AI 资讯
여러 에이전트가 협업하는 업무 자동화 시스템 설계 방법
업무 자동화 시스템을 만들 때 가장 먼저 드는 질문이 있다. "에이전트 하나면 안 되나?" 단일 에이전트로 시작하면 구조가 단순하고 디버깅도 쉽다. 그런데 실제 업무 맥락에서는 단일 에이전트가 빠르게 벽에 부딪힌다. 이 글은 왜 여러 에이전트가 협업하는 구조가 필요한지, 그리고 그 구조를 실제로 어떻게 설계하는지를 기술적으로 짚는다. 단일 에이전트로 충분하지 않은 이유 단일 에이전트가 실패하는 지점은 복잡한 기능 탓이 아니라 컨텍스트 길이와 직렬 실행의 구조적 한계 때문이다. LLM 기반 에이전트에 하나의 긴 작업을 맡기면 세 가지 문제가 동시에 발생한다. 첫째, 컨텍스트 창이 소진된다. 데이터 수집, 변환, 검증, 발행을 하나의 루프에서 처리하면 중간 상태가 프롬프트에 누적되고, 모델은 앞부분 지시를 잊는다. 둘째, 직렬 실행은 병목을 만든다. API 호출이 5개 있고 각각 2초라면, 단일 에이전트는 10초를 기다린다. 셋째, 에러 격리가 불가능하다. 한 단계가 실패하면 전체 루프를 재시작해야 한다. 반면 여러 에이전트가 협업하는 구조에서는 각 에이전트가 명확한 책임 경계를 갖는다. 한 에이전트가 데이터를 수집하고, 다른 에이전트가 변환하고, 또 다른 에이전트가 검증한다. 에러는 해당 에이전트 범위 안에서 처리되고, 독립된 작업은 병렬로 돌린다. 에이전트 협업 구조를 어떻게 설계할까? 나무숲이 실제 자동화 프로젝트에서 가져가는 구조는 오케스트레이터-워커(Orchestrator-Worker) 패턴이다. 이 패턴은 Anthropic이 공개한 에이전트 설계 가이드라인 에서도 다루는 구조로, 책임 분리가 명확하다는 점이 핵심이다. 역할 책임 범위 주요 판단 오케스트레이터 전체 작업 계획, 워커 배정 어떤 워커를 호출할지, 순서와 병렬 여부 워커 에이전트 단일 도메인 작업 실행 도구 호출, 결과 반환 검증 에이전트 출력 품질 검사 재시도 요청 또는 다음 단계 진행 상태 관리 에이전트 간 공유 컨텍스트 보존 어떤 정보가 다음 에이전트에 전달되는지 예를 들어 콘텐츠 자동 발행 파이프라인이라면, 오케스트레이터가 "오늘 발행할 항목 목록"을 받아 수집 워커, 요약 워커, 포맷 워커를 순서대로 호출한다. 검증 에이전트는 포맷 워커 출력을 보고 발행 가능 여부를 판단한다. 에이전트 간 데이터 흐름과 오케스트레이션 설계 오케스트레이터는 각 워커를 직접 호출하고, 그 결과를 다음 워커의 입력으로 넘긴다. 이때 중요한 설계 결정이 두 가지다. 메시지 구조를 명시적으로 정의한다. 에이전트 간 데이터는 자유형 텍스트가 아니라 스키마가 있는 구조로 전달해야 한다. JSON 스키마나 Pydantic 모델을 쓰면 에이전트 출력이 다음 에이전트의 입력 형식을 충족하는지 런타임 전에 검사할 수 있다. 오케스트레이터는 작업의 의미를 이해하지 않는다. 좋은 오케스트레이터는 라우터에 가깝다. "이 입력은 A 워커에게, 그 결과는 B 워커에게"를 결정할 뿐, 각 작업의 도메인 로직에 관여하지 않는다. 이 원칙을 지키면 워커를 교체하거나 추가할 때 오케스트레이터 코드를 손댈 필요가 없다. 간단한 파이썬 예시로 구조를 보면 이렇다: from anthropic import Anthropic from pydantic import BaseModel client = Anthropic () class WorkerOutput ( BaseModel ): status : str # "success" | "retry" | "failed" payload : dict error_message : str | None = None def call_worker ( system_prompt : str , user_input : str ) -> WorkerOutput : response = client . messages . create ( model = " claude-opus-4-5 " , max_tokens = 1024 , system = system_prompt , messages = [{ " role " : " user " , " content " : user_input }],
AI 资讯
Harness Engineering Has No Fixed Address
TL;DR — Harness engineering is one thing: getting reliable judgment out of a reasoner you didn't train — given an instruction, bounded by a spec that can override that instruction, and verified before the result ships. It is not "the wrapper around the model." It's a property of code, not a place in your stack, and it lives on both sides of every tool call. The generic scaffolding — loops, dispatch, memory — melts into the model a little more every quarter. What survives is the part that stays external to the model: the specification of what the agent may do, and the verification that it did. That's the discipline. The rest is plumbing. I've written before that Agent = Model × Harness , and that the harness is the half you actually engineer. I still believe the formula. But stop there and it oversells two things — so this is me correcting my own framing, precisely, with code. The two things the formula gets wrong The × oversells separability. Multiplication implies the factors are independent. They aren't. A better model doesn't leave your harness untouched — it dissolves parts of it. Chain-of-thought prompting became reasoning models. ReAct-style tool loops became native tool use. Half your RAG plumbing is being quietly absorbed by longer context and better-trained retrieval. Every model generation collapses a layer of harness the previous one needed. "Harness absorbs software engineering" oversells the annexation. It doesn't absorb it. It partly consumes it — pulls in the slice that encodes the agent's behavior — while the deterministic spine (payments, ledgers, auth) and the dumb tools stay exactly what they were. Relocation with an annexation at the seam. Not a takeover. Both corrections point at the same uncomfortable question: if the model eats the scaffold every quarter, isn't the harness the melting part — the thing you'd be foolish to bet a career on? What melts, and what doesn't Here's the resolution, and it's the whole point. The harness mechanism melts.
AI 资讯
Building a real-time desktop AI copilot for calls: the hard parts
