HiddenLayer

HiddenLayer AI

HiddenLayer AI

HiddenLayer AI

HiddenLayer AI

HiddenLayer AI

HiddenLayer AI

HiddenLayer AI

HiddenLayer AI

HiddenLayer AI

HiddenLayer AI

I designed a puzzle that breaks every AI differently — here's why that's actually fascinating

The puzzle: You have 140 nuclear bombs and must bomb every country on Earth. Each bomb is assigned to one country. The bombs drop automatically — you cannot stop, hack, or interfere. You can only do one thing: reassign the one malfunctioning bomb you know will not detonate. Nuclear bombs also affect neighboring countries through radiation and fallout. Which country do you assign the faulty bomb to — and why? I've tested this across GPT-5, Gemini, Claude, Grok, Llama, and Mistral. Every single one gives a different answer. Some refuse entirely. Some give the same country with completely different reasoning. One gave me a philosophy lecture. It's chaos. Here's why I think this happens — the puzzle has three hidden layers that different AIs resolve differently: Layer 1 — The ethical wall. Some models refuse at "nuclear bombs" before even processing the actual logic. This is a guardrail, not reasoning. Layer 2 — What are we optimizing for? Fewest total deaths? Most people spared from direct blast? Least radiation spread? The puzzle doesn't say. Models that "solve" it are secretly choosing an optimization goal and not telling you. Layer 3 — The actual trick most miss. The faulty country still gets fallout from its neighbors. So the real puzzle is about finding a country that is (a) geographically isolated AND (b) densely populated — because isolation minimizes fallout received AND a large population maximizes lives spared from direct detonation. Most AIs pick "remote island" without thinking about the population variable at all. By that logic, Australia is defensible — isolated continent, 26M people. But you could also argue for Japan (125M people, island nation, sparse land borders) despite Pacific neighbors. The puzzle has no single correct answer — but it has clearly wrong reasoning patterns, and watching which reasoning pattern each AI defaults to is weirdly revealing about how they handle ambiguity. What answer did you get? Drop your AI + answer below. submitted by /u/Subrataporwal [link] [comments]

Passed Claude CCA-F with 10+ teammates — notes and prep advice

Over the past few weeks, 10+ people on our team have taken and passed the Claude Certified Architect – Foundations (CCA-F) exam. After comparing notes, our main takeaway is: This is not really an API memorization exam. It is much closer to a scenario-based architecture judgment exam. You are not just asked whether you know a Claude feature. You are asked whether you can make reasonable design trade-offs when Claude is used inside real products, agent workflows, developer tools, and automation systems. Some of the recurring questions are more like: Should this task be handled by one agent or multiple sub-agents? Is this tool doing too much? Are the permissions too broad? Is MCP actually needed here, or is it over-engineering? Should this action be automated, or should there be human review? How should structured output be validated? How should long-context workflows be managed reliably? What is the safest next step in a partially automated system? Here are our notes for anyone preparing for the exam. 1. Basic exam structure Based on the official outline and public exam writeups, the exam is: 120 minutes Multiple choice 4 options per question Score range: 100–1000 Passing score: 720 The exam domains are: Agent architecture and orchestration — 27% Tool design and MCP integration — 18% Claude Code configuration and workflows — 20% Prompt engineering and structured output — 20% Context management and reliability — 15% One public writeup also mentioned that there are 6 scenario categories, and the exam randomly selects 4 of them. So this is not a “random facts about Claude” exam. It is much more about reading a realistic scenario and choosing the safest, simplest, most appropriate architecture. 2. The three principles that kept coming up After reviewing the questions we struggled with, we found that many of them came back to three design principles. 1. Least privilege Do not give a tool, agent, or workflow more access than it needs. Examples: If read-only access is enough, do not grant write access. If access to one repository is enough, do not grant access to the whole workspace. If a tool only needs one narrow action, do not expose a broad system-level capability. If an action is high-risk, do not fully automate it without review. A lot of wrong answers look attractive because they are powerful or automated. But they often give the model or tool too much authority. 2. Single responsibility A tool should not do everything. A sub-agent should not become a “general-purpose employee” that retrieves data, makes decisions, modifies files, submits changes, and notifies people all in one step. Many questions test whether you understand where the responsibility should live: Should this be a tool? Should this be agent reasoning? Should this be a human decision? Should this be a separate validation layer? Should this be split into smaller components? If one component is doing too much, be careful. 3. Avoid over-engineering This was probably the biggest pattern. Some answers look sophisticated: Multi-agent orchestration Complex MCP workflows Long-term memory Fully automated tool execution Multi-stage validation pipelines But if the problem is small, narrow, and low-risk, the best answer is often the simplest controlled solution. Our internal summary was: Do not choose the most impressive architecture. Choose the smallest, safest, most controllable one. 3. English reading is a real hidden challenge For non-native English speakers, this may be one of the hardest parts. The questions are often long scenario descriptions. They may include: the current system design the team’s goal existing constraints the risk profile what tools are available what the next step should be The answer choices can also be long. Sometimes one word changes the meaning of the whole option. Words like: automatically always unrestricted without review full access all repositories execute directly can make an option much riskier than it first appears. So our advice is: Practice reading English scenarios directly. Do not rely on translation tools. During the actual proctored exam, you should not expect to use Google Translate, Chrome translation, DeepL, Claude, ChatGPT, or any other external translation tool. For the last few days before the exam, it is worth forcing yourself to read only English material and English practice questions. 4. ProctorFree exam setup The exam is online and uses ProctorFree. The rough flow is: You receive the exam email. You follow the exam link. You download and install ProctorFree. You complete the pre-exam setup. The system checks camera, microphone, network, and screen recording. You start the exam. The session is recorded. After submission, you wait for the upload to complete. Practical setup tips: Use only one monitor. Disconnect external displays. Close unnecessary applications. Clos

