AI 资讯
Stop letting your AI agent eyeball A/B picks — wire in a real contextual bandit via MCP (free, no key)
If you give an LLM agent a table of A/B variants and ask "which one should we send next?", it will confidently pick the one with the highest conversion rate. That feels right. It is often wrong. The model has no concept of sample size , exploration , or regret . It pattern-matches "biggest number = winner" and moves on. For a one-off question, fine. But inside an agent loop that picks a variant on every request — email subject lines, ad copy, model routing, recommendation ranking — that naïve pick quietly accumulates regret and starves the options it never gave a fair chance. The fix isn't a better prompt. It's to not ask the LLM to do the math at all. Route the decision to a real bandit algorithm and let the model do what it's good at (orchestration, language) while a deterministic solver does what it's good at (the optimization). This post is a copy-paste demo you can run in your terminal right now , no signup, no API key. I'll use OraClaw — a deterministic decision-intelligence MCP server — but the point stands regardless of tool: stop letting the model guess at math it can verify. The trap, concretely Here's a realistic state mid-experiment. Three subject lines, different amounts of traffic: Variant Pulls Rewards (conversions) Raw rate A 120 18 15.0% B 80 17 21.3% C 15 4 26.7% Ask an LLM "which should we send next?" and you'll usually get B — it has the best rate among the well-tested variants, and C "only has 15 samples, too noisy to trust." That reasoning sounds responsible. It's exactly backwards. With only 15 pulls, C is under-explored — we don't actually know it's worse, and the cost of finding out is tiny. A bandit's whole job is to weigh that uncertainty instead of hand-waving it away. Let's get a real answer. Run it yourself: the no-key REST endpoint (60 seconds) OraClaw exposes a free, no-auth REST endpoint. Paste this into your terminal — nothing to install, nothing to sign up for: curl -s -X POST https://oraclaw-api.onrender.com/api/v1/optimize/bandit
AI 资讯
I got a merged PR into a YC startup before they ever replied to my job application
I applied to a YC W25 startup the normal way. Filled out the form, wrote a decent cover letter, hit submit. Silence. While waiting, I found their open-source repo on GitHub. Read through the codebase out of genuine curiosity I wanted to understand what they were actually building. Found a bug. Fixed it. Opened a PR. It got merged in 2 days. They still hadn't replied to my application. Here's what that taught me about job hunting in 2025: A cover letter tells someone what you claim you can do. A merged PR shows them. One of those gets read. The other gets filed under "maybe later" -which is just "no" with extra steps. I'm not saying cold applications are dead. I'm saying they're the last resort, not the first move. If a company has a public repo, you have a backdoor that most applicants don't even think to try. Read the code deep and find something small but real. Fix it and Open a PR. Now you're not a stranger in their inbox you're someone who already ships for them. The reply came eventually, by the way. But by then, the maintainers already knew my GitHub handle. That matters more than you think. Have you ever landed something through a contribution instead of an application? Drop it in the comments curious how many people have done this.
AI 资讯
Everyone's Excited About Claude Tag. Nobody's Built the Trust Layer.
Andrej Karpathy, OpenAI co-founder and former Tesla AI director, called Claude Tag the third major...
AI 资讯
Open Source Project of the Day (#104): AgentScope 2.0 — Alibaba's Production-Ready Agent Framework Built Around Model Reasoning
Introduction "Build and run agents you can see, understand, and trust." This is article #104 in the Open Source Project of the Day series. Today's project is AgentScope 2.0 — Alibaba DAMO Academy's open-source production-ready agent framework. The agent framework space is crowded. LangChain centers on chain-based orchestration. AutoGen centers on multi-agent conversation. CrewAI centers on role-based collaboration. AgentScope's differentiation is in its design philosophy: when LLM reasoning is strong enough, the framework should step back rather than constraining the model's decision space with rigid pipelines. AgentScope 2.0 adds the production infrastructure that philosophy requires: event system, permission controls, multi-tenant isolation, sandbox execution, middleware hooks. The goal is not a demo that runs — it's a system that ships. What You'll Learn AgentScope 2.0's design philosophy: why "model-led" over "fixed pipeline" The five core systems: Event / Permission / Multi-tenancy / Workspace / Middleware Agent Team pattern: how the Leader-Worker architecture handles complex tasks Permission system fine-grained control: tool call approval and boundary configuration Positioning differences vs. LangChain and AutoGen The full ecosystem: AgentScope Runtime, ReMe, OpenJudge, Trinity-RFT Prerequisites Familiarity with LLM agent concepts (tool use, reasoning loop) Basic Python async programming Experience with LangChain or AutoGen helps with positioning comparison Project Background What Is AgentScope? AgentScope 2.0 is a production-ready agent framework — "an agent development platform with essential abstractions, designed to work with rising model capability, with built-in production support." The core problem it addresses: traditional agent frameworks constrain LLMs with rigid pipelines and opinionated prompt templates. As LLM reasoning capability has improved rapidly, that constraint has become a bottleneck. AgentScope shifts to "letting the model's native reason
