AI 资讯
AgentTrust ID is live
This weekend, AgentTrust ID went live in production. As of today, all five SDKs are published: pip install agenttrustid npm install @agenttrustid/sdkgo get github.com/agenttrustid/sdk/go cargo add agenttrustid # Maven / Gradle # id.agenttrust:agenttrustid:0.3.0 The SDKs are open source under Apache 2.0 at github.com/agenttrustid/sdk . The hosted platform is running at app.agenttrust.id in a controlled beta. Why I built this AI agents broke the assumptions that machine-to-machine security was built on. An API key answers one question: who is calling. It asks it once, at the door. An agent decides its next action at runtime, from context nobody wrote by hand. The same agent that summarized a document a second ago might now try to email it, delete it, or chain a task to another agent. A credential that only proves identity has no opinion about any of that. Agents need a decision at the action boundary : should this specific action happen, right now, on whose behalf . Answered at runtime, every time, with an audit trail and a kill switch. What's running Everything below is live in production today, not a roadmap: Per-action authorization. Every consequential action passes a pre-flight check. The Guardian pipeline routes each action by risk: deterministic rule checks for the common path, a policy engine for mutations, and AI-backed review for destructive operations. Fail-closed where it counts. Opaque, instantly revocable tokens. Credentials are at_ references with no standing authority of their own . The server decides on every use, so revocation is one call, effective immediately. Scoped delegation. When one agent hands work to another, the grant narrows instead of copying : subset scopes, independent TTLs, independently revocable, bounded chain depth. Read-only sessions with time-boxed elevation. Sessions start safe and rise only on approval, for a bounded window, then revert on their own. One model across surfaces. MCP tools, agent-to-agent calls, and direct API inte
AI 资讯
Ineffable Intelligence -- RL ASI
https://www.youtube.com/watch?v=VD9zEKQEJxo 这视频深入拆解了人工智能强化学习之父、图灵奖得主理查德·萨顿(Richard Sutton) 在2026年5月共同发表的一篇仅有7页、零算法、零跑分的哲学立场论文。这篇论文提出了 “行动认知 AI”(Enactive Artificial Intelligence,简称 Enactive AI)的概念,并在科技界和资本圈引发了巨大震动(甚至让红杉、英伟达、谷歌联合下注了11亿美元成立新公司)。 视频从 核心概念、哲学脉络、理论内在矛盾、认知科学质疑 以及 产业界的三路对赌 五个维度,极其详细地复盘了视频的所有核心内容: 一、 什么是“行动认知 AI”(Enactive AI)? 视频强调,全网很多地方都把 Enactive (行动认知/生成认知)和 Generative (生成式 AI,如 GPT、Sora)混淆了,但两者的底层逻辑恰恰相反 [ 00:50 ]: 生成式 AI(Generative AI): 核心是 续写和预测 。通过已有画面或文本,被动地去预测下一帧、下一个词长什么样 [ 01:07 ]。 行动认知 AI(Enactive AI): 核心是 在互动中现生成认知 。认知不是大脑被动接收信号并建立静态世界模型,而是“你动了手,世界才向你显现” [ 01:47 ]。 > 举例: 人去拿杯子,不是眼睛先拍下一张静态照片让大脑去死算距离、角度 [ 01:53 ],而是手往前探的过程中,随着角度、光影的实时动态变化,杯子的形状和可抓取性才在动作里一点点“长出来” [ 01:59 ]。 感知和行动硬死在一起,无法拆分。 这套理论源自认知科学中的 自创生(Autopoiesis)与自主性(Autonomy) [ 02:21 ]。它认为智能体应该像生物一样自我维持、组织,由内在生存需求去塑造感知,而不是一个干等着外部指令输入输出的机器 [ 02:24 ]。 二、 萨顿为什么要发这篇哲学论文? 萨顿并不是一时性起,这是他为了对抗当前“大模型路线”打出的最后一张哲学底牌: 2019年《苦涩的教训》: 主张人类手写规则干不过堆算力、让机器自己学的通用方法 [ 02:47 ]。 2024年《大世界假设》: 真实世界远比静态内部模型复杂,智能体必须在运行中实时学习 [ 02:59 ]。 2025年《经验时代》: 人类数据是有限的,AI 必须靠自己生成自己的经验长大的 [ 03:12 ]。 