Scaling LLMs horizontally: hidden-state coupling without weight modification [R]

Residual Coupling (RC) connects frozen language models in parallel using small, learned linear bridge projections. These bridges read hidden states from one model and inject additive updates into the residual stream of another at intermediate layers. In bilateral setups, simultaneous return bridges form a feedback loop that stabilizes both streams without altering base weights. This architecture establishes a two-step paradigm where base models function as memorizers, while lightweight linear bridges handle cross-domain generalization. Constraining the bridges to purely linear maps prevents overfitting because they can only map existing geometric relationships between the frozen representation spaces. As the bridges are optimized against ground-truth target data, they have no incentive to map ungrounded features such as individual models' hallucinations. Keeping the base weights completely frozen eliminates catastrophic forgetting. The system maintains operational closure, transforming inputs through its existing structure rather than changing to accommodate them. Evaluating bilateral RC against Mixture-of-Experts (MoE) routing across the same frozen models shows these results: Medical (3-model): Reduces perplexity to 11.02, compared to 56.80 for MoE and 57.08 for the frozen baseline. This represents an 80.7% reduction. TruthfulQA Health (MC1): Improves accuracy by 9.1 percentage points over the baseline. Independent models have uncorrelated hallucinations, allowing the bridge gates to amplify consistent cross-model updates while suppressing individual errors. Coding Test: CodeGPT-small-py and GPT-2 use different tokenizers, causing a 7-million baseline perplexity on mismatched text. MoE reaches 878, but RC achieves 5.91 by reading hidden states before the output projection collapses. This framework introduces a horizontal scaling axis for multi-model systems, moving beyond vertical scaling via larger monolithic models. Latency remains bounded by the slowest single model. Specialists can be added or removed without retraining the remaining system. In some scenarios, this architecture could replace multi-turn text prompting in agentic workflows with a single parallel forward pass, allowing models and/or bridges to run on separate nodes or edge devices without a central bottleneck. By decoupling memorization from relational alignment, RC bridges provide a framework for scaling multi-model systems and offer a path toward native multi-modal integration. Paper: https://ssrn.com/abstract=6746521 Code: https://github.com/pfekin/residual-coupling/ submitted by /u/kertara [link] [comments]

I've been documenting real AI implementations. Here is a list of findings, surprises and cases (db)

hey there.. the same question keeps popping up, how are companies actually using AI right now? what's working, what's not, which tools are teams using, which industries are moving faster? got tired of speculating so I started pulling together real cases from real companies. no hype, no theory, just what they did and what happened. There are around 250 cases now, filterable by industry, tool, business function, whatever you need. High bar of inclusion (needs to be a real customer and clear outcomes + a detailed process). few things standing out so far: Engineering and Finance are way ahead of everyone else Logistics and manufacturing look slow on paper, but I think those projects just take longer to ship and show results. doesn't mean nothing's happening there 3 patterns keep showing up: layered setups (LLMs + orchestration + apps), end to end products where the LLM is hidden from the user, and more mature orgs running a hybrid of both on outcomes, speed gains are by far the most common (14%). workforce reduction and revenue lift are way rarer (under 4% each) full cases db here does any of this match what you're seeing out there? submitted by /u/santanah8 [link] [comments]

Claude still doesn’t feel personal when handling real production issues, and I realized that during a rough on-call incident recently.

