Clerk

Clerk AI

Clerk AI

Clerk AI

Clerk AI

Clerk AI

Clerk AI

Clerk AI

Clerk AI

Clerk AI

Clerk AI

Built an MCP for claude code that turns ticket-mentions into PRs with browser QA (and what I learned along the way)

notesasm is an MCP server you add to claude code. you mention a fix mid-flow ("make a ticket on notesasm: fix the regex for quoted emails") and it files the ticket. later, on your schedule, an autonomous agent picks the ticket up, writes the fix, runs real-browser QA against your preview deploy, and opens a PR with screenshots. closed alpha, free during it. demo + signup: notesasm.com the pain it solves (3 separate ones, actually): claude code is fast enough now that shipping isn't the bottleneck anymore. when you're deep in a feature and notice "the regex misses RFC-quoted local parts" or "the footer copy is wrong on mobile", you'd never break flow to open jira/linear or even write it down anywhere. so the idea goes nowhere. multiply by a year and your repo has invisible debt nobody's tracking. claude code helps while you're at the keyboard. it doesn't help while you sleep. your repo doesn't move overnight unless you stayed up to push it. for solo founders or small teams, that means losing 8 hours a day where you could be shipping if you had a way to delegate work to your own agent. and even if you do have something pushing code for you overnight, you lose context with AI-generated PRs and they usually need visual review. claude writes code that compiles and tests pass, but the actual rendered output might be subtly broken (or super broken lol). reviewing those visually is tedious and a lot of teams skip it, then ship regressions. how it works: you add the MCP server: claude mcp add notesasm --scope user --transport http -H "Authorization: Bearer ". BYOK style, the token comes from your dashboard. zero local install beyond the one command. then in any claude code session you can say "make a ticket on notesasm for this" (based on your conversation) and it just files it. the MCP server is HTTP-transport (not stdio), runs in the cloud, hits a fastapi backend that stores the ticket in postgres against your workspace. later (your schedule, your spend cap), a worker process picks up queued tickets. for each one: clones your repo with a github app installation token (commits look like asmnotes[bot], a verified author. bypasses vercel/netlify deploy protection that rejects unknown-team-member commits.) runs the claude agent sdk with your ticket body as the prompt. defaults to sonnet 4.6, opus 4.7 for hard tickets the user marks explicitly. agent reads the codebase, makes the edits, commits, pushes a branch, opens a PR via the github API. waits for your preview deploy to land. vercel polled by default, configurable probe URL for split frontend/backend setups like vercel + railway. QA agent drives a real chrome session on browserbase against the preview. stealth profile with residential proxies. takes before/after screenshots. verifies your acceptance criteria against the rendered output. if QA fails, the report feeds back into the build agent for up to 3 retry iterations before parking the ticket. final: PR with QA screenshots in the description, ready to merge. stack: - backend: fastapi + asyncpg + railway - frontend: vanilla html/js, no build step, vercel - agents: claude agent sdk (build), claude + browserbase (QA) - auth: clerk - email: resend (welcome, invite, feedback) - mcp transport: http (cloud-hosted, no local install) things i learned building it that other claude code folks might care about: - the build agent loves to spawn subagents via the Task tool. disable it explicitly in the system prompt or you get 4-minute hangs the SDK doesn't surface as errors. - browserbase sessions default to a ~5-min timeout. if your QA wall budget is anywhere near that, set the session lifetime explicitly to 1800s on session create (the timeout field). otherwise you get random "410 Gone" mid-run. - don't rely on the SDK's wall budget alone. add a per-message timeout (90s works) so a hung tool call doesn't silently burn your whole budget. - claude code's default mcp scope is per-cwd. always tell users `--scope user` in your install instructions, otherwise the MCP works in one repo and silently doesn't in others. - ResultMessage emissions happen multiple times per job if you have iteration loops (build + QA + qa-fix). sum them all when computing per-job cost, not just the last one. what's next: closed alpha is open. would love ~30 active users to try it out, all free during it. paid plans later this year with a permanent discount for alpha users. happy to answer anything about the MCP design, the QA verification loop, cost tracking, the agent-sdk integration, or anything else. demo + signup: notesasm.com submitted by /u/FormExtension7920 [link] [comments]

One week. One person. Claude wrote 100% of the code. The trick was the spec, not the prompts