Half a year ago I asked a simple question: during an online call, could a short, to-the-point hint appear on my screen in a second or two — while the other person is still talking? Not an after-the-fact transcript, but help in the moment. The result is a desktop assistant (macOS + Windows). Below is an honest breakdown of what turned out to be hard, and which solutions worked. Engineering only, no marketing. Architecture in one paragraph On the device there are only two things: audio capture and a thin UI overlay. All the "brains" (provider keys, prompts, model selection) live on the server. The client gets a short-lived per-session token and streams audio; the server returns the transcript and the generated answer. I picked this split not for "security theater" but because otherwise keys and prompts would have to be baked into the binary — and both leak instantly. Hard part #1: system audio, not the microphone The mic only captures you. You need the other party's audio — i.e. the system output. And that's where the platform pain starts: macOS. For a long time there was no native "give me system audio" API; the classic path was a virtual audio device (BlackHole/Soundflower-style) or, in recent versions, ScreenCaptureKit, which can hand you a process's audio. ScreenCaptureKit turned out to be the best option: no kernel extensions for the user to install. Windows. WASAPI loopback saves you — you can grab whatever is going to the output device, without virtual cables. Takeaway: "system audio capture" is not one feature but two different subsystems for two OSes, and most of the early bugs were about permissions and device selection, not about audio itself. Hard part #2: latency is everything A hint that arrives 6 seconds late is useless — the conversation has already moved on. The latency budget has three parts: STT (speech → text). Streaming only. Batch "recognize after the phrase ends" immediately adds 1–2 seconds. The key metrics weren't "overall accuracy on a benchm
AI 资讯
Escaping Generative Monoculture in AI-Assisted Engineering
Originally published on Mohamad Alsabbagh's Blog . AI coding assistants are excellent at compressing known work into fast drafts. That speed is the preface boost : routine implementation arrives almost immediately. The hidden risk is that teams begin treating the model's first plausible answer as architecture. Because LLMs are trained and aligned around historically common patterns, they can pull engineering teams toward Generative Monoculture : less diverse solutions, narrower exploration, and fewer designs shaped by the exceptional constraints of the system in front of them. Give the same prompt to three engineers using the same assistant and you often get the same shape back: a tidy service layer, a familiar API boundary, a conventional retry wrapper, and code that looks clean enough to merge. That answer is useful. It may even be the right answer for ordinary work. The danger is what happens when ordinary work becomes the default posture for extraordinary constraints. Large Language Models are not neutral architecture engines. They are probabilistic systems trained over historical work and tuned toward answers people tend to reward. Used well, that makes them extraordinary accelerators. Used passively, it creates an optimization paradox: teams gain immediate implementation velocity while becoming anchored to a consensus baseline that may be too average for the actual system. 1. The Default Is a Local Optimum Wu, Black, and Chandrasekaran define Generative Monoculture as a narrowing of model output diversity relative to the diversity available in the training data. That matters because software architecture is rarely a search for the most common answer. It is a search for the answer that fits the exact failure modes, latency envelope, team topology, regulatory constraints, and operational reality of a system. The model's default is often a local optimum: a solution that is statistically likely, syntactically polished, and broadly acceptable. That can be excellent
AI 资讯
React Folder Structures That Scale: A Practical Guide for Modern Frontend Teams
Learn how to organize React projects for scalability, maintainability, and team collaboration. Introduction As React applications grow, one challenge consistently emerges: project organization . A folder structure that works perfectly for a small side project can quickly become a nightmare when multiple developers contribute to a production-scale application. Whether you're a junior React developer preparing for interviews, a mid-level frontend engineer looking to improve code maintainability, or a technical recruiter trying to understand modern React development practices, understanding scalable React folder structures is essential. In this guide, we'll explore the most popular React folder organization strategies, their pros and cons, and the structure many modern engineering teams use to build scalable applications. Why React Folder Structure Matters A well-organized