If you’re making a bot in which there will be many sub-behaviors, it can be tempting to say “each sub-behavior should do whatever checks it needs, including basic checks for self-reply.”
And there lie dragons, because whether a tired or junior or (now) not-even-human engineer is writing new sub-behavior, it’s easy to assume that footguns either don’t exist or are prevented a layer up. There’s nothing more classic than that.
I'm kind of understanding, I think, but not fully. Regardless of how you structure this bot, there will be one entrypoint for the webhooks/callbacks, right? Even if there is sub-behaviours, the incoming event is passing through something, or are we talking about "sub-bots" here that are completely independent and use different GitHub users and so on?
Otherwise I still don't see how you'd end up with your own bot getting stuck in a loop replying to itself, but maybe I'm misunderstanding how others are building these sort of bots.
Someone sets up a bot with: on a trigger, read the message, determine which "skill" to use out of a set of behaviors, then let that skill handle all the behavior about whether or not to post.
Later, someone (or a vibe coding system) rolls out a new skill, or a change to the skill, that omits/removes a self-reply guard, making the assumption that there are guards at the orchestration level. But the orchestration level was depending on the skill to prevent self-replies. The new code passes linters and unit tests, but the unit tests don't actually mimic a thread re-triggering the whole system on the self-posting. New code gets yolo-pushed into production. Chaos ensues.
2. Step X is calling an external system that runs its own series of steps.
3. Some potential outcomes of said external system is if it detects some potential outcomes (errors, failed tests, whatever) is it kicks back an automated process that runs back through the bot/system where said system makes the same mistake again without awareness it's caught in a loop.
> pretty much the second or third step is "Huh, probably this shouldn't be able to reply to itself, then it'll get stuck in a loop". But that's hardly a "classic CI bug",
Thanks for sharing this! A question I've grappled with is "how do you make the DOM of a rendered webpage optimal for complex retrieval in both accuracy and tokens?" This could be a really useful transformation to throw in the mix!
https://github.com/certbot/certbot/pull/10370 showed that a proof of concept is viable with relatively few changes, though it was vibe coded and abandoned (but at least the submitter did so in good faith and collaboratively) :/ Change management and backwards compatibility seem to be the main considerations at the moment.
> To escalate privileges, we abused the token’s repo scope, which can manage repository collaborators, and invited our own GitHub user to be a repository administrator.
I think it comes down to what you do with the access. Since this is a public repo I don't think I'd be too upset at the addition of a new admin so long as they didn't do anything with that access. It's a good way to prove the impact. If it were a private repo I might feel differently.
This comes entirely down to the scope of the agreement for the assessment. Some teams are looking for you to identify and exploit vulns in order to demonstrate the potential impact that those vulnerabilities could have.
This is oftentimes political. The CISO wants additional budget for secure coding training and to hire more security engineers, let the pentesting firm demonstrate a massive compromise and watch the dollars roll in.
A lot of time, especially in smaller companies, it's the opposite. No one is responsible for security and customers demand some kind of audit. "Don't touch anything we don't authorize and don't do anything that might impact our systems without explicit permissions."
Wiz is a very prominent cloud security company who probably has incredibly lucrative contracts with AWS already, and their specialty, as I understand it, is identifying full "kill chains" in cloud environments. From access issues all the way to compromise of sensitive assets.
I’d guess that we would not have had the pleasure of reading this article if wiz was payed by AWS. There were multiple high impact bug in 2025 that we read about here, where security researchers had to turn down small six figure bounties to avoid NDAs…
Per that very article, Sherman will be for support chips for power and peripherals, on legacy 45nm+ nodes.
Apple's investing heavily in the TSMC fab in Arizona, due to open in 2027, to have 3nm capabilities for its flagship chips, but it's unlikely that would ever cover a majority of that chipmaking.
One aspect of this normalization of photo uploading is that, if a platform allows user-generated content that can splash a modal to kids, a bad actor can do things like say “you need to re-verify or you’ll lose all your in-game currency, go here” and then collect photo identification without even needing to compromise identity verification providers!
I truly fear the harm that will be done before legislators realize what they’ve created. One only hopes that this prevents the EU and US from doing something similar.