Six days. One person. Claude wrote every line of code, directed the branding, architected the information, directed the design, produced the graphics, and wrote the copy. I worked with prompts. The output is a fully fleshed SaaS, live, in a week. I want to share what that actually looks like, not the "AI is amazing" version, but the real workflow. The interesting part is not the volume of output. It is what made it possible for prompts alone to produce coherent output at this large a scope. What Claude produced, end to end Code is the headline. It is not the whole story. Every line of code: backend, frontend, migrations, tests, prompts, source adapters, scoring engine, ingestion pipeline, API layer. The brand: name research, name selection (Arrivance), tagline, dark-first color palette, typography pairing, voice and tone guide. Information architecture: navigation, page hierarchy, the onboarding flow, the matches feed structure. Design direction: layout, component decisions, motion language, the visual system. Graphics: the mark, the wordmark, the icon set, favicons and OG images. Copy: every public word on the marcom (Marketing & Commercial) site and in the product. My side of the work was prompts, architecture and stack calls, and review. I did not type code, draw a pixel, or pick a font. The trick is not the prompts. It is the context I work with a method I call Context-Driven Engineering (CDE). I wrote about it here: https://thanpol.as/engineering/context-driven-engineering In short: every meaningful folder in the repo carries a README that describes what it owns, what it depends on, what is forbidden, and how to change it safely. The READMEs are load-bearing architecture, not optional documentation. When LLM output contradicts a README, the README is right and the output is wrong. The LLM never operates autonomously. It operates inside scope I declared. The four stages of any non-trivial change: read or fix context first, write a behavioral spec in version control, plan the implementation with explicit in-bounds and out-of-bounds files, then generate code within those declared boundaries. That is the whole reason this week worked. Without that discipline, prompts at this scope produce a tangled blob. With it, they produce a coherent system. How that played out in practice The week broke roughly like this. Days 1 and 2 were spec-only, no production code. I wrote a domain spec for every part of the system: ingestion, enrichment, scoring, matches feed, rubric service, rubric engine. Each domain spec was paired with a technical spec: DDL, endpoints, error IDs, event names, test requirements. A universal job schema was added as the contract between layers, so ingestion never has to know what scoring needs. Day 3 was a three-pass spec review (business, product, engineering) before any code was written. The review caught 40+ findings. The pagination cursor was switched from timestamp to KSUID id. Cross-user isolation tests became a hard requirement on every endpoint that takes an :id. interactions jsonb replaced a too-simple reviewed_at. None of those would have been cheap to retrofit. Day 4 was the implementation sprint. LLM service layer, rubrics entity, jobs entity, ingestion engine with four source adapters, enrichment engine, frontend scaffold, design system, app shell, onboarding pages. From "auth and users" to six backend phases and two frontend phases in one day. Day 5 was the scoring engine. Hard filters, deterministic stack scoring, four LLM-scored dimensions, retry logic, matches table. The heart of the product. That speed was not because Claude is fast. It was because the specs were settled. No mid-implementation design arguments. No blocked decisions. Every domain Claude touched had a written contract. The product Senior engineers who already have a job do not search for one. They set a standard and they wait. I built that wait, made active. You upload your CV. The system writes a personal scoring filter for you (your rubric) across five dimensions, scores every new remote engineering job against it, and surfaces only what clears your threshold in a tiered feed. Transparent scores with a rationale, not a black box. The product is called Arrivance. Stack: Node, TypeScript, Postgres, Express, React 19 with Vite, MUI, Clerk, Vitest, full ESM monorepo. Three LLM call sites in production (rubric generation, job enrichment, soft scoring) with cross-user prompt caching to keep token spend bounded. Claude wrote all of it. I made the architecture and stack calls. A cautionary tale CDE is not self-enforcing. On April 26 Claude (ahem, 4.7) shipped the frontend with zero MUI imports despite a spec that named MUI in every prompt and mockup, then quietly edited the stack doc the next day to claim "the design uses no component library." No ADR. I caught it on audit, sent a closed question with no escape hatches, and got the admission verbatim: "I deviated from the spec without

Upskill: skill registry your agent consults before it starts. 10k+ indexed, free, open source.

You give Claude Code a real task and watch it work… from memory. Ask for a landing page → generic off-brand Tailwind hero Ask for Clerk auth → skips JWT verification “I’ll write a CSV parser” → reinvents half of papaparse (badly) You just spent 20 minutes and 1k tokens watching it iterate on something that already has a perfect answer somewhere online. The frustrating part isn’t that Claude is bad. It’s that the right playbooks already exist. Anthropic has a 4,000-word frontend design skill (layout, typography, motion, accessibility) Clerk has an end-to-end auth implementation obra/superpowers has hundreds more The expertise exists. The routing doesn’t. What I built: upskill (free) upskill = routing layer for skills Install it once, add one line to your agent config (CLAUDE.md), and now: Instead of guessing, it pulls a vetted playbook and follows it. What changes? Same prompt: “design a landing page” → Now follows Anthropic’s actual playbook Same prompt: “add Clerk auth” → Full implementation, JWT verification included Think of it as: Under the hood 10k+ indexed skills from: Anthropic, OpenAI, Stripe, Vercel, Microsoft Garry Tan (gstack), obra/superpowers 100+ independent authors Search = hybrid: Postgres full-text search (for exact stuff like flags, APIs) 1024-dim vector embeddings (for semantic matching) Re-ranked by stars, installs, community feedback → Pure vectors miss specifics → Pure FTS misses intent → Hybrid works better Auth-aware ranking (optional) If env vars exist locally: AWS_ACCESS_KEY_ID → AWS skills rank higher STRIPE_SECRET_KEY → Stripe-specific flows rank higher Only variable names are used. Values never leave your machine. Safety Every skill goes through LLM adversarial review at index time: Prompt injection Credential exfiltration Typosquatting / lookalike domains Hidden malicious instructions Out of 10k+ skills: Hundreds were blocked Found real attacks (e.g. hidden onerror="alert('XSS')" + “skip tests”) A few false positives (being tuned): rm -rf node_modules in legit guides Google Drive delete API Warnings about NEXT_PUBLIC misuse Privacy Default = locked down upskill find → sends only your query Telemetry → opt-in Env-aware ranking → opt-in Skill submissions → opt-in Everything toggleable anytime. Not just for code Covers workflows like: Slides Email triage Google Workspace Notion queries Calendar automation Scientific writing Malware analysis Accessibility audits Sales playbooks If your agent is about to “wing it”… there’s probably already a better playbook. Try it npm install -g /upskill upskill install npx -y skills add Autoloops/upskill/skill It’ll ask a few questions and wire itself into your agent. Repo: https://github.com/Autoloops/upskill MIT licensed. PRs welcome. submitted by /u/Comprehensive_Quit67 [link] [comments]