React project provides several benefits: Faster onboarding for new developers Easier code maintenance Better scalability as features grow Reduced code duplication Improved team collaboration Cleaner separation of concerns Many React applications start simple: src/ ├── App.jsx ├── Home.jsx ├── Login.jsx └── Dashboard.jsx This works initially, but as the project grows to dozens or hundreds of components, finding and maintaining files becomes increasingly difficult. Common React Folder Structure Approaches 1. Type-Based Folder Structure One of the earliest and most common approaches is organizing files by their type. src/ ├── components/ ├── pages/ ├── hooks/ ├── services/ ├── utils/ ├── assets/ └── contexts/ Advantages Easy to understand Suitable for small projects Quick setup Disadvantages Components folder can become enormous Related files are spread across multiple directories Harder to maintain in large teams For example, a user profile feature might have files located in: components/UserProfile.jsx hooks/useUser.js services/userService.js pages/ProfilePage.jsx Finding all files related to one feat
AI 资讯
The Hybrid Architecture: Blending Physical IoT with Cloud Computing
As software engineers, we often architect solutions in a virtual ideal: fast networks, elastic resources, and servers that never physically degrade. But what happens when your carefully crafted systems need to interact with the messy, unpredictable physical world? Think factory floor monitors, real estate camera networks, or remote tracking devices. Suddenly, those cloud assumptions about infinite uptime and perfect connectivity crumble. My journey, particularly architecting and maintaining a continuous 24/7 camera livestream for a real estate group over six years, has been a masterclass in this reality. It's revealed that true reliability in the physical realm demands a hybrid approach – one that intelligently merges the power of edge computing with the scalability and data insights of the cloud. This isn't just about connecting devices; it's about building resilience into the very fabric of your architecture. In this article, I'll share the battle-tested strategies and design principles that enable systems to not just survive, but thrive, despite the harsh realities of physical deployment. 1. The Core Strategy: Smart Edge, Simple Cloud One of the most common pitfalls in hybrid architecture design is treating the edge device as a mere 'dumb' terminal, solely responsible for streaming raw data to a powerful cloud backend. This approach creates a critical single point of failure: if the network drops, the entire system grinds to a halt. Instead, I advocate for a Smart Edge, Simple Cloud architecture. This principle establishes a clear division of responsibility: The Edge : This is where the magic happens locally. The edge system should be robust enough to handle local processing , data filtering , buffering , and immediate hardware control . Critically, it must be capable of operating autonomously for extended periods without an active cloud connection. Think of it as a mini data center, designed for self-sufficiency. Benefits of a Smart Edge : Reduced bandwidth cost
AI 资讯
Trunk-Based Development Working for Salesforce Without a Single Org
I've wanted easy trunk-based development for Salesforce for years. Short-lived branches, frequent merges, small pull requests, and CI fast enough that developers aren't afraid to commit. The same practices that engineering teams use everywhere else. Every time I tried to make it work, I hit the same wall: Apex tests require an org. That single dependency turns every validation run into an infrastructure problem. Before a test can execute, you need authentication, environment provisioning, metadata deployment, test execution, and cleanup. The result is feedback loops measured in minutes instead of seconds. I got tired of waiting and built Nimbus, a local Apex runtime that executes Apex tests without an org. This is what I learned while trying to make trunk-based development actually work for Salesforce. Why trunk-based development is hard in Salesforce Trunk-based development depends on fast feedback. If validation takes seconds, developers make smaller changes, merge more frequently, and keep branches short-lived. If validation takes fifteen minutes, behavior changes. Pull requests get larger, unrelated work gets batched together, and validation stops happening continuously because validation itself becomes expensive. Salesforce has always had a structural challenge here because Apex only runs inside Salesforce. A typical validation pipeline looks something like this: sf org login jwt sf org create scratch sf project deploy start sf apex run test sf org delete scratch There is nothing inherently wrong with these steps. The problem is that most of them have nothing to do with testing. They're infrastructure management. The actual validation of business logic is only one part of the process. The longer I worked with Salesforce CI, the more obvious it became that the bottleneck wasn't Apex itself. The bottleneck was everything required to create an environment where Apex could run. The solutions I tried first Before building a local runtime, I tried solving the problem