2025年9月: 直指整个 AI 行业走错路,大模型堆数据去超智是死路一条 [ 03:19 ]。 这篇论文补上了最后一把火: 之前的论证全是算力、数据和复杂度的“机械账” [ 03:25 ]。而这一次,他第一次把强化学习(RL) 和 认知科学(行动认知)接在了一起,从本体论层面证明: 大模型路走不通,认识世界这件事本身,就只能通过行动和互动的经验来发生 [ 03:39 ]。 为此,2026年初论文共作者创办了 Ineffable Intelligence 公司,号称要造出完全不需要人类数据、靠自己学习的 AI,直接拿到了红杉、英伟达、谷歌 11 亿美元的巨额融资(估值 51 亿美元) [ 03:55 ]。 三、 论文隐藏的两大致命致命逻辑“回旋镖” 视频话锋一转,指出萨顿借来的这套哲学地基里,埋着两根砸中他自己的“大柱子”: 柱子 1:砸中了萨顿的“奖励假设”(自相矛盾) [ 04:35 ] 强化学习的号称教条: 奖励假设(Reward Hypothesis),即所有目标、意图都可以写成“最大化外部给定的标量分数” [ 04:53 ]。David Silver 甚至喊出“奖励就够了” [ 05:13 ]。 行动认知哲学的教条: 自主性(Autonomy),即什么是好坏、成败,标准必须从智能体随时会散架的“物理组织和生存危机”中自发长出来,不能由外部权威操控 [ 05:27 ]。 裂缝: 标准强化学习的奖励函数(Reward Function)是人类设计者用代码硬塞进去的(他律) [ 05:55 ];而生物判断好坏是为了顶住熵增、维持结构不崩(自主) [ 06:11 ]。论文里作者自己也承认:强化学习的评估标准依然由外部奖励定义 [ 06:38 ]。 内驱动机能救场吗? 比如好奇心驱动或求知驱动。视频认为不能,因为诸如“优化预测误差”的总结优化目标,依然是人类在架构层死死规定好的,根本不是智能体出于生存忧关的自发需求。没有真正的生命威胁,就没真正的意义生成 [ 07:12 ]。 柱子 2:砸中了萨顿自己的《苦涩的教训》 [ 07:49 ] 萨顿当年痛骂:研究者总忍不住把人类以为的思考结构(比如语法树、手工特征检测器)硬塞进 AI 架构里,这长期必被碾压 [ 08:13
AI 资讯
I shipped a support desk by deleting a dependency
I added a support desk to LaraFoundry this week. The first commit in the slice removed a package instead of adding one. LaraFoundry is a reusable SaaS core for Laravel that I'm extracting in public from an older app of mine. Auth, multi-tenancy, roles, activity log, notifications, billing seam, and now support tickets. The rule for every module is the same: lift the proven idea out of the old code, modernise it, harden it, and make it something you can composer require into a fresh Laravel app without inheriting a pile of assumptions. Tickets is where that rule got interesting, because the old code didn't own its ticket model. It leaned on a third-party ticket library. Why a ticket package is wrong for a reusable core A third-party ticket package is a perfectly reasonable choice when you're building one app. You get tables, a model, a status enum and a UI scaffold for free. It's the wrong choice for a core that other apps install. Pull it into the core and every host app inherits that package's migrations, its table names, its status vocabulary and its idea of what a ticket is. The dependency becomes load-bearing in projects that never asked for it, and the day it lags a Laravel release, every downstream app waits. So I cut it (decision D-4.2-1 in my notes) and wrote the model by hand. The model is about 180 lines. There is no magic. Two tables, a uuid, a status, a couple of scopes. The diff against "depend on the package" was less code in the core, not more, because I only kept the behaviour I actually use. Here's the top of the model, with the extraction notes I leave for future me: /** * A support ticket: the channel between a host user and the platform operator. * * Extracted from the donor App\Models\Ticket, which sat on a third-party * ticket package. That dependency is cut: this is a self-contained model. * Categories and labels are JSON slug arrays driven by config, not pivot * tables. The dead assigned_to column and the donor's invalid-operator * query are
开源项目
🔥 qdrant / qdrant - Qdrant - High-performance, massive-scale Vector Database and