The fundamental question that needs answering is: should we actually prevent minors below the age of X from accessing social media site Y? Is the harm done significant enough to warrant providing parents with a technical solution for giving them control over which sites their X-aged child signs up, and a solution that like actually works? Obviously pinky-swear "over 13?" checkboxes don't work, so this currently does not exist.
You can work through robustness issues like the one you bring up (photo uploading may not be a good method), we can discuss privacy trade-offs like adults without pretending this is the first time we legitimately need to make a privacy-functionality or privacy-societal need trade-off, etc. Heck, you can come up with various methods where not much privacy needs trading off, something pseudonymous and/or cryptographic and/or legislated OS-level device flags checked on signup and login.
But it makes no sense to jump to the minutiae without addressing the fundamental question.
> The fundamental question that needs answering is: should we actually prevent minors below the age of X from accessing social media site Y?
I suspect if you ask Hacker News commenters if we should put up any obstacles to accessing social media sites for anyone, a lot of people will tell you yes. The details don't matter. Bashing "social media" is popular here and anything that makes it harder for other people to use is viewed as a good thing.
What I've found to be more enlightening is to ask people if they'd be willing to accept the same limitations on Hacker News: Would they submit to ID review to prove they aren't a minor just to comment here? Or upvote? Or even access the algorithmic feed of user-generated content and comments? There's a lot of insistence that Hacker News would get an exception or doesn't count as social media under their ideal law, but in practice a site this large with user-generated content would likely need to adhere to the same laws.
So a better question might be: Would you be willing to submit to ID verification for the sites you participate in, as a fundamentally good thing for protecting minors from bad content on the internet?
You can look at all manner of posts here on HN that explain exactly how you should do age verification without uploading IDs or giving central authority to some untrustworthy entity.
The fact that neither the governments proposing these laws nor the social media sites want to implement them those ways tells you that what these entities want isn't "verification" but "control".
> You can look at all manner of posts here on HN that explain exactly how you should do age verification without uploading IDs or giving central authority to some untrustworthy entity.
That's not how ID verification works. The ID verification requirements are about associating the person logging in with the specific ID.
So kids borrow their parents' ID while they're not looking, complete the registration process that reveals nothing, then they're good forever.
Or in the scenario where nothing at all is revealed about the ID and there is no central authority managing rate limiting, all it takes is for a single ID to be compromised and then everyone can use it to authenticate everywhere forever.
That's why all of the age verification proposals are basically ID verification proposals. All of these anonymous crypto suggestions wouldn't satisfy those requirements.
> Would you be willing to submit to ID verification for the sites you participate in, as a fundamentally good thing for protecting minors from bad content on the internet?
The friction would be sufficient to give up. Arguably no loss to me and certainly none to the internet.
This is what has happened already, I am not giving my id to some shitty online provider. If I lose more sites so be it.
I would rather parenting be the responsibility of parents and I resent the selfish individuals who wilfully burden others with the various costs associated with their demands for safety from their own choices over taking responsibility for themselves. No impact to others is too great for those who insist anything they don’t wish to be exposed to is dealt with at the societal level.
If an at risk child’s parent is unwilling to do what they believe is the right thing by their child then they have failed the child and need to get a grip - confiscate the device or change the wifi password or sleep with the router under your pillow if you have to it’s really not that hard.
> Would you be willing to submit to ID verification for the sites you participate
I would not. Because there are better options out there if the objective is purely age verification that's as rigorous as the status quo for buying alcohol or cigarettes.
> The fundamental question that needs answering is: should we actually prevent minors below the age of X from accessing social media site Y?
This is only an interesting question if we can prevent it. We couldn't prevent minors from smoking, and that was in a world where you had to physically walk into a store to buy cigarettes. The internet is even more anonymous, remote-controlled, and wild-west. What makes us think we can actually effectively age gate the Internet, where even Nobody Knows You're A Dog (1993)[1].
I'd argue that the reduction of underage smoking has much more to do with things like social acceptability and education about the dangers of smoking, and not about physical controls on the distribution of and access to cigarettes. There also appears to be a recent trend of younger people not drinking alcohol to the extent that my generation and Boomers did, which is wonderful, but probably has nothing to do with physical access to beer.