AI 资讯
Why Modular Architecture Makes SaaS Platforms Easier to Scale
As SaaS platforms grow, the codebase becomes harder to maintain. Features expand, integrations multiply, and the system starts to feel tightly coupled. Modular architecture solves this problem by splitting the platform into independent, self‑contained components that evolve without breaking each other. What modular architecture means A modular system is built from isolated components that communicate through well‑defined interfaces. Each module has: its own logic, its own data boundaries, its own responsibilities, minimal knowledge about other modules. This separation reduces complexity and makes the platform easier to extend. Benefits of modular design A modular architecture provides several advantages: Independent development: teams can work on different modules without conflicts. Faster deployments: small modules deploy quickly and safely. Better testability: each module can be tested in isolation. Improved reliability: failures are contained within a single module. Easier scaling: only the modules under load need more resources. This approach is especially useful for platforms that integrate with multiple external APIs. Real‑world example Modern property management systems often use modular design to separate booking logic, pricing engines, messaging workflows, and synchronization services. A good example is an API‑driven rental operations automation system , where each module handles a specific part of the workflow and communicates through events. If you want to explore how a real SaaS platform structures its modules, you can check PMS.Rent . Conclusion Modular architecture is not just a design choice — it is a long‑term strategy for building scalable, maintainable, and reliable SaaS platforms. When each module is independent and well‑defined, the entire system becomes easier to evolve and operate.
AI 资讯
How Calendar Synchronization Works in Multi‑Channel Rental Platforms
Calendar synchronization is one of the most challenging parts of building a multi‑channel rental platform. Every booking, cancellation, modification, or pricing update must propagate across all connected channels quickly and without conflicts. A single missed update can lead to double bookings, lost revenue, or unhappy guests. Why calendar sync is difficult Calendar data is dynamic and often inconsistent across platforms. Common issues include: out‑of‑order updates, conflicting changes from different sources, slow or rate‑limited APIs, missing or duplicated events, timezone inconsistencies, partial updates that overwrite each other. A reliable sync engine must handle all of these edge cases gracefully. Core principles of a robust calendar sync A well‑designed sync system follows several key rules: Event‑driven updates: every change triggers an event rather than a full resync. Incremental synchronization: only changed data is processed. Conflict resolution: timestamps or version numbers determine the winning update. Idempotency: repeated updates produce the same result. Queue‑based processing: heavy operations run asynchronously. Audit logs: every update is traceable. These principles ensure that calendars remain consistent even under heavy load. Real‑world example Short‑term rental platforms rely on accurate calendars to avoid double bookings. A good example of this approach can be seen in an event‑driven short‑term rental calendar synchronization system , where each update is processed through queues, validated, and applied idempotently. If you want to explore how a real SaaS platform handles calendar synchronization, you can check PMS.Rent Conclusion Calendar synchronization is not just a technical feature — it is the foundation of trust between property managers and their tools. When the sync engine is event‑driven, idempotent, and conflict‑aware, the entire platform becomes more reliable and predictable.