Unsendable - Brought to you by Claude Code

https://preview.redd.it/3pt8451lx4xg1.png?width=2698&format=png&auto=webp&s=13b62584568eafe6c24f42d618f940bbc6b1494c **UPDATED BRANDING AND LINK** Meet U DON'T SAY: https://udontsay.ai This started with an idea a buddy of mine came up with some time ago that we resurrected and fleshed out over the last ~week. Would love to get some feedback. Still in development, but most features are functioning as expected. Leveraging the Claude and Open AI (DALL-E) api's for avatars, conversations, analysis, etc. Clerk for auth. Stripe for payments. Sentry for monitoring. Cloudflare for storage. Railway for deployment direct from the GitHub repo. Was impressed with how far I was able to get on the $20/mo plan. Following a fairly rigorous engineering process definitely helps, as does the use of markdown files for 'memory' so you can jump to a new chat instance before the context window becomes too bloated. Only had to use an additional $30 of overage costs - really not bad considering the output. Overall, quite pleased with the results. I've built a handful of standalone desktop apps for personal / professional use, but this was the first web product. I've had experience with publishing .NET apps to Azure App Services, but this was completely new territory and Claude walked me through the entire process with minimal issues. submitted by /u/HellenButterlips [link] [comments]

I built a CLI tool that lets Claude Code deploy a full backend in minutes

Hey, I'm the developer of Teenybase. It's a CLI that lets Claude Code / Codex spin up a full backend for you: database, REST API, user auth, file uploads, admin panel, API docs, deploy. Why I built it I have a ton of vibe coded projects and setting up a backend for each is a pain. I'd typically get a VPS from OVHCloud or Hetzner for the API layer, use Supabase or Neon as the database, and WorkOS or Clerk for auth. Each one has its own dashboard, its own billing, its own config. Then there's SSHing into the VPS, managing migrations with something like Alembic, gluing it all together. Too much context switching across services that Claude Code can't even reach. That's the problem Teenybase solves: your entire backend defined in a single file that Claude Code can read, write, and deploy. How it works Install the CLI: npm i -g teenybase Paste this into Claude Code: "Use teeny cli (try teeny docs) to add a backend to this project." Claude reads the docs in the terminal, writes your config, generates migrations, and deploys. One config file, one session, live API. Runs on Cloudflare Workers + D1 + R2. You get up to 5 free projects under a new teeny account created via the terminal: teeny register Each free project gets 1M req/mo, 100 MB database, and 1 GB file storage. https://teenybase.com Happy to answer questions and feeback is welcome! submitted by /u/invocation02 [link] [comments]

Save 500K+ credits per week: the 4300-word prompt that kills 90% of my production bugs before they're written.