GitHub热门项目 | Qdrant - High-performance, massive-scale Vector Database and Vector Search Engine for the next generation of AI. Also available in the cloud https://cloud.qdrant.io/ | Stars: 31,915 | 33 stars today | 语言: Rust
开源项目
🔥 slint-ui / slint - Slint is an open-source declarative GUI toolkit to build nat
GitHub热门项目 | Slint is an open-source declarative GUI toolkit to build native user interfaces for Rust, C++, JavaScript, or Python apps. | Stars: 22,839 | 15 stars today | 语言: Rust
开源项目
🔥 zhom / donutbrowser - Simple Yet Powerful Anti-Detect Browser 🍩
GitHub热门项目 | Simple Yet Powerful Anti-Detect Browser 🍩 | Stars: 2,724 | 21 stars today | 语言: Rust
开源项目
🔥 hyperlight-dev / hyperlight - Hyperlight is a lightweight Virtual Machine Manager (VMM) de
GitHub热门项目 | Hyperlight is a lightweight Virtual Machine Manager (VMM) designed to be embedded within applications. It enables safe execution of untrusted code within micro virtual machines with very low latency and minimal overhead. | Stars: 4,384 | 24 stars today | 语言: Rust
开源项目
🔥 thesysdev / openui - The Open Standard for Generative UI
GitHub热门项目 | The Open Standard for Generative UI | Stars: 6,776 | 47 stars today | 语言: TypeScript
开源项目
🔥 danny-avila / LibreChat - Enhanced ChatGPT Clone: Features Agents, MCP, Skills, DeepSe
GitHub热门项目 | Enhanced ChatGPT Clone: Features Agents, MCP, Skills, DeepSeek, Anthropic, AWS, OpenAI, Responses API, Azure, Groq, o1, GPT-5, Mistral, OpenRouter, Vertex AI, Gemini, Artifacts, AI model switching, message search, Code Interpreter, langchain, DALL-E-3, OpenAPI Actions, Functions, Secure Multi-User Auth, Presets, open-source for self-hosting. Active | Stars: 38,631 | 139 stars today | 语言: TypeScript
开源项目
🔥 y13sint / FreeQwenApi - Локальный API-прокси для Qwen AI с поддержкой сохранения кон
GitHub热门项目 | Локальный API-прокси для Qwen AI с поддержкой сохранения контекста диалогов и управления сессиями через REST API | Stars: 207 | 13 stars today | 语言: JavaScript
开源项目
🔥 fastify / fastify - Fast and low overhead web framework, for Node.js
GitHub热门项目 | Fast and low overhead web framework, for Node.js | Stars: 36,440 | 23 stars today | 语言: JavaScript
开源项目
🔥 hmjz100 / LinkSwift - 一个基于 JavaScript 的网盘文件下载地址获取工具。基于【网盘直链下载助手】修改 ,支持 百度网盘 / 阿里云盘
GitHub热门项目 | 一个基于 JavaScript 的网盘文件下载地址获取工具。基于【网盘直链下载助手】修改 ,支持 百度网盘 / 阿里云盘 / 中国移动云盘 / 天翼云盘 / 迅雷云盘 / 夸克网盘 / UC网盘 / 123云盘 八大网盘 | Stars: 15,746 | 84 stars today | 语言: JavaScript
开源项目
🔥 tradesdontlie / tradingview-mcp - AI-assisted TradingView chart analysis — connect Claude Code
GitHub热门项目 | AI-assisted TradingView chart analysis — connect Claude Code to your TradingView Desktop for personal workflow automation | Stars: 3,470 | 31 stars today | 语言: JavaScript
开源项目
🔥 magenta / magenta-realtime - Magenta RealTime 2: An Open-Weights Live Music Model
GitHub热门项目 | Magenta RealTime 2: An Open-Weights Live Music Model | Stars: 1,418 | 86 stars today | 语言: Python
开源项目
🔥 alistaitsacle / free-llm-api-keys - Free LLM API keys for GPT-5.5, Claude, DeepSeek, Gemini, Gro
GitHub热门项目 | Free LLM API keys for GPT-5.5, Claude, DeepSeek, Gemini, Grok — copy, paste, use. Updated 3-5x daily. No credit card needed. | Stars: 1,782 | 143 stars today | 语言: Python
开源项目