AI 资讯
Handling Webhooks Safely and Reliably in SaaS Platforms
Webhooks are one of the most common ways SaaS platforms communicate with external services. They deliver real‑time updates about bookings, payments, messages, or status changes. But webhooks are also one of the most fragile integration points — and if they are not handled correctly, the entire system becomes unreliable. Why webhook handling is tricky Webhooks are inherently unpredictable because they depend on external systems. Common issues include: duplicate deliveries, missing events, delayed notifications, invalid payloads, unexpected retries, out‑of‑order events. A robust webhook handler must be prepared for all of these scenarios. Core principles of safe webhook processing A reliable webhook system follows several essential rules: Idempotency: every event must be safe to process multiple times. Signature validation: verify that the request is authentic. Payload schema validation: reject malformed data early. Queue‑based processing: never process webhooks synchronously. Retry logic: handle temporary failures gracefully. Audit logging: store every event for debugging and recovery. These principles ensure that even if the external service misbehaves, your platform remains stable. Real‑world example Modern property management systems depend heavily on webhooks for booking updates, cancellations, pricing changes, and guest messages. An example of a resilient webhook workflow can be seen in an event‑driven short‑term rental automation platform , where each webhook is validated, queued, processed idempotently, and logged for traceability. If you want to explore how a real SaaS platform structures webhook handling, you can check PMS.Rent . Conclusion Webhooks are powerful but unreliable by nature. A safe webhook handler must assume that events will arrive late, arrive twice, or arrive broken. When the system is designed with idempotency, validation, queues, and retries, webhooks become a reliable foundation for real‑time automation.
AI 资讯
Designing a Reliable Sync Engine for Multi‑Channel SaaS Platforms
A sync engine is one of the most critical components in any SaaS platform that integrates with external services. Whether you manage bookings, payments, messages, or inventory, the system must stay consistent across multiple channels without losing data or creating conflicts. Why sync engines fail Most sync issues come from predictable technical problems: API rate limits. Slow or unstable external endpoints. Conflicting updates from different sources. Missing retry logic. Lack of idempotency. When these issues accumulate, the platform becomes unreliable and difficult to scale. Key principles of a reliable sync engine A well‑designed sync engine follows several core principles: Event sourcing to track every change. Message queues to handle spikes in traffic. Idempotent operations to avoid duplicates. Timestamp‑based conflict resolution. Retry and backoff strategies for unstable APIs. These patterns ensure that the system remains consistent even when external services behave unpredictably. Real‑world example Platforms that manage short‑term rental operations rely heavily on sync engines. Calendar updates, pricing changes, and new bookings must be processed in real time. A good example of an event‑driven sync model can be seen in modern PMS systems. For instance, the approach used in event‑driven property management architecture is similar to the one implemented in PMS.Rent Conclusion A sync engine is not just a background process — it is the backbone of any API‑driven SaaS platform. When designed correctly, it ensures reliability, scalability, and predictable behavior across all integrated channels.
AI 资讯
Understanding Retrieval-Augmented Generation (RAG): The AI Architecture That Makes LLMs Smarter
Introduction Large Language Models (LLMs) like ChatGPT have transformed how we interact with AI. They can write code, answer questions, summarize documents, and generate creative content. However, they have one major limitation - they only know what they were trained on and can sometimes generate incorrect or outdated information. So, how do modern AI applications answer questions about your company's private documents, recent news, or knowledge that wasn't part of the model's training? The answer is Retrieval-Augmented Generation (RAG). In this blog, we'll explore what RAG is, how it works, its architecture, benefits, challenges, and real-world applications. What is RAG? Retrieval-Augmented Generation (RAG) is an AI architecture that combines a retrieval system with a Large Language Model (LLM). Instead of relying only on the model's internal knowledge, RAG first retrieves relevant information from an external knowledge source and then uses that information to generate a more accurate response. Think of it like an open-book exam. Instead of answering from memory, the AI first searches for the most relevant pages and then writes the answer based on those pages. Why Do We Need RAG? Traditional LLMs have several limitations: Knowledge becomes outdated. They cannot access private company data. They may hallucinate (generate incorrect facts). Retraining models is expensive and time-consuming. RAG solves these problems by allowing the model to retrieve fresh and domain-specific information before generating an answer. RAG Architecture A typical RAG pipeline consists of the following components: User Query Embedding Model Vector Database Retriever Prompt Builder Large Language Model Final Response Step-by-Step Workflow * Step 1: * User asks a question Example: "What is our company's leave policy?" Step 2: Convert the question into embeddings The query is transformed into a vector representation using an embedding model. Example: "What is leave policy?" ↓ [0.12, -0.45, 0.7