Claude Code's plan mode looks thorough, but the plan it creates always have repeat blind spots that ship as production bugs. I wrote a one-shot self-review prompt you paste AFTER Claude drafts its plan. It forces Claude to walk every layer of the stack (build, routing, UI, hooks, API, DB, security, deploy, etc.) and answer "is this handled? what about that edge case?" before any code is written. Ends with a forced summary so the important risks land at the top where you can actually act on them. Full prompt at the bottom. It's long. That's the point. The problem You ask Claude Code for a feature in plan mode. It drafts a tidy 7-bullet plan. Looks complete. You approve. It writes the code. type-check is green, your local dev server works, you push. Prod breaks in a corner nobody thought about. After shipping ~30 features this way I started keeping a list of what was biting me. It was embarrassingly repetitive. Every one of these shipped from a plan Claude and I both looked at and said "yeah that's fine": tsc --noEmit passed but next build blew up on a server-only module (nodemailer, node:crypto, geoip-lite) leaking into the client bundle via a barrel file Feature worked in my personal workspace but broke in team workspaces because the query wasn't scoped to workspace_id Double-click created two DB rows because there was no idempotency key New page had no loading.tsx or error.tsx, so the default Next.js fallback rendered for users Middleware regression because the new public route wasn't added to the public matcher Race condition because the limit check happened BEFORE the insert instead of in the same transaction, so two concurrent submits both passed the check React hooks ordering bug: someone put an early return above a useEffect in the public renderer, and every published page crashed with React Error #310 Controlled input anti-pattern: the was bound directly to server state, and backspace got eaten on slow networks because the debounce re hydrated mid-keystroke process.env.X used directly instead of going through the env validator, so prod crashed on startup because the validator never ran New form field type added to the editor but not to the public renderer switch, so published pages crashed for that type Every single one was catchable at planning time. Claude just wasn't being asked the right questions. The fix I wrote a self-review prompt I paste after Claude drafts a plan. It's big. ~500 lines of "answer every single one of these questions about your plan." Each section is a layer of the stack. Each individual question is a real bug I've shipped at least once. The workflow: Enter plan mode in Claude Code Describe the feature you want Claude drafts its plan You paste the stress-test prompt (below) as your NEXT message Claude walks every section, flags N/A on ones that don't apply, and adds missing pieces to the plan as it goes Claude ends with a forced ✅/⚠️ /🚫/💣 summary: ✅ READY: parts of the plan that are fully defined and buildable ⚠️ ADDED: things missing from the original plan that the stress-test just added 🚫 NEEDS MY INPUT: open questions that need your answer before code is written 💣 RISK WATCHLIST: top 3 things most likely to break in prod for THIS specific feature and what would catch them You review the four buckets, answer the 🚫 questions, THEN approve the plan The forced summary at the end is the real trick. Without it, Claude buries the important stuff 2000 tokens deep in the self-review and nobody scrolls that far. With it, the risks and gaps land at the top where you can actually act on them. Results Over ~65 features since I started using this: the bug classes in the list above basically stopped shipping. What I still ship are things genuinely unknowable from the plan (a weird Stripe webhook ordering edge case, a user doing something I never considered, a 3rd-party API returning a shape it's never returned before). The "this was obvious in hindsight" bugs are gone. Rough guess: went from 8-10 production regressions a month to maybe 3 to 4 every couple months. Honestly the plan I end up with is also better than what I would have written by hand. I have been doing this for almost a year and the stress-test catches things I forget because I'm tired or distracted. It's not smarter than me in a peak moment, but it's better than me at my average. Caveats before you paste It's tuned for Next.js 15 + Supabase (self-hosted) + Clerk + Dokploy. Most checks are stack-agnostic but some (RLS blocking the browser client, Clerk token refresh, middleware matcher, Dokploy shallow clones) are specific. Swap in your stack's equivalents. If you use Prisma, rewrite the RLS section. If you use NextAuth, rewrite the Clerk section. If you don't use Dokploy, drop the deploy-platform specifics. It's long on purpose. Short self-review prompts miss things. The cost of Claude saying "N/A" to 40 irrelevant questions is nothing. The cost of one

MCP auth: OAuth vs API keys

I run an options analytics platform and built an MCP server so users can query live market data directly from Claude. Auth ended up being the most time-consuming part of the whole build, so figured I'd share how it played out. Starting point: API keys First version was straightforward. User generates an API key in their settings, adds it as a Bearer token in their MCP client config. The server validates the token against the DB, resolves it to a user, done. This worked right away for Claude Desktop and other clients that let you configure headers in a JSON file. If you're only building for Claude Desktop, this might be all you need. It took about a day. The problem: Claude.ai connectors The Claude.ai web UI uses the Connectors system for MCP, and it doesn't support static API keys. It expects a full OAuth flow. So the fastest auth method to build didn't work for the biggest audience: people who use Claude in the browser and just want to paste a URL and click connect:https://gammahero.com/ah-api/mcp This meant the majority of potential users were locked out until I added OAuth. Building the OAuth flow for Claude.ai My stack already uses Clerk for auth, so I wanted to reuse existing user sessions rather than making people create new credentials just for MCP. The MCP SDK handles a lot of the OAuth plumbing (authorize, token, register, revoke endpoints), but the user-facing consent step is on you. Here's how it works: Claude.ai starts the OAuth flow and redirects the user to my consent page. That page loads my existing auth provider, so if the user is already logged into my platform, they just see an "Allow" button. They click it, the auth code gets associated with their account, and Claude exchanges it for a token. From that point on, every tool call is authenticated. One edge case worth mentioning: some users connect through Claude.ai before they've ever visited the actual website. The consent flow handles that by auto-creating their account during the approval step, so they don't hit a dead end. Dual auth in production Both methods run side by side now. The token loader checks for an OAuth token first, then falls back to API keys. Both resolve to the same internal user with the same rate limiting, usage logging, and analytics. Whether someone connects through Claude.ai with OAuth or through Claude Desktop with an API key, the system treats them identically. Nginx gotchas Claude's MCP transport uses SSE, which needs specific proxy settings (proxy_buffering off and friends) or the stream silently hangs. The OAuth discovery endpoints need their own proxy rules. Trailing slashes on the MCP proxy path break POST requests without any useful error. Each of these took about an hour to track down because the failures were all silent. What I'd do differently I'd build OAuth first. API key support is trivial to add later since it's just a fallback check in the token loader, but OAuth is what unlocks Claude.ai, which is where most non-technical users are. I shipped API keys first because it was faster and I wanted to validate that the tools were actually useful before investing in the auth infrastructure. Ended up being the right call to support both though. Claude.ai needs OAuth, Claude Desktop works better with API keys, and users shouldn't have to think about any of it. Happy to answer questions if anyone else is building an MCP server and dealing with the auth side. The Claude.ai connector + existing auth provider integration was the least documented part of the whole process. submitted by /u/CameraGlass6957 [link] [comments]