🔥 luongnv89 / claude-howto - A visual, example-driven guide to Claude Code — from basic c
GitHub热门项目 | A visual, example-driven guide to Claude Code — from basic concepts to advanced agents, with copy-paste templates that bring immediate value. | Stars: 35,507 | 154 stars today | 语言: Python
开源项目
🔥 Andyyyy64 / whichllm - Find the local LLM that actually runs and performs best on y
GitHub热门项目 | Find the local LLM that actually runs and performs best on your hardware. Ranked by real, recency-aware benchmarks, not parameter count. One command, run it instantly. | Stars: 3,192 | 103 stars today | 语言: Python
开源项目
🔥 phuryn / pm-skills - PM Skills Marketplace: 100+ agentic skills, commands, and pl
GitHub热门项目 | PM Skills Marketplace: 100+ agentic skills, commands, and plugins — from discovery to strategy, execution, launch, and growth. | Stars: 12,389 | 112 stars today | 语言:
开源项目
🔥 google / skills - Agent Skills for Google products and technologies
GitHub热门项目 | Agent Skills for Google products and technologies | Stars: 12,111 | 481 stars today | 语言: Python
AI 资讯
I Built a Tool That Finds Package Equivalents Across Programming Languages
TL;DR: I built PackagePal — paste in any package from any language, pick your target language, and AI instantly finds the equivalent. No more Googling "what's the Node.js version of Python's requests ?" The Problem That Drove Me Crazy You know that moment when you're migrating a project — or just jumping between ecosystems — and you hit a wall trying to find the right package? I do. Every time. # You're used to this in Python import requests response = requests . get ( " https://api.example.com/data " ) And you move to Node.js and think: "Okay, what do I use here? axios? node-fetch? got? undici?" So you Google it. You find a Stack Overflow thread from 2019. Half the answers recommend packages that are now deprecated. You open 6 tabs. 20 minutes later you're still not sure which one is the current best choice. This wasn't a once-in-a-while thing for me. It happened constantly — switching between Python, JavaScript, Go, and Ruby on different projects. I was wasting real hours on a problem that felt completely solvable. So I built PackagePal . What PackagePal Does PackagePal uses AI to understand what a package actually does — its purpose, not just its name — and finds the best equivalent in whatever language you're moving to. The key insight: this isn't a lookup table. A simple mapping of requests → axios misses context. What if you're using requests for its session management? Or its retry logic? PackagePal surfaces options and explains why each one is a good match. Example searches people use it for: Python's pandas → JavaScript Ruby's devise → Node.js Go's cobra → Python JavaScript's lodash → Go Just type the package, pick the target language, and get results in seconds. 👉 Try it: packagepal.dev How I Built It Tech Stack 🤖 AI: Gemini Pro — handles the semantic understanding of what a package does and why an alternative matches ⚛️ Frontend: React + TypeScript ⚙️ Backend: Node.js + TypeScript on Google Cloud ⚡ Caching: Redis — so repeat searches (e.g., "requests → No