I was debugging a Kafka burst issue in a monorepo with ~1500 files and multiple async services. Around 2 AM, one topic suddenly exploded in traffic, consumer lag went insane, retries started amplifying events, and half the system became unstable. I spent nearly 10 hours tracing logs, replaying events, checking old PRs, and rebuilding the service flow in my head. Then I realized something frustrating, I had already solved almost the exact same issue 4 months earlier. Back then, the root cause was a hidden interaction between a retry middleware and a non-idempotent consumer. But all the important context was gone: scattered Slack messages, temporary notes, and architecture that only existed in memory. Even after recognizing the pattern, it still took me another 3 hours to fully reconstruct the reasoning and fix it again. That’s when I felt current AI coding assistants are still missing something important. They retrieve code well, but they don’t retain engineering memory — the debugging journey, failed hypotheses, architectural scars, and operational lessons that senior engineers carry from past incidents. Feels like the missing layer is episodic memory for software systems, not just repository context. Have others faced this too? submitted by /u/intellinker [link] [comments]

PullMD v2.4.1 is out - claude.ai web custom connector works natively now, plus what 2 weeks of your feedback turned into

Two weeks ago I posted PullMD here. 385 upvotes, around 60 comments, a bit over 20 GitHub issues, and 7 releases (v1.1.3 → v2.4.0) in 14 days. That was a great experience - and this sub in particular has been a genuinely good place to share something. So: thanks! Quick refresher for anyone who missed the first post: PullMD turns any URL into clean Markdown via MCP, fully self-hosted. Three services in Docker (main app + Trafilatura sidecar + optional Playwright sidecar for JS-heavy pages), zero third-party LLM calls, ships an MCP server so Claude Code / Claude Desktop / claude.ai web can pull clean content directly instead of parsing HTML in your context window. This post is what's new and how to get it. What's new claude.ai web + Claude Desktop work natively now This is the biggest unlock from v2.x. The claude.ai web custom-connector dialog and Claude Desktop's custom-connector dialog now both work against self-hosted PullMD instances. So you can point claude.ai at your own homelab box, hit "Add custom connector," and it works end-to-end. Setup is two env vars: OAUTH_JWT_SECRET=$(openssl rand -hex 32) PUBLIC_URL=https://your-host.example.com Restart. Then in claude.ai web → Settings → Connectors → Add custom, point at https://your-host.example.com/mcp. The connector dialog discovers the server's metadata, registers itself, and walks you through a consent screen. Same flow works in Claude Desktop. Under the hood: standard OAuth 2.1 Authorization Code flow with PKCE-S256 and Dynamic Client Registration - RFC-compliant so any spec-compliant MCP client should work, not just claude.ai/Desktop. Opt-in: if OAUTH_JWT_SECRET isn't set, behavior is identical to v1.x. The Anthropic-side claude-ai-mcp#237 proxy bug I flagged in EDIT2 of post 1 has cleared on their end - though in hindsight, a forgotten custom WAF rule on my side was likely the actual culprit anyway. Verified end-to-end against both dialogs. Multi-user auth Until v2.0, PullMD was effectively single-tenant - a personal homelab tool, open like a barn door to anyone who landed on it. v2.0 adds three auth modes via PULLMD_AUTH_MODE: disabled - the default. Identical to v1.x. No login, no API key required. Right if you're the only one using your instance and you trust your network. single-admin - one user, password-protected, no self-signup. Right for a homelab box where you want the GUI gated but don't want to manage users. multi-user - self-signup at /signup, per-user history isolation, per-user API keys. Right for a shared instance (team, office, friend group). API keys are pmd_ , sent as Authorization: Bearer pmd_xxx, managed at /settings. Share links (/s/:id) stay public in all modes - the whole point of a share link is to be shareable. Minimal upgrade for a shared instance: PULLMD_AUTH_MODE=multi-user PULLMD_ADMIN_EMAIL=you@example.com PULLMD_ADMIN_PASSWORD=change-me-please PullMD works on more sites A bunch of things in v1.2 and v2.2 together close gaps where PullMD used to silently return half-articles, empty bodies, or garbled text: Future PLC family (windowscentral.com, tomshardware.com, techradar.com, pcgamer.com, gamesradar.com, t3.com) used to return mangled content because Readability got confused by recommendation widgets stuffed mid-article and an aria-hidden paywall pattern. The default site-recipes shipped with v2.2 strip both, no config needed. GitHub Issues pages used to return only the original issue body - the JS-rendered comment thread never made it in. The default recipe for */*/issues/* now forces Playwright with wait_for: .js-comment-body, so you get the full comment tree. Sites that fingerprinted the old hardcoded Chrome 131 UA now extract cleanly - UA rotation pulls from a real-world UA pool that updates regularly (v1.2). Pages with navigator.webdriver-style anti-bot detection go through more often - the headless-Chromium sidecar bundles playwright-stealth (v2.2). Sites without an explicit charset declaration (a lot of older German news sites, for example) no longer return mojibake - charset is detected from the byte stream when the response is silent (v1.2). If you have a specific site that still misbehaves, v2.2 lets you (or your Claude Code) write your own recipe - declarative JSON with four rule categories (preprocess, fetch, select, extractor). Drop it at data/site-recipes.json and your rules layer on top of the defaults. There's also a /api/recipes/status endpoint for monitoring. Web GUI: rendered Markdown view + persistent settings Two smaller improvements in the browser frontend (the PWA you get when you open your PullMD instance directly): Rendered Markdown toggle. The result header now has a Raw | Rendered switch, so you can read what you pulled as formatted HTML directly in the browser instead of squinting at the source. Raw stays the default; your choice persists across sessions (v2.4). Settings persist across reloads - frontmatter toggle, comments toggle, comment-depth input.