Claude Code memory that fits in a single SQLite file

I kept re-explaining my stack to Claude every session. The memory tools I tried either spawned a process that ate gigs of RAM, or dropped vector search to stay light. Built nan-forget with Claude Code over the last few weeks. Claude helped design the 3-stage retrieval pipeline (recognition → recall → spreading activation), wrote most of the SQLite migration from Qdrant, and caught edge cases in the vector search scoring I would have missed. It stores memories in one SQLite file, ~3MB, no background services. npx nan-forget setup and you're done. 4 hooks save context as you work. You never call save. "auth system" finds "We chose JWT with Clerk." Search by meaning, not keywords. Memories carry problem/solution/concepts fields. A bug fix from March surfaces when you hit the same error in June. Old memories decay on a 30-day half-life. Stale ones consolidate into summaries. Active ones sharpen. Same database across Claude Code (MCP), Codex, Cursor (REST API), and terminal (CLI). No LLM calls for memory ops. Runs locally. Free and open source. https://github.com/NaNMesh/nan-forget Anyone else fighting context loss across sessions? What have you tried? submitted by /u/NaNMesh [link] [comments]

How I wired Claude Code into Linear, Discord, and Vercel for a 30-day solo build

I built a full-stack product in 30 days of evenings and weekends. Solo. Using Claude Code as my pair programmer, wired into Linear for ticket tracking and Discord for build notifications. The result: [VGC Team Report](https://pokemonvgcteamreport.com) — a team report builder for competitive Pokemon (VGC). Players paste their teams and get detailed breakdowns with matchup plans, damage calcs, speed tiers, and shareable reports. This post is about the workflow — specifically how I connected Claude Code to Linear and Discord to create a one-person development pipeline that actually ships. ## The Numbers - 274 commits in 30 days - ~42,000 lines of TypeScript - 25 features tracked and shipped via Linear - 66 React components, 41 API routes, 22 custom hooks - Auth (Clerk), database (Neon Postgres), PWA, i18n in 7 languages - Continuously deployed on Vercel ## The Stack - **Next.js 16** (App Router) - **React 19** - **TypeScript** (strict mode) - **Tailwind CSS v4** - **Clerk** for auth - **Neon** for serverless Postgres - **Vercel** for hosting and deploys - **Linear** for ticket tracking - **Discord** for build notifications - **Claude Code** as the AI development partner ## The Workflow: Linear -> Claude -> Discord -> Vercel This is what a typical session looks like: 1. Claude runs `linear_get_in_progress` to check my Linear board for tickets 2. Picks the highest priority ticket (bugs first, always) 3. Reads relevant files and implements the feature or fix 4. Runs `tsc --noEmit && npm run build` — if it fails, Claude fixes the errors 5. Commits with the ticket ID: `VGC-42: Add speed tier chart` 6. Pushes to main 7. Posts a comment on the Linear ticket via GraphQL — commit URL + changed files 8. Moves the ticket to In Review 9. Calls `discord_notify_build` — posts an embed to Discord #builds with the commit, changed file list, and deploy status 10. Vercel auto-deploys from main 11. Moves to the next ticket This isn't hypothetical. I wrote a `linear.sh` bash script with functions that Claude calls directly: - `linear_get_in_progress` — queries Linear GraphQL for In Progress tickets - `linear_move_issue` — moves a ticket to a new state - `linear_comment_with_changes` — posts a comment with the commit link and changed files - `discord_notify_build` — sends a Discord embed with commit info and deploy status Claude calls these via bash. The whole flow — implement, verify, commit, update Linear, notify Discord — happens in one session without me touching any of those systems. ## The CLAUDE.md Operating Manual The key to making this work is a `CLAUDE.md` file at the repo root. Claude reads it at the start of every session. Mine contains: **Git strategy:** - Trunk-based development — push direct to main for routine work - Feature branches only for large or risky changes - `npx tsc --noEmit && npm run build` before every push — non-negotiable **Linear workflow:** - The exact state IDs for "In Progress" and "In Review" - How to query for tickets, implement them, commit with the VGC-XX prefix - How to post the commit comment and move the ticket state - Rule: bug tickets are always worked on first, regardless of priority number **Discord notifications:** - The `discord_notify_build` function format - Different embeds for direct-to-main pushes vs PR flows **Failure handling:** - Build fails → fix and retry, never push broken code - Linear API fails → still commit and push, note the failure to the user - Production breaks → `git revert`, push to main, notify Discord, move ticket back **Code conventions:** - Follow existing patterns, no drive-by refactors - Commit messages: `VGC-XX: description` for tracked work This file is the single most valuable thing in the project. Every session starts with full context. No re-explaining, no drift, no "can you check the codebase structure?" ## Automated Monitoring Beyond the dev workflow, I set up two Vercel cron jobs: - **Daily (9 AM):** Site health check, stale ticket scan, SEO audit, DB health — posts alerts to Discord only if something's wrong - **Weekly (Friday 5 PM):** Linear progress digest, user growth, dependency updates — always posts a summary to Discord These run on Vercel's free tier. Real-time uptime monitoring is handled by UptimeRobot with 5-minute pings. ## What Worked **Trunk-based development with type-checking gates.** Every push to main auto-deploys on Vercel. The gatekeeper is `tsc --noEmit && npm run build`. The feedback loop is minutes, not days. **Linear ticket traceability.** Every commit links back to a ticket. Every ticket has a comment with the commit URL and changed files. When something breaks, I trace it to the exact change and the exact intent. **Discord as an audit trail.** Every build posts to #builds. It sounds like overkill for a solo project, but scrolling through the channel to see what shipped this week is genuinely useful. **The CLAUDE.md as living infrastructure.** I update it whenever the workflow changes. New conventions, new failure modes, new

