问不能超出权限范围 """ # 检查 1:步骤边界 for step in descendant_sop . steps : if step not in ancestor_sop . allowed_steps : raise SOPValidationError ( f " 步骤 { step } 超出祖辈定义的边界 " ) # 检查 2:Skill 授权 for skill in descendant_sop . required_skills : if skill not in ancestor_sop . authorized_skills : raise SOPValidationError ( f " Skill { skill } 未获授权 " ) return True 这意味着 :任何后代 Agent 想要执行的工作流,都必
AI 资讯
I Turned Any Website Into a Permanent AI Tool in 10 Minutes with BrowserAct (No API Required)
Last week, I asked my AI agent to scrape 300 job listings from a recruiting site. It broke at row...