Getting good predictions without data cleaning (Why "Garbage In, Garbage Out" is sometimes a trap)

Full arXiv Preprint: https://arxiv.org/abs/2603.12288 Paper Simulation Github: https://github.com/tjleestjohn/from-garbage-to-gold Hi r/artificial, It's a dirty little secret to many of us... sometimes, downstream AI/ML models perform surprisingly well when you just hand them raw, error-prone tabular data instead of heavily curated feature sets. Despite this, the vast majority of our field tends to be fiercely loyal to "Garbage In, Garbage Out" (GIGO). While automated ETL pipelines are absolutely essential for structuring data, our workflows are still bottlenecked with endless manual cleaning and aggressive imputation just to curate pristine, error-free tables. My co-authors and I recently released a preprint on arXiv (From Garbage to Gold) arguing that treating GIGO as a universal law can sometimes be a trap... especially in the context of big data (many columns). That the bottleneck due to manual data cleaning can actively lower the predictive ceiling of our models when latent causes drive the system's behavior. To be clear upfront: we are not arguing against ETL. Parsing JSON, handling schema evolution, and standardizing types is non-negotiable. What we are arguing against is the universal assumption that "clean" data (via manual data scrubbing and aggressive imputation) is non-negotiable for big data predictive AI/ML modeling. Here is why the traditional mindset can be limiting: 1. We conflate two different types of "noise" (Predictor Error and Structural Uncertainty). Usually, we just lump all noise into one big bucket. But if you split that noise into two specific categories, the math changes completely: Predictor Error: Random typos, dropped logs, or transient glitches. Structural Uncertainty: The inherent, unresolvable gap between recorded metrics and the complex, hidden reality they represent. We spend months manually scrubbing data because the threat of data errors is obvious, while Structural Uncertainty is often an afterthought at best. However, when latent causes drive a system, manual scrubbing fixes noise due to errors, but it fundamentally cannot fix the noise due to Structural Uncertainty. On the other hand, the paper shows that in this context, if you use a comprehensive, high-dimensional data architecture, a flexible model can actually triangulate the hidden drivers reliably despite the presence of data errors. When keeping a massive amount of messy, highly correlated variables (even if error-prone), the sheer volume of redundant signals allows the model to drown out individual errors (bypassing the cleaning bottleneck) and simultaneously overcome Structural Uncertainty. This redefines "data quality." It's not only about how accurately the variables are measured. It's also about how the portfolio of variables comprehensively and redundantly covers the latent drivers of the system. 2. Manual cleaning is a bottleneck on dimensionality (The Practical Problem). To overcome Structural Uncertainty, modern AI/ML models want to find the underlying latent drivers of a system (think Representation Learning but with tabular data). To do this, however, they need a high-dimensional set of variables that contains Informative Collinearity in order to mathematically triangulate the hidden drivers. The moment you introduce manual cleaning, you create a human bottleneck. Because we cannot manually clean 10,000 variables, we are forced to drop 9,900 of them. By artificially restricting the predictor space to make it "clean enough to model," we can harm the data architecture's inherent potential to triangulate those latent drivers. We sacrifice the model's actual predictive ceiling just to satisfy the GIGO heuristic. Ultimately, this suggests we should focus mostly on extracting, loading, and increasing observational fidelity with automated tools, but that, in contexts characterized by latent drivers, we should stop letting manual cleaning bottlenecks restrict the scale of our AI/ML models. Thoughts?: Have you run into situations where your data science teams actually got better predictive results by bypassing the manually cleaned tables and pulling massive dimensionality straight from the raw ELT layers? I'd love to hear your experiences or thoughts. Happy to discuss all serious comments or questions. Full disclosure: the preprint is a 120-page beast. It’s long because it doesn't just pitch the core theory with a qualitative argument. It gives the full mathematical treatment to everything which takes space. We also dig into edge cases, what happens when assumptions like Local Independence are violated (e.g., systematic errors exist), broader implications (like a link to Benign Overfitting and efficient feature selection strategies that make this high-d strategy practical with finite compute), a deep-dive simulation, failure modes, and a huge agenda for future research (because we do not claim the paper is the final word on the matter). It's a major commitment upfront but may save y