I built an MCP that checks for known bugs before Claude recommends a library

Claude recommended Clerk for auth last month. I integrated it. Two days later I hit a bug where JWT token refresh silently fails with Supabase RLS. The fix took 6 hours. The bug had 17 comments on GitHub. Claude didn't know because its training data is months old. So I built an MCP server that crawls GitHub Issues, Stack Overflow, and Reddit for real problems affecting popular dev tools. 57 products tracked so far. When Claude recommends something, it can check known bugs first. How it works: Install the MCP, then ask Claude "should I use Clerk or Auth0?" Claude calls nanmesh.entity.search, sees that Clerk has 5 open issues including the JWT/Supabase bug, and Auth0 has an Edge Runtime compatibility problem. You pick with full context instead of finding out after integration. Install (one line in your Claude config): "nanmesh-mcp": { "command": "npx", "args": ["-y", "nanmesh-mcp"] } 34 tools total. Search products, check known issues, compare trust scores, report whether a recommendation worked. The data gets better as more agents use it. If Claude recommends Stripe and it works, you can report that outcome. If it breaks, report that too. Over time the trust scores reflect real usage, not marketing copy. Open source MCP, free API, no account needed to search. Agent registration (30 seconds, also free) lets you leave reviews that carry more weight. Happy to answer questions about the architecture or the trust scoring. submitted by /u/NaNMesh [link] [comments]

I built an MCP that checks for known bugs before Claude recommends a library

Claude recommended Clerk for auth last month. I integrated it. Two days later I hit a bug where JWT token refresh silently fails with Supabase RLS. The fix took 6 hours. The bug had 17 comments on GitHub. Claude didn't know because its training data is months old. So I built an MCP server that crawls GitHub Issues, Stack Overflow, and Reddit for real problems affecting popular dev tools. 57 products tracked so far. When Claude recommends something, it can check known bugs first. How it works: Install the MCP, then ask Claude "should I use Clerk or Auth0?" Claude calls nanmesh.entity.search, sees that Clerk has 5 open issues including the JWT/Supabase bug, and Auth0 has an Edge Runtime compatibility problem. You pick with full context instead of finding out after integration. Install (one line in your Claude config): "nanmesh-mcp": { "command": "npx", "args": ["-y", "nanmesh-mcp"] } 34 tools total. Search products, check known issues, compare trust scores, report whether a recommendation worked. The data gets better as more agents use it. If Claude recommends Stripe and it works, you can report that outcome. If it breaks, report that too. Over time the trust scores reflect real usage, not marketing copy. Open source MCP, free API, no account needed to search. Agent registration (30 seconds, also free) lets you leave reviews that carry more weight. Happy to answer questions about the architecture or the trust scoring. submitted by /u/NaNMesh [link] [comments]

[Day 2/5] I built a SaaS using an AI coding assistant. Here is exactly how that works and where it breaks.