AI 资讯
Give Your Codebase a Constitution
Architecture that lives only in people's heads doesn't survive agents. For most of my career, the real rules of a codebase weren't written down. People knew them. Senior engineers knew which layers could talk to which. They knew which dependencies were forbidden, which schemas were effectively frozen, and which shortcuts would create problems six months later. New engineers learned those rules the traditional way: break one, get caught in review, get the explanation, and eventually remember not to do it again. It wasn't perfect, but it mostly worked. What I didn't fully appreciate until I started working heavily with coding agents is how dependent that model is on tribal knowledge. Humans accumulate context over time. Agents don't. They don't remember the migration that went sideways three years ago. They weren't around when the team spent weeks untangling a dependency cycle. They don't know why a particular boundary exists. They only know what they can see. Which means if a rule isn't written down, from the agent's perspective, the rule doesn't exist. I've seen agents wire inner layers directly to outer layers. I've seen them introduce dependencies we intentionally avoided and extend contracts everyone on the team considered settled. The code often worked, which was the dangerous part. The problem wasn't correctness. The problem was architectural drift. That's when something clicked for me. Architecture can't remain folklore once agents start writing code. It has to become law. Not a convention. Not a suggestion. Not something a reviewer remembers at 6 PM on a Friday. A law. Written down, explicit, and enforceable. That's what I mean by a constitution. A Constitution Is Not Documentation The first mistake I made was treating the constitution like another documentation file. It isn't. Documentation explains how the system works today. A constitution defines what the system is allowed to become. Those sound similar, but they serve very different purposes. Package nam
AI 资讯
Claude Fable 5 on Bedrock Requires Sharing Inference Data with Anthropic
Using Claude Fable 5 or Mythos 5 on Amazon Bedrock requires opting into provider_data_share, sending prompts and outputs to Anthropic for 30-day retention with human review. Previous Bedrock models kept inference data inside the AWS boundary. Three days after launch, Anthropic asked AWS to revoke access to both models citing US export control compliance. By Steef-Jan Wiggers
AI 资讯
Enterprise Design Patterns in Python: Repository & Unit of Work — Real-World E-Commerce Example
Enterprise Design Patterns in Python: Repository & Unit of Work 🐍🏗️ Series: Enterprise Application Architecture | Source: Fowler's EAA Catalog | Code: GitHub Repository 🧠 What Are Enterprise Design Patterns? Martin Fowler's Patterns of Enterprise Application Architecture (2002) is one of the most influential books in software engineering. It documents recurring architectural solutions — patterns — that solve common problems in enterprise systems: how to organize domain logic, how to talk to databases, how to handle transactions, and more. In this article, we'll explore two of the most powerful and widely-used patterns from that catalog: Pattern Category Core Purpose Repository Data Source Abstracts data access behind a collection-like interface Unit of Work Data Source Tracks object changes and commits them as a single transaction These two patterns work beautifully together — and you'll see exactly why with a real-world example. 🛒 The Problem: An E-Commerce Order System Imagine you're building a backend for an online store. When a customer places an order: A new Order is created Each Product 's stock is decremented A Payment record is registered If any of these steps fail midway, the entire operation should roll back — no partial state. This is exactly the problem the Unit of Work pattern solves, and the Repository pattern makes it all cleanly testable. 📁 Repository Pattern Definition "A Repository mediates between the domain and data mapping layers using a collection-like interface for accessing domain objects." — Martin Fowler, PoEAA The Repository acts as an in-memory collection of domain objects. Your business logic never knows if it's talking to PostgreSQL, SQLite, or even a mock list — it just calls .add() , .get() , .list() . Domain Model # models.py from dataclasses import dataclass , field from typing import List from uuid import uuid4 @dataclass class Product : id : str name : str price : float stock : int @dataclass class OrderItem : product_id : str qua