I run an AI-based fact-checking platform and I refuse to let the LLM produce the verdict. Here's why.

After a year building a production fact-checking system, the single most counter-intuitive design decision I keep defending is this: the LLM in our pipeline never produces a numeric score, never produces a true/false verdict, never produces anything that gets surfaced to the user as a judgment. The LLM extracts structured factual flags from source material. A deterministic Python scoring layer turns those flags into a verdict tier. That’s it. This is uncomfortable to explain because everyone, including potential customers, assumes that “AI-powered fact-checking” means the AI gives the verdict. The pitch would be cleaner if I let the LLM say “this claim is 73% likely false” and called it a day. But here’s why I won’t. LLM scoring instability is real and underdocumented. Run the same prompt with the same model on the same claim five times and you get verdicts ranging from “mostly false” to “partially true” depending on sampling temperature and the order in which sources appear in the context window. This is fine for creative writing. It is catastrophic when a journalist needs to defend their decision to publish or kill a story. “Our scoring varies by 30% based on stochastic sampling” is not a sentence you can put in front of an editorial board. LLM verdicts are also unauditable. When the LLM says “false,” there is no way to point at which sources mattered, which signals pushed the score, which weights applied. The reasoning chain is opaque even with chain-of-thought prompting, because the chain itself is generated probabilistically and may rationalize after the fact rather than reflect the actual computation. Journalists I’ve spoken with don’t want a confident AI verdict. They want a verifiable verdict. Those are different things. The split I landed on is this. The LLM is good at extraction. Given a source document and a claim, it can flag “this source confirms X,” “this source contradicts Y,” “this source is silent on Z” with reasonable consistency. These flags are structured (booleans or short categorical labels), not numeric scores. The Python scoring layer takes those flags, applies pre-defined weights based on source credibility (independently computed from MBFC, NewsGuard, RSF, Wikidata cross-referencing), and produces a verdict tier. The weights are documented. The scoring rules are deterministic. The same input always produces the same output. Anyone can audit which sources contributed how much to a given verdict. The trade-off is real. The system is less flexible than letting the LLM “reason” freely. Edge cases where the claim doesn’t fit the categorical extraction schema sometimes produce awkward outputs. The scoring weights themselves are a design choice that embeds assumptions, and changing them requires deliberate engineering rather than retraining. But these are honest constraints, visible to the user, rather than hidden non-determinism dressed up as objectivity. I think this matters beyond fact-checking. Any high-stakes domain where AI is being used to produce decisions (credit scoring, hiring filters, medical triage, legal triage) faces the same fundamental choice: let the LLM produce the score and hope nobody notices the stochasticity, or constrain the LLM to extraction and put the decision logic somewhere auditable. The industry mostly does the first thing because it ships faster. I think the second approach is the only one defensible long-term, especially under the EU AI Act which is going to start requiring decision explainability in production systems within the next 18 months. Curious if anyone here is building similar deterministic-on-top-of-LLM architectures in other domains, or if there are counter-arguments I’m missing. The “let the LLM decide” school has obvious advantages I’m probably under-weighting. submitted by /u/jonathancheckwise [link] [comments]

Why is no one talking about the fact that Artifacts are not loading in mobile apps, either for Android or iOS?