AI 资讯
I was tired of heavyweight dev tools — so I built my own
I'll be honest — I didn't set out to build a developer tool. I'm an engineer by trade. I build structural and forensic engineering software. C++, WinUI 3, heavy desktop apps. But a big chunk of my prototyping and internal tooling happens in Python — and every time I sat down to spin up a quick Python desktop app, I hit the same wall. Every launcher, every hot-reload tool, every dev cockpit I found wanted something from me. Install this. License that. Set up a virtual environment. Add five dependencies just to watch a file change. I just wanted to run my app, see it update when I changed something, and get back to work. So I built ILX Launcher. The rule I gave myself was simple: pure Python stdlib and tkinter. Nothing else. If it couldn't be done with what Python already ships with, I didn't need it. What came out of that constraint surprised me. No pip install. No virtual environment required. No licensing headaches. You clone it, you run it, it works. That's it. It's a developer cockpit for Python desktop apps — run, hot-reload, test, profile, and ship, all from one place. The kind of tool I wished existed six months ago. It's early. It's rough around the edges. But it works, and it's already saving me time every single day. If you've ever felt like your dev tooling was getting in the way of actually building — I'd love for you to try it and tell me what you think. 👉 github.com/ilxstudio/ILX-Launcher And if it saves you even five minutes — drop a ⭐ on the repo. It genuinely helps others find it.
开发者
Why Open Source API Tools Are Having a Moment
Over the last year or so, I've noticed more developers talking about open source API tools. Not just...
AI 资讯
I Wanted AI Code Review I Could Actually Own. So I Built Codra.
I wanted AI code review I could actually own. Not access through a subscription or a black-box service with its own limits. The deployment, credentials, providers, and usage under my control. I kept hitting usage limits mid-week during deep building sessions. The models were capable. The workflow was useful. But access still depended on somebody else's weekly allowance, and centralized platforms can change whenever the company behind them decides to. Pricing, quotas, models, plan boundaries. A workflow that fits this month may sit behind another subscription next month. I could not find a reliable open-source option that gave me the ownership model I wanted. So I built one. That became Codra : A self-hosted AI review engine built around bring-your-own models, your own data boundary, and no Codra-imposed usage ceiling. What Codra Is Codra is an open-source, self-hosted AI code review engine for GitHub pull requests. It listens to pull request events, reviews changed files, posts inline findings, and provides a dashboard for jobs, repositories, model routing, history, usage, and failures. It runs on Cloudflare Workers and uses: Cloudflare Queues for review jobs PostgreSQL through Hyperdrive for storage KV for sessions and cache A React dashboard for operations The GitHub App, model credentials, database, and review history are yours. Provider keys are encrypted with AES-GCM using your deployment secret. Bring Your Own Model, Bring Your Own Limits Changing providers does not require replacing your review history, configuration, or workflow. You configure the provider and model. Supported: OpenAI-compatible APIs OpenRouter Anthropic Google / Gemini Cloudflare Workers AI Why Self-Hosted Matters Here A large frontend repo and a tiny backend repo should not need the same review strategy. Each repository gets its own review settings. You tune triggers, skip generated files, ignore drafts, use mention-triggered reviews, configure labels, set file limits, and define custom ru
AI 资讯
The Tool Found Corridor Nodes — But the Bigger Finding Was Where It Found None
A few weeks ago I published corridor-lab — a Docker lab that proved a triage mismatch: a service that stores nothing sensitive can become high-priority because of where it sits in the path to a sensitive downstream system. The lab proved the premise. The next question was whether a tool could identify those nodes automatically — without manual path declaration, without value labels, from graph position alone. So I built corridor-id. You point it at a Docker Compose file. It discovers the topology, computes depth from exposed surfaces, and identifies which nodes expand forward reach into deeper parts of the environment. No asset-value labels. No sensitivity ratings. No human classification. Reach and graph position only. Then I pointed it at four architecturally different Docker environments. Two had corridor nodes. Two had none. Both answers were useful. But the zero-corridor results taught me more than the positive ones. What corridor-id does The tool reads a Docker Compose file and builds a reachability graph from service definitions, network memberships, and port mappings. It then