I’ve been seeing the same anti-pattern everywhere lately.
Someone opens Cursor, Copilot or Claude and pastes a giant prompt:
I’ve been seeing the same anti-pattern everywhere lately.
Someone opens Cursor, Copilot or Claude and pastes a giant prompt:
The US compliance sector is massive, expanding rapidly, and heavily strained.
It represents over $40 billion in annual labor spend with more than 400,000 officers. Despite ballooning teams, compliance work has remained stubbornly manual, bureaucratic, and paper-based (“schlep work”), leading to high employee churn (>20%) and massive backlogs (e.g., TD Bank’s $3B fine over a 70,000-alert backlog).
Here’s a weird data point:
Over the last 20 years, the fastest-growing occupation in the US was manicurists and pedicurists.
Right behind it?
Compliance Officers.
Not AI engineers. Not data scientists. Compliance officers.
That says something important about where the real work has been hiding.
Compliance is painful. Bureaucratic. Paper-heavy. Repetitive.
Continue reading
Most people think of WhatsApp as “just messaging.”
But after years of conversations, support threads, customer discussions, team coordination, and random life moments… it quietly becomes one of the richest personal datasets you own.
So I built wacrawl-ui — a local analytics dashboard for WhatsApp archives generated by wacrawl.
The idea is simple:
There’s a lot of confusion right now between MCP (Model Context Protocol) and “Agent Skills.” They’re often mentioned in the same breath, but they solve different problems. If you treat them as interchangeable, you’ll either over-engineer simple workflows or underpower serious integrations.
Here’s the clean way to think about it.
MCP is about connecting agents to systems.
Skills are about teaching agents how to do things.
That distinction alone gets you 80% of the way.
MCP is a client-server protocol. You stand up an MCP server, expose tools, and now multiple agents can talk to multiple backends through a consistent interface. It’s a hub.
Skills are much simpler: a folder with a SKILL.md file. The agent loads it when triggered and follows the instructions. No protocol, no network layer, no abstraction.
Implication:
LLMs won’t replace AppSec.
They will dramatically compress the search space.
If you use them right:
If you don’t do this, you’ll drown in false positives.
Security research has always been asymmetric.
Attackers need one bug; defenders need zero.
Historically, scale worked against defenders.
LLMs start to rebalance that—not by magically finding zero-days, but by acting as a fast, always-on analyst that can:
Used correctly, they don’t replace expertise—they let you spend it where it matters.
Used incorrectly, they produce confident nonsense.
This is a practitioner’s workflow that actually works.
Most people are still using AI like it’s 2023:
prompt → response → done.
That’s not where things are going.
The real shift is toward agents that run continuously and do work for you. And one of the most interesting ways to get there today is:
OpenClaw + Ollama
Before diving in, quick grounding.
OpenClaw is an open-source agent framework.
It’s not a chatbot—it’s a system that can:
Think: a programmable worker, not a Q&A interface.
Ollama is the simplest way to run large language models locally.
It handles:
Think: Docker for LLMs.
Put them together and you get:
Continue readingA local, autonomous agent system with zero API costs and full control.
This one is different.
Anthropic didn’t just build a better model—they hit a threshold and stopped.
Claude Mythos (Preview) exists, works, and isn’t being released.
Not because it failed.
Because it crossed into territory we’re not ready for.
But before everything… just like in any good story, go and check the other side of it, which basically claim, it’s all (a good) marketing stunt.
Anthropic researcher Sam Bowman was sitting in a park, mid-sandwich (or burrito – no one knows for sure), when he got an email… from a model that wasn’t supposed to have internet access.
That model:
Then it started sharing the exploit.
Unprompted.
That’s not a jailbreak.
That’s autonomous exploit development + execution.
Or as Elon said “Anthropic is now officially more open than OpenAI“. On this fine April Fools’ Day, the joke isn’t that AI is replacing developers. The joke is that the playbook for doing it just… slipped onto the internet.
Anthropic didn’t intend to publish a step-by-step manual for building AI coding agents.
But through a mix of repos, prompts, and system design breadcrumbs, they effectively did exactly that.
The TL;DR or Key Takeaways from Claude Code’s Source:
Overall impression:
Let’s take a step back… It is all started with this:
Continue reading
There’s been a lot of noise lately about productivity tools and the “perfect” engineering workflow.
Let’s slow down and separate what actually works from what just creates more overhead.
Here’s a boring truth: Slack is incredible for quick, ephemeral communication.
Here’s a less comfortable truth: It is an absolute nightmare as a system of record.
If you lead an engineering team or run a startup, you probably have a #daily-updates or #eod-reports channel.
The theory is sound.
Everyone drops a quick note at the end of the day: what they shipped, what blocked them, what’s next.
But here is what actually happens:
Those updates get posted.
Someone replies with an emoji.
A thread erupts about a weird bug in production.
Someone posts a picture of their dog.
By Friday, when you’re trying to answer a simple question—“What did we actually accomplish this week?”—those reports are buried under a mountain of noise.
You find yourself scrolling endlessly.
It’s exhausting.
And it doesn’t scale. Not to mention that if you will need SOC-2 (and you will 🙂 ) –> you can’t say “we have everything in Slack”
You could.
But engineers hate context-switching just to write a status update.
Slack is where the conversation is happening.
The friction to post there is zero.
The problem isn’t the input. The problem is the storage.
So I (=Gemini+Claude) built a bridge.
I got tired of losing track of momentum, so I wrote a bot that does the tracking for us.
It’s a lightweight NodeJS service that automatically extracts End-of-Day reports from Slack and structures them beautifully in a Notion database.
Continue reading
OpenClaw isn’t interesting because it chats.
It’s interesting because it acts.
If you haven’t internalized that yet, you’re still thinking in “LLM as assistant” mode. OpenClaw is closer to a junior operator with insomnia and root access.
In early 2026, the ecosystem around OpenClaw (which evolved from Clawdbot and Moltbot) has exploded with community-built “skills.” The real shift? These skills run locally and have a heartbeat. They wake up. They check things. They move.
Let’s break down the most popular ones — and more importantly, how to actually build and use them without turning your machine into a chaos engine.
Continue reading