AI 资讯
Ship an AI agent without a kill switch and you are the incident
A finance bot kept issuing refunds in a loop because nobody built a way to stop it. Clean code. Sound logic. No off switch. A small bug became a long night. Here is the opinion most teams do not want to hear. Building the agent is the easy 80 percent. That off switch is the 20 percent that decides whether you can ship it at all. We celebrate the wrong milestone. Picture the demo where the agent books the meeting, writes the email, updates the record. That part is genuinely fun to build and genuinely easy now. Harder is the boring question nobody claps for. What happens when it is wrong, fast, and confident. An AI agent is not a chatbot. It takes actions in the real world. It spends money, deletes rows, messages real people, moves files. Wrong answers in a chat are annoying. A wrong action at machine speed is an incident with your name on it. So before features, I build the stop. One real kill switch is not a single button. Think of it as a small set of bounds that live from the first version. A spend ceiling, so a retry loop cannot drain the account A blast radius limit, so one task can never touch more than it should A human gate on anything irreversible, so the agent proposes and a person commits A global stop that halts everything in one move, with no redeploy None of that is glamorous. All of it is what lets you sleep at night. Teams skip this for a reason that feels rational in the moment. Bounds feel like negative work. They never show up in the demo. Your agent runs fine without them right up until the one time it does not, and that one time is the only time anyone remembers. Here is the reframe that changed how I build. Treat the stop as the feature that makes an agent shippable. Bolt it on at the end and you have already shipped a liability that happens to pass the demo. Honest about the trade-off. Bounds slow you down. You will watch the agent pause for an approval it could technically have skipped, and it will feel like friction. That friction is the pric
开发者
Lo que aprendí cuando dejé de pensar solo en código y empecé a pensar en arquitectura
Durante mucho tiempo asocié el desarrollo de software con programar funcionalidades: crear entidades, armar controladores, conectar una base de datos, validar formularios y hacer que una aplicación responda correctamente. Sin embargo, durante el Trabajo Final de la asignatura Desarrollo de Aplicaciones Web , entendí que programar es solo una parte del problema. El verdadero desafío aparece antes de escribir código: decidir qué arquitectura conviene, por qué conviene, cuánto cuesta, qué riesgos resuelve y qué complejidad agrega. El trabajo consistió en diseñar un sistema de gestión clínica que comenzaba como un MVP para una única clínica y evolucionaba progresivamente hacia una plataforma SaaS multi-tenant . Aunque fue un proyecto académico, el ejercicio nos obligó a pensar como si estuviéramos tomando decisiones técnicas en un contexto real: con restricciones de negocio, costos, equipo, seguridad, datos sensibles y crecimiento futuro. La principal enseñanza fue: la mejor arquitectura es la que responde mejor al momento del producto . El primer desafío: no sobrediseñar desde el inicio Cuando empezamos a pensar el sistema, la tentación era ir directamente a una arquitectura compleja: microservicios, eventos, colas, Kubernetes, múltiples bases de datos y despliegues independientes. Pero al analizar el escenario inicial, esa decisión no tenía sentido. El sistema comenzaba para una sola clínica, con un presupuesto reducido y con requisitos todavía en etapa de validación. En ese contexto, arrancar con microservicios hubiera agregado más problemas que beneficios: comunicación entre servicios, contratos, versionado, observabilidad distribuida, debugging más difícil y mayor costo de infraestructura. Por eso, una de las decisiones más importantes fue comenzar con una arquitectura en capas , desplegada como un único proceso. Esta elección permitió separar responsabilidades sin asumir desde el principio la complejidad de un sistema distribuido. La capa de presentación se encarg
AI 资讯
How I Turned My Personal Storage Accounts Into a Massive S3 Bucket for $0
As developers, we’ve all been there: you’re building a hobby project, a side hustle, or a microservice, and you need object storage. You look at AWS S3 or dedicated cloud providers, and the costs start adding up. Meanwhile, most of us have hundreds of gigabytes of idle, wasted space sitting in our personal Google Drive, Dropbox, or Mega accounts. I wanted to find a way to use that personal cloud storage programmatically—specifically as an S3-compatible bucket—without paying premium storage fees. But I had one strict rule for myself: The solution had to be 100% stateless. No caching files on my servers, no data retention, and zero storage costs on my end. Security and privacy meant that files had to exist on my infrastructure only in-flight as streaming data packets. Here is a deep technical breakdown of the architecture I built to make this happen using NestJS, Fastify, OpenDAL, and BullMQ in a monorepo structure. 