This is the right way to reduce childhood social media use: Make it socially disgusting, and make it widely known to be dangerous.
The real solution, IMO, is a second internet. Domain names will be whitelisted, not blacklisted, and you must submit an application to some body or something.
I agree. There were attempts to do something like this with porn sites via the .xxx TLD I believe, but that inverts the problem. Don't force the public to go to a dark alley for their guilty pleasures. Instead, the sites that want to target kids need to be allowlisted. That is much more practical and palatable.
Yeah.. the opposition was just a bad take IMO... "but it will create a virtual red light district" which is EXACTLY what you want online, unlike a physical city, you aren't going to accidentally take a wrong turn, and if you're blocking *.xxx then it's even easier to avoid.
Then require all nudity to be on a .edu, .art or .xxx, problem mostly solved.
Who decides where the art erotica boarder is? There is plenty of content that would straddle that border, I have seen art that could legitimately called pornographic and pornography i would describe as art. Who decides? And then you have prudes Florida Texas red states trying to prevent remove any thing from an .edu and would happily ban the .xxx entirely and would find any .art suspect and probably ban it.
I dont see why phones can't come with a browser that does this. Parents could curate a whitelist like people curate playlists, and share it, and the browser would honor that.
Combined with some blacklisted apps (e.g., all other browsers), this would be a passable opt-in solution. I'm sure there's either a subscription or a small incentive for someone to build this that hopefully isn't "Scam children".
It's not like kids are using PCs, and if they use someone else's phone, that's at least a severely limiting factor.
They do, don’t they? Apple devices have had a robust whitelisting/blacklisting feature for at least a couple of years. I use it to block websites and apps to lessen my phone addiction. I’m sure Android offers similar features
It's never been about porn. By marking certain part of the internet "adult-only" you imply that the rest is "family-friendly" and parents can feel less bad about themselves leaving their children with iPads rather than actually parenting them, which is exactly what Big Tech wants for obvious reasons. If I had a child I'd rather have it watch porn than Cocomelon, which has been scientifically developed so that it turns your child's brain into seedless raspberry jam. Yet nobody's talking about the dangers of that, because everyone's occupied with <gasp> titties.
Don't worry, most likely your children will come across the normal sorts of bad people - cheating partners, bullying peers, abusive bosses, rude customers, lying beggars, maybe robbers and thieves. It's fortunately unlikely they'll meet a guy who is outspoken about his opinion that scientifically capturing people's attention to get them addicted to screens is morally much worse than showing them "penis into vagina episode 74786". We don't want their innocent minds to be poisoned with ideas that question the status quo.
Honestly if internet porn were "penis into vagina episode 74786" I'd have no problem with my kids who are old enough to desire it, to watch it. The problem is that all internet porn I've seen demonstrates undesirable behaviours and attitudes towards sex and towards their partners. Hitting, degradation, homosexuality, sex between family members, harmful body modifications, verbal abuse, etc, are on the front page of every porn site I've looked at. I honestly do not understand how this is supposed to be stimulating.
I have no problem with my kids watching a couple progress from kissing to foreplay to passion, if those kids already have the hormonal desires to experience these acts. But contemporary websites teach that violence is an integral part of sex - and I do not want my children learning this.
Nice job of sidestepping the "fundamental question" of whether that can be done and what damage it would do. You do not get to answer the question as you posed it in a vacuum.
It's not a "robustness issue". Nobody has proposed anything that works at all.
But to answer your "fundamental question", no. Age gating is dumb. Giving parents total control is also dumb.
If they are persistent enough, no. But then everyone knows it's not going to stop every child in every situation. It sets a president for what society thinks is a sensible limit though, and society raises children not just individual families or parents.
Do we want kids becoming alcoholics?
Do we want them turning up drunk to school and disrupting classes?
Do we want to give parents trying to do the right thing some backup? So they know that when their kid is alone they can expect that other adults set a similar example.
Sure, you can't stop a kid determined to consume alcohol. But I think the societal norm is an overall good thing.
The same should be applied to the online space, kids spend more and more time there. Porn, social media, gambling etc. should be just a much of a concern as alcohol.