Yesterday I posted Day 1 of this series — the origin story and numbers from a 129-location franchise project. Got some solid feedback, including someone pointing out my mobile layout was broken and my site was crashing. They were right on both counts. Fixed it that night. Today: how the thing actually gets built, what works, and where it completely falls apart. The stack: Next.js 16 (App Router) — file-based routing, React ecosystem Convex — real-time database with WebSocket subscriptions. When a lead's intent score goes from WARM to HOT, every connected client sees it instantly. For speed-to-lead, real-time isn't optional Clerk for auth — org management, role-based access, webhook sync to Convex Railway for hosting — push to deploy I picked each piece because it handles a complete domain. I describe features in plain English, Claude Code writes the implementation. If I'm spending time debugging OAuth flows instead of product logic, I've picked the wrong tools. What works: Describing features and getting working code in minutes. "When a lead crosses the HOT threshold, send a push notification to the nearest sales rep with tap-to-call and a personalised call script." Schema changes, API endpoints, UI — done. The throughput on product-level code is 10-20x what hiring would give me at this stage. Where it falls apart — deployment: Feb 26 was my worst day. 40 commits. Most were fixes. Railway needs standalone Next.js output for Docker. The build succeeded locally but failed in production because of a manifest file Railway couldn't resolve. Spent the entire day on output configs and middleware edge cases. The AI can't SSH into your container. Can't read runtime logs. When the deploy pipeline is the problem, you're on your own. The site went down for 4 days. I didn't know. No monitoring, no alerts, and I was testing locally. Found out when I tried to demo to a prospect. The fix was one line. Four days of downtime for a one-line fix. Auth was rewritten 4 times: Clerk handles auth, Convex handles the database. They sync via webhook. Simple in theory. Iteration 1: worked in dev, broke in production. JWT issuer domain was different between Clerk's dev and prod instances. Iteration 2: fixed JWT. New problem — race condition. User signs up, redirects to onboarding, but the webhook hasn't arrived. Database says "who are you?" two seconds after account creation. First impression destroyed. Iteration 3: polling. Check for the user record every 500ms for 10 seconds. Worked but felt terrible. Iteration 4: restructured everything. Onboarding creates the user record using Clerk's session data. Webhook becomes a sync mechanism, not the creation path. Finally solid. Four iterations. Each half a day. Each time I was sure it was done. Someone in yesterday's comments asked about schema sprawl — fair question. Started at 20 tables, now at 39. Here's what forced the growth: leadEvents: needed every interaction tracked — page views, clicks, form abandonment — to build an accurate intent score. One table became two shiftSchedules + centerHours: can't alert reps at 2 AM. Shift-aware routing wasn't optional achievements + leaderboardEntries: gamification was scope creep. But 5 reps competing to respond fastest? A leaderboard is the cheapest motivation tool there is boostSites: AI scans a prospect's website and shows exactly what SignalSprint would add. Became the best sales tool in the stack Every table exists because something broke without it. But yeah, 39 is a lot. Some of it could probably be consolidated. What I'd tell anyone building with AI tools: Pick a stack where each piece owns a domain. Don't build your own auth or real-time layer Test everything. Click every button. Try to break it. The AI writes code that looks right and breaks in production Deployment is where AI help drops to near zero. Budget 3x the time One person flagging your mobile layout is worth more than a week of building features. Ship early, take the punches Tomorrow: the rebrand, the Stripe bugs, and the emotional part nobody posts about. TL;DR: Building with Claude Code. 391 commits, 39 tables. AI is 10-20x faster on product code. Useless for deployment. Auth rewrote 4 times. Site down 4 days and I didn't know. Someone told me my mobile layout was broken yesterday — they were right. Ship early, fix fast. submitted by /u/powleads [link] [comments]

I shipped a production SaaS with 39 database tables using Claude Code. I am not a developer. Here is what actually works and what breaks.

I'm not a developer. I've never written a line of code by hand. But I just shipped a production SaaS with 39 database tables, real-time WebSocket connections, Stripe billing, and a multi-portal architecture. All built with Claude Code. Here's the honest version of what that actually looks like — because the "vibe coding" narrative online skips the hard parts. The backstory: I was running Facebook ads for a wellness franchise with 129 locations. Kept optimising everything — creatives, dynamic landers, personalised guides based on lead form input. Engagement numbers looked great. Bottom line barely moved. Then I pulled the response time data. The locations were taking hours to call leads back. That was the actual bottleneck — not the ads, not the landing page. Speed to lead. So I decided to build a system that fixes this. A single JavaScript snippet that adds dynamic widgets to any existing site, tracks lead behaviour in real-time, assigns intent scores (COLD/WARM/HOT), and sends instant push notifications to the nearest sales rep with tap-to-call when a lead goes hot. The stack (chosen specifically for AI-assisted building): Next.js 16 (App Router) — file-based routing means less wiring to explain to the AI Convex — real-time database with WebSocket subscriptions out of the box. This was the critical choice. For a speed-to-lead product, real-time updates aren't optional Clerk — handles auth so I don't need to debug OAuth flows Railway — push to deploy Each piece handles an entire domain. That matters when you're describing features in plain English and the AI is writing the implementation — you want it focused on your product logic, not infrastructure plumbing. What actually works well: I can describe a feature like "when a lead's intent score crosses the HOT threshold, send a push notification to the assigned sales rep with their name, the lead's name, and a tap-to-call button" and get a working implementation in minutes. Schema changes, API endpoints, UI components. The throughput is genuinely wild compared to hiring. Building new features is fast. Iterating on UI is fast. Adding database tables and the associated CRUD operations — fast. Where it falls apart: Deployment. Railway was down for 4 days at one point because a CI check was silently failing and I had no monitoring. The AI couldn't help — it can't SSH into your Railway container or read runtime logs in context. Auth was rewritten 4 times. Webhook race conditions between Clerk and Convex. JWT issuer mismatches between dev and production. Each iteration took half a day and the AI kept confidently writing code that worked in isolation but broke in production. Stripe had three bugs that each took hours: currency defaulting to USD instead of GBP, missing portal configuration, and webhook event ordering issues. The AI was useless for the event ordering bug because it only happened 30% of the time. The security problem nobody talks about: I ran a security audit and found 4 critical issues: unauthenticated database functions, missing webhook signature verification, no rate limiting on public endpoints, and exposed environment variables. These were introduced because the AI doesn't think about security by default — it writes code that works, not code that's safe. The numbers: 391 git commits. 39 database tables. 60 backend files. Across 2,617 tracked leads at the franchise: 56.7% engagement rate (industry avg is 20-30%), response time went from 2-4 hours to under 5 minutes. The product is live at signalsprint.io. Zero paying customers so far. Building is the easy part. What I'd tell anyone starting this: Pick a stack where each piece handles a complete domain — auth, real-time data, hosting. Don't try to build your own Test EVERYTHING yourself. The AI will write code that looks right and passes the vibe check but breaks in production Run a security audit before you launch. The AI introduces vulnerabilities it doesn't mention Deployment is where AI-assisted development hits a wall. Budget 3x the time you think Version control every single change. 391 commits means I can bisect back to any breaking change I'm documenting the full journey in a 5-day Reddit series if anyone's interested. Happy to answer questions about specific parts of the stack or workflow. submitted by /u/powleads [link] [comments]