1. The Core Architecture: A Monorepo Approach To keep performance blazing fast and maintain a clean separation of concerns, I broke the system down into three distinct, decoupled services inside a monorepo, sharing underlying core modules. Because raw Node.js HTTP overhead can become a bottleneck when proxying heavy streams, I swapped out Express for Fastify as the underlying HTTP provider for NestJS. ┌────────────────────────────────────────┐ │ Main API Server │ │ (Handles Auth, Web Dashboard, OAuth) │ └───────────────────┬────────────────────┘ │ │ (Pushes Sync/Heavy Tasks) ▼ ┌───────────┐ │ BullMQ │ └─────┬─────┘ │ ▼ ┌────────────────────────────────────────┐ │ Worker Server │ │ (Processes Heavy Background Jobs) │ └────────────────────────────────────────┘ ───────────────────────────────────────────────────────────────────────── ┌────────────────────────────────────────┐ │ S3-Compatibility Server │ │ (Streams Data / Translates S3 XML) │ └────────────────────────────────────────┘ The Main API Server: Handles user authentication, the web dashboard manageme
AI 资讯
Multi-Model System Design: When One Model Isn't Enough
Single-model systems are simple. Multi-model systems are powerful. The challenge isn't choosing models — it's designing the architecture that orchestrates them. A multi-model system isn't about having more models. It's about having the right model for the right task at the right time. Architecture patterns Five patterns cover most use cases: Pattern Complexity When to use Tradeoff Single Model Lowest Prototyping, simple tasks Limited capability Sequential Low Multi-step workflows Higher latency Parallel Medium Independent tasks Higher cost Hierarchical High Complex reasoning Complex orchestration Ensemble Highest Critical decisions Highest cost Pick the simplest one that works. Complexity is real, and it compounds. Sequential architecture Process tasks through a chain of models, each specializing in a step. Pattern 1: Pipeline Pipeline pattern — each model's output feeds the next: class ModelPipeline : def __init__ ( self ): self . models = [ { " model " : " qwen2.5-1.5b " , " task " : " classify " }, { " model " : " qwen2.5-7b " , " task " : " extract " }, { " model " : " qwen2.5-32b " , " task " : " reason " }, ] def process ( self , input : str ) -> str : current = input for model_config in self . models : current = self . call_model ( model_config [ " model " ], self . create_prompt ( model_config [ " task " ], current ) ) return current Latency adds up. Three models in sequence means three times the latency. Only use this when each step actually needs a different model. Pattern 2: Router Router pattern — classify the task, route to the specialist: class ModelRouter : def __init__ ( self ): self . classifier = " qwen2.5-1.5b " self . specialists = { " code " : " qwen2.5-coder-7b " , " math " : " qwen2.5-32b " , " creative " : " claude-sonnet-4 " , " general " : " qwen2.5-7b " , } def route ( self , prompt : str ) -> str : task_type = self . classify ( prompt ) model = self . specialists . get ( task_type , self . specialists [ " general " ]) return self . call_m
AI 资讯
Millions Spent on Security Tools. Zero Spent on Asking the Right Questions.
There is a comfortable lie that has taken root in information security domain. It goes like this: "We have invested in the best tools. We have CSPM. We have CNAPP. We have ASM, ASPM, EDR, SIEM. We are covered." Boards believe it. CISOs present it. Security budgets are built around it. And while everyone is looking at dashboards full of green, two things are quietly true: One — attackers are not trying to beat your tools. They are looking for what your tools were never designed to see. Two — the most dangerous gaps in your security posture today are not gaps in your tooling budget. They are gaps in visibility, knowledge, and the fundamental understanding of what your own systems are supposed to do — and whether they actually do it. No tool solves that. Only people do. The Tool Trap The security industry has industrialized the idea that protection is a purchasing decision. Spend enough. Deploy enough. Integrate enough. And you will be secure. This thinking has produced something genuinely useful — a generation of powerful tools that automate detection, surface known misconfigurations, and reduce the manual burden on security teams. CSPM catches publicly exposed storage buckets. EDR detects malware. SIEM correlates suspicious behavior across logs. These tools matter and they work — within the boundaries of what they were designed to see. But there is a boundary. And most organizations have no idea where it is. The boundary is this: every security tool operates on known patterns, defined rules, and observable configuration state. None of them operate on context. None of them understand intent. And intent — what a system was supposed to do, how it was supposed to be accessed, what data it was never supposed to expose — is exactly where the most dangerous vulnerabilities live today. The Dangerous Gap Nobody Has Named Yet Security practitioners are familiar with the concept of IoM — Indicator of Misconfiguration. A wrong setting. An overpermissioned role. A flag that flipp