We can't prevent all children from getting beer, but we can prevent most of them without compromising any adult's privacy. And everyone is ok with that state of affairs and the trade-offs. No one's calling for internet-connected beer cans that make you take a selfie before you can open them.
> we can prevent most of them without compromising any adult's privacy
But we don't. Even with in person age/ID checks the clerk will often enter some of that data into the store's system and then who knows what happens with it.
> the clerk will often enter some of that data into the store's system
I've only seen them enter the date of birth. No identifying information. If they record the ID itself I'd recommend going to a different store. Or ideally, writing your legislators to have the practice banned.
Depending on the size of the town, date of birth could be used to severely narrow down and target a specific person.
If one suspects a partner of buying alcohol and could convince or coerse the clerk, or even just peek in the book, and see the partner's date of birth written there, then that is good enough proof for many people and many purposes.
Is there actually a difference between transactions between humans in meatspace (getting a government ID, then using it at a store) and age estimation algorithms?
EFF explains a few differences between showing your ID in person and verifying your age online [1]. With respect to transmission, storage, and sharing of user data by the verifier/website, the risks of age estimation overlap with those of age verification.
Every once in a while, eBay emails me out of the blue and asks me to update my personal details, with a link to a web page.
I always assumed they were phishing scams, but I looked closer at one, and it is a real link too a real page on their site. It's like they're training people to fall for phishing scams. One of them even displayed the name of a variable, instead of my user name.
I have had two banks (Lloyds and Barclays) phone me and ask for personal details to verify me over the phone. Again, training people to fall for scams.
Then there are all the links that go to other sites to track clicks or because they have a separate domain for some reason. Again, training people to fall for phishing.
> I truly fear the harm that will be done before legislators realize what they’ve created.
Not defending the legislation as I overwhelmingly disagree with it, but if I recall, I don't think any of the age verification legislation specifies a specific implementation of how to verify age.
Requiring photos, or photo ID, or any other number of methods being employed, were all decided on by the various private companies. All the legislators did is tell everyone "you must verify age." The fault here is on Roblox as much as it is on the legislature and they should equally share blame.
The problem with e-ID is its focused on identity verification, not just age verification and that's where the problem lies.
We still need the ability to be psuedoanonymous online. We should be able to verify age without divulging any identifying information to the service requesting age verification.
An e-ID registry could work on a sort of public/private key system so long as the services requesting informatino from the registry only receives a yes or no of "is this person old enough" and no further information.
If an e-ID can vouch you are citizen number #3223423, it should be able to use the same crypto to vouch that your birth date predates a threshold, without revealing anything else. It's more a question of requirements gathering & UX (and political will).
> Once issued, the e-ID will be stored in a secure digital wallet application on the user’s smartphone or other compatible device.
That sounds like Apple & Google-blessed Android only, open source gadgets and non-Microsoft desktops not supported. Estonia at least used smart cards where a reader can be plugged into just about anything.
I'm obviously not going to show my id to Zuckerberg's website or any porn sites, casinos because I don't trust those bastards. They're also not the police, so they lack the proper autoritah to request my an id.
I think the point of the comment you are answering to is that in Switzerland, they are building a system where you can prove your age without telling who you are to the website, and without telling which website you visit to your government.
The government might not know which website exactly, but the fact that you are looking to verify your age is in itself a datum that you might not want the government to know. "Palata was either looking at porn or buying drugs in January 2026" is probably not something you want the government to know, even if the specifics are obscure.
It doesn't have to be exclusively digital. You can be psuedoanonymous using some form of key as verification. To get a key, you have to present your ID in person at, for example, the social security office or local DOL.
All the key does is attest that "this person is over X years old" with no other identifying information associated with it.
I think blending in person & digital together is going to be the best way forward. Like going to the store and buying alcohol. I have little privacy risk from the cashier glancing at my ID for a second to check my birth date.
> I have little privacy risk from the cashier glancing at my ID for a second to check my birth date.
Imagine your abusive ex is looking for you. She could go to a few alcohol vendors in the area and tell them "Respectful cashier, I suspect that my husband is reverting back to being an alcoholic. If you see the birthdate 1971-06-21 then please phone me after he leaves".