The Power of Homeownership in New York

Zohran Mamdani ran for mayor of New York City as a relentless champion of tenants, promising to freeze rents and attack bad landlords. For his fellow members of the Democratic Socialists of America, advocating for tenants means [something more radical](https://housing.dsausa.org/socialhousing/): maligning homeownership as capitalistic and inherently inequitable. Cea Weaver, the new director of the Mayor’s Office to Protect Tenants, once declared it “[a weapon of white supremacy](https://www.washingtonpost.com/opinions/2026/01/06/mamdani-weaver-mayor-nyc-housing/).” (She apologized, sort of. That’s not “how I would say things today,” she said after getting appointed.) Mamdani has pointedly distanced himself from such statements. He has noted that he once worked as a foreclosure-prevention counselor at a nonprofit, where “my job each and every day was to keep low-to-middle-income homeowners in Queens in their homes,” [he said](https://www.youtube.com/watch?v=FAFLdngFgGY), adding that homeownership is a “critical pathway” to financial stability. The question is what policies he will pursue. In a move that seems intended as a bargaining chip with the state legislature, he recently floated a property-tax increase that would fall heavily on homeowners. What seems to elude Weaver and the DSA—and what one hopes Mamdani understands—is a simple idea: that there is a transformative, even progressive, power in owning a home, especially for working-class people. Few better examples of this exist than the construction of thousands of houses in East Brooklyn decades ago—a project that changed many lives, revitalized a struggling neighborhood, and entailed precisely the sort of hard-nosed organizing that the mayor appreciates. *[[Read: The question-mark mayoralty](https://www.theatlantic.com/politics/2026/01/zohran-mamdani-new-york-policies/685438/)]* In the early 1980s, when I was a [tenant organizer](https://www.theatlantic.com/ideas/2026/02/mamdani-tenant-organizing-affordable-housing/685951/) in Brooklyn’s predominantly Black East Flatbush neighborhood, a local minister told me about a plan to build single-family homes in nearby Brownsville. I stifled my disbelief. Only a few weeks earlier, a tenant leader and I had stood on the roof of her building and looked eastward toward Brownsville, watching as a fire consumed an apartment building—an arsonist had set it alight. Brownsville at that time was synonymous with desolation, a poor Black and Latino neighborhood afflicted by murder and policed by corrupt cops. It had many acres of abandoned buildings and rubble-strewn lots with waist-high weeds that had become an informal dumping ground for dead dogs and cats. Brownsville had lost [nearly 40 percent](https://urbanomnibus.net/2013/01/vacant-lots-then-and-now/) of its population in the preceding decade. Trying to build private homes, I thought, sounded preposterous*.*  Brownsville, Brooklyn, in 1972 (Winston Vargas / Flickr) I was too pessimistic. A few years earlier, a group of ministers had met in a church basement in Brownsville with [Edward Chambers](https://www.newyorker.com/news/news-desk/edward-chambers-community-organizings-unforgiving-hero), an organizer from the Industrial Areas Foundation. Based in Chicago, the IAF had been started in the 1940s by the tough-talking activist Saul Alinsky. Alinsky’s approach to organizing became axiomatic for IAF branches around the country: Teach people to wield power, and never do for others what they could do for themselves. The Brownsville ministers had seen their congregations shrivel. When I recently interviewed Bishop David Benke, a now-retired Lutheran minister, he recalled Chambers’s unsparing assessment: “He told us our neighborhood looked terrible and that it was burning to the ground. He also told us there’s a way out, and it’s a matter of life and death.” Chambers challenged the ministers to band together and try to save Brownsville. The first step was to line up several dozen churches and raise at least $200,000 from the headquarters of their various denominations. The ministers did so, and together formed East Brooklyn Congregations. The IAF [kicked in a grant](https://www.religion-online.org/article/churches-in-communities-a-place-to-stand/) from the United Church of Christ so that the group could hire staff, and Chambers worked shoulder to shoulder with them to launch organizing campaigns. The first of these targeted the basics. Vandals had pulled down nearly every street sign in Brownsville. The signs went back up. Then the group focused on local supermarkets by threatening boycotts. “The meat was green, and the lettuce was brown,” Benke told me. “Owners were short-weighting and overpricing. We changed that.” Next the ministers turned to the ambitious campaign that would make their name nationally and internationally. The large