orients that graph from exposed surfaces using BFS and identifies nodes that provide forward reach — access to strictly deeper nodes that the exposed surface cannot reach directly. The output is a ranked list with two metrics: exposure distance (how close to the surface) and forward reach gain (how many deeper nodes become reachable through this node). One command: python corridor-id.py docker-compose.yml No manual path declaration. No value labels. No configuration. From graph position alone. The four tests corridor-lab — segmented, depth 3 My own lab, five services across five segmented networks. The tool independently identified status-api as a corridor node — the same finding the lab was built to prove. Corridor nodes found: 3 → status-api Exposure distance: 1 Forward reach gain: 1 → log-monitor Exposure distance: 1 Forward reach gain: 1 → internal-admin-api Exposure distance: 2 For
开源项目
🔥 fastrepl / anarlog - Open source Granola AI Alternative
GitHub热门项目 | Open source Granola AI Alternative | Stars: 8,694 | 51 stars this week | 语言: Rust
开源项目
🔥 TencentCloud / CubeSandbox - Instant, Concurrent, Secure & Lightweight Sandbox for AI Age
GitHub热门项目 | Instant, Concurrent, Secure & Lightweight Sandbox for AI Agents. | Stars: 6,458 | 22 stars today | 语言: Rust
开源项目
🔥 louis-e / arnis - Generate any location from the real world in Minecraft with
GitHub热门项目 | Generate any location from the real world in Minecraft with a high level of detail. | Stars: 16,200 | 44 stars today | 语言: Rust
开源项目
🔥 wezterm / wezterm - A GPU-accelerated cross-platform terminal emulator and multi
GitHub热门项目 | A GPU-accelerated cross-platform terminal emulator and multiplexer written by @wez and implemented in Rust | Stars: 26,821 | 56 stars today | 语言: Rust
开源项目
🔥 KeygraphHQ / shannon - Shannon is an autonomous, white-box AI pentester for web app
GitHub热门项目 | Shannon is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities before they reach production. | Stars: 44,957 | 57 stars today | 语言: TypeScript
开源项目
🔥 axios / axios - Promise based HTTP client for the browser and node.js
GitHub热门项目 | Promise based HTTP client for the browser and node.js | Stars: 109,082 | 8 stars today | 语言: JavaScript
开源项目
🔥 juliangarnier / anime - JavaScript animation engine
GitHub热门项目 | JavaScript animation engine | Stars: 70,268 | 152 stars today | 语言: JavaScript
开源项目
🔥 aws / agent-toolkit-for-aws - Official, AWS-supported MCP servers, skills, and plugins to
GitHub热门项目 | Official, AWS-supported MCP servers, skills, and plugins to help AI agents build on AWS | Stars: 958 | 13 stars today | 语言: Python
开源项目
🔥 paperless-ngx / paperless-ngx - A community-supported supercharged document management syste
GitHub热门项目 | A community-supported supercharged document management system: scan, index and archive all your documents | Stars: 42,384 | 46 stars today | 语言: Python
开源项目
🔥 shanraisshan / claude-code-best-practice - from vibe coding to agentic engineering - practice makes cla
GitHub热门项目 | from vibe coding to agentic engineering - practice makes claude perfect | Stars: 59,083 | 329 stars today | 语言: HTML
AI 资讯
Your AI coding agent forgets everything every session. I fixed it with markdown and YAML.
Every time I opened a fresh session with my coding agent, it started from zero. Which repos am I working across? Which client is this for? Where did we leave off yesterday? I'd re-explain the same context, the agent would occasionally load the wrong project, and nothing I decided last week survived into this one. A "re-explain myself" tax on every single session. I tried the obvious fix first — a better prompt, a longer system message. It didn't hold. Context that has to persist can't live inside the chat; the chat is the thing that resets. What actually worked: give the agent a place outside the chat to read and write — and make it the most boring, durable thing I could. Plain files in a git repo. The substrate: markdown + YAML the agent reads at session start open-bridge is a plain git repo of markdown and YAML. At the start of every session the agent reads it, so it begins already knowing my world. No database, no SaaS, no daemon, nothing to host — the substrate itself runs nothing . It's just files the agent reads. That "just files" choice is the whole point: Agents can read a file but can't hold an API key. What I write today, the agent still reads in six months — no migration, no second app, no vendor lock-in. It's auditable. Clone it and cat anything the agent reads. No black box. It's model- and tool-agnostic. Plain text is something every agent runtime can read. A tiny slice of what that looks like (from the repo's examples/agency setup — fictional "Acme Dev"): # ecosystem.yaml — the repos/clients the agent should know about projects : bigcorp : { display_name : " BigCorp E-Commerce" , repos : [ bigcorp-api , bigcorp-frontend ] } startupxyz : { display_name : " StartupXYZ MVP" , repos : [ startupxyz-app ] } # work/board.md — generated from the task dirs, read every session ## Doing | bigcorp-api-payment-retry | incident | P1 | Stripe webhook retries failing | | startupxyz-onboarding | feature | P2 | guided signup flow | So when I say "good morning, briefing
AI 资讯
Dev log #7 Reviving DevNotion: 10,000 Lines, Multi-LLM Support, and the Road to v2.1
Spent the week breathing new life into DevNotion—59 commits and over 10,000 lines of code later,...