To which the vender replies "Why on earth would I check if someone over the age of 50 might be under the age of 18 (or 21 in some parts of the world)".
Well, I did have many more recent exes in my early twenties than I do in my fifties.
But also the mechanics of the check might be important. For instance, I always go to take the baby out of the back seat when I park, even though I have not driven a baby in years. Because I do not want to ever risk leaving a baby unattended in a car. The store policy might be to check every ID, even in seemingly obvious cases.
But that would require the government to set up the system that lets you present your ID and get a key. They haven't done that, so it's not valid to blame businesses for not using it.
> with no other identifying information associated with it
Not possible, the key itself becomes identifying information similar to how an IP address + timestamp is identifying information even though their is no information abut you stored in the IP address or timestamp.
A digital ID, like someone said below. But people (in the UK at least) go mental about that, despite the government already having all the information anyway. Creating a easy way to securely share that information with a 3rd party for online verification is apparently the work of the devil.
In the real world you turn up in person with a passport, or maybe use snail mail as a way to verify an address which is hard to fake.
Online we have to pretend it is still the internet of the 90s where it's all just chill people having a fun time using their handle...
i call this slipstreaming, it can even occur during the signup yeah, once the bouncing around to many domains / uploading photos is psychologically normalized havoc can ensue. this is the greater evil.
I'm optimistic actually. I think "Gen Alpha" is gonna be alright and sufficiently wary of Internet sharing and privacy. Unlike the previous few generations, esp. Milleneals and to a somewhat lesser extent Gen Z and Boomers, who have massively over-shared and are now reaping some of the horrible harvest that comes from that oversharing. Today's teens and tweens seem to finally be getting the message.
I also actually think AI might be a savior here. The ability to fake realistic 18+ year old selfies might help put the nail in the coffin of these idiotic "share a photo with the Internet" verification methods.
I otherwise agree with what you're saying, but I think the ratio of conscientious people has fluctuated over time across all generations. It has more to do with what year it is than how old they are.
There are far too many tools out there (from FL Studio on one end, to MuseScore on the other) that present piano-roll-based rapid prototyping and traditional western score notation as diametric opposites. From day 1, Logic challenged itself "what if we can use the same event-based data model to render both."
None of this complexity is hidden - you can edit the raw event stream directly. If you're a developer familiar with, say, React, it makes music creation quite intuitive - everything from visual to audio output is a function of a transparently formatted data store.
And while that has its challenges, and some of the UX innovations of e.g. MuseScore have been slower to arrive in Logic, because of this "dual life" it's unmatched as a pedogogical tool, and a professional creative tool as well.
There's a lot of information in a traditional western score that cannot be easily represented in a pianoroll, at least not losslessly.
Considering them as alternate views of the same data model gets problematic when the composer uses the full bag of tricks that score notation allows (notably repeats, but also the problem of representing tuplets correctly when a pianoroll can offer no clues about how to structure them). So for example, the user can create a set of notes in the pianoroll that will never be played correctly by anyone reading the score; the user can create dynamics in the score that cannot be correctly presented in the pianoroll version.
I'm not saying it isn't possible to do an MVC-style system with two different views of the same data model - it clearly is. It's just moving between the two views is not lossless, and moving between the two controllers (i.e. editing) is not equivalent.
Among professional-ready DAWs, as far as I know, it's unique in its approach. Pro Tools and FL Studio still don't have score rendering or even MusicXML export! Reaper has limited score rendering/engraving support, but minimal customizability.
And on the notation-oriented side, you have things like MuseScore, Finale, etc. where there is an event model, but the UI itself doesn't have mature (or any) support for tracking mixer/knob automation (outside of what can be derived automatically from dynamic symbols).
Years ago, I used Logic in a musical theater context where I could build a constantly-updated demo for pitching/rehearsals/live-iteration and edit the final orchestration to be printed for the pit orchestra, both from the same living document. Could I have duplicated my changes in a DAW and notation software separately, and kept them in sync manually? Absolutely, and many creators do. But there's something special about having that holy grail at your fingertips.
For those worried about irrevocable changes, sometimes a good plan is all the output.
Claude Code is very good at `doc = f(doc, incremental_input)` where doc is a code file. It's no different if doc is a _prompt file_ designed to encapsulate best practices.
Hand it a set of unstructured SOP documents, give it access to an MCP for your email, and have it gradually grow a set of skills that you can then bring together as a knowledge base auto-responder instruction-set.
Then, unlike many opaque "knowledge-base AI" products, you can inspect exactly how over-fitted those instructions are, and ask it to iterate.
What I haven't tried is whether Cowork will auto-compact as it goes through that data set, and/or take max-context-sized chunks and give them to a sub-agent who clears its memory between each chunk. Assuming it does, it could be immensely powerful for many use cases.
I'm unsure of its accuracy/provenance/outdatedness, but this purportedly extracted system prompt for Claude Code provides a lot more detail about TODO iteration and how powerful it can be:
I find it fascinating that while in theory one could just append these as reasoning tokens to the context, and trust the attention algorithm to find the most recent TODO list and attend actively to it... in practice, creating explicit tools that essentially do a single-key storage are far more effective and predictable. It makes me wonder how much other low-hanging fruit there is with tool creation for storing language that requires emphasis and structure.
I find in coding + investigating there's a lot of mileage to being fancier on the todo list. Eg, we make sure timestamps, branches, outcomes, etc are represented. It's impressive how far they get with so little!
In Louie.ai, for investigations, we're experimenting with enabling more control of it, so you can go with the grain, vs that kind of wholecloth replacement
Ooh, am I reading correctly that you're using the filesystem as the storage for a "living system prompt" that also includes a living TODO list? That's pretty cool!
And on a separate note - it looks like you're making a system for dealing with graph data at scale? Are you using LLMs primarily to generate code for new visualizations, or also to reason directly about each graph in question? To tie it all together, I've long been curious whether tools can adequately translate things from "graph space" to "language space" in the context of agentic loops. There seems to be tremendous opportunity in representing e.g. physical spaces as graphs, and if LLMs can "imagine" what would happen if they interacted with them in structured ways, that might go a long way towards autonomous systems that can handle truly novel environments.
yep! So all repos get a (.gitignore'd) folder of `plans/<task>/plan.md` work histories . That ends up being quite helpful in practice: calculating billable hours of work, forking/auditing/retrying, easier replanning, etc. At the same time, I rather be with-the-grain of the agentic coder's native systems for plans + todos, eg, alignment with the models & prompts. We've been doing this way b/c we find the native to be weaker than what these achieve, and to hard to add these kind of things to them.
RE:Other note, yes, we have 2 basic goals:
1. Louie to make graphs / graphistry easier. Especially when connected to operational databases (splunk, kusto, elastic, big query, ...). V1 was generating graphistry viz & GFQL queries. We're now working on louie inside of graphistry, for more dynamic control of the visual analysis environment ("filter to X and color Y as Z"), and as you say, to go straight to the answer too ("what's going on with account/topic X"). We spent years trying to bring jupyter notebooks etc to operational teams as a way to get graph insights to their various data, and while good for a few "data 1%'ers", too hard for most, and Louie has been a chance to rethink that.
2. Louie has been seeing wider market interest beyond graph, basically "AI that investigates" across those operational DBs (& live systems). You can think of it as vibe coding is code-oriented, while louie is vibe investigating that is more data-oriented. Ex: Native plans don't think in unit tests but cross-validation, and instead of grepping 1,000 files, we get back a dataframe of 1M query results and pass that between the agents for localized agentic retrieval on that vs rehammering db. The CCC talk gives a feel for this in the interactive setting.
The system prompt of claude code changes constantly. I use this site to see what has changed between versions: https://cchistory.mariozechner.at/
It is a bit weird why anthropic doesn't make that available more openly. Depending on your preferences there is stuff in the default system prompt that you may want to change.
I personally have a list of phrases that I patch out from the system prompt after each update by running sed on cc's main.js
And there lie dragons, because whether a tired or junior or (now) not-even-human engineer is writing new sub-behavior, it’s easy to assume that footguns either don’t exist or are prevented a layer up. There’s nothing more classic than that.
reply