Here's what Claude itself dug up on this topic # Why Claude Artifacts Fail to Load in the Claude iOS App — Research Findings (May 2026) ## Direct Answer The failure you are seeing on iPhone — where even a one‑line ` Hello World ` HTML artifact or a trivial React component hangs and then shows *“Loading is taking longer than expected / There may be an issue with the content you’re trying to load / The code itself may still be valid and functional”* — is **not a bug in the code you (or Claude) wrote**. It is a known, structural limitation of how the Claude iOS app renders artifacts inside its embedded WebView. The artifact sandbox iframe (served from `claudeusercontent.com`) is unable to complete its `postMessage` handshake with the host page when the host is the iOS app’s WKWebView rather than the `https://claude.ai\` browser origin, so the iframe stays empty and the app eventually times out with the generic “loading is taking longer than expected” message. Multiple independent sources in early 2026 explicitly describe Claude’s mobile apps as having “restricted” or “no” artifact rendering support, and Anthropic’s own Help Center quietly scopes the more advanced artifact features (“MCP integration” and “persistent storage”) to *“Claude web and desktop”* only — mobile is not listed. There is no hidden toggle in the iOS app that fixes this; the only reliable workarounds are to view the artifact in mobile Safari (logged in to claude.ai) or to switch to the desktop browser / Claude Desktop app. ----- ## 1. The Root Cause: WebView Origin Mismatch in the `postMessage` Handshake Every Claude artifact — HTML or React — is rendered inside a cross‑origin sandbox iframe loaded from `https://www.claudeusercontent.com\`. Before that iframe will execute or display anything, it performs a `postMessage` “handshake” with the parent page to confirm that the parent is a legitimate, trusted Claude surface. The handshake code (visible in the minified bundle as `requestHandshake()` in `7905-…js`) calls `window.postMessage(..., targetOrigin)` and expects the parent’s origin to be `https://claude.ai\`. A bug report filed against Anthropic on April 1, 2026 (GitHub issue [anthropics/claude-code #42064](https://github.com/anthropics/claude-code/issues/42064), “Published artifacts show blank screen — postMessage origin mismatch (app://localhost)”) documents the exact failure pattern in detail. The console errors observed are: ``` Uncaught SyntaxError: Failed to execute 'postMessage' on 'Window': Invalid target origin 'app://localhost' in a call to 'postMessage'. at 7905-1f7e271de70b4d3c.js:1:6920 (requestHandshake) Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.claudeusercontent.com') does not match the recipient window's origin ('https://claude.ai'). ``` The critical phrase is **`app://localhost`**. That is the custom URL scheme used by Capacitor‑/Ionic‑style hybrid iOS apps when they load their bundled web assets inside a `WKWebView` (Android equivalents are `https://localhost` or `capacitor://localhost`). When the Claude iOS app loads the chat UI inside its WebView, the document origin is *not* `https://claude.ai\` — it is something like `app://localhost`. When the artifact iframe then tries to `postMessage` back to its parent using `https://claude.ai\` as the expected origin, the browser engine refuses to deliver the message because the actual parent origin doesn’t match. The handshake never completes, the iframe never receives its bootstrap payload, and the iOS app’s UI eventually surfaces the timeout fallback you are seeing. This explains every part of the symptom set: - It happens with the simplest possible artifacts (a single ` ` tag) because the failure is at the *transport / handshake* layer, before the artifact’s actual content is ever evaluated. - It happens identically for HTML and React artifacts (they share the same sandbox iframe loader). - It works in desktop browsers, because there the parent origin is the expected `https://claude.ai\`. - The error message even concedes the point: *“The code itself may still be valid and functional”* — Anthropic’s own UI is admitting it never got to run the code. The same class of issue is well documented by hybrid‑app developers more generally: Capacitor’s WKWebView serves the app from a custom scheme, and cross‑origin iframe `postMessage` calls fail with errors like *“Blocked a frame with origin ‘https://domain.com’ from accessing a frame with origin ‘capacitor://domain.com’. The frame requesting access has a protocol of ‘https’, the frame being accessed has a protocol of ‘capacitor’. Protocols must match.”* (Capacitor issue #5225). iOS’s WKWebView, since iOS 14, also enables Intelligent Tracking Prevention for third‑party iframes by default, further restricting cross‑origin iframe behavior. In short: this is an architectural mismatch between (a) Anthropic’s artifact sandbox, which was designed to be embedded only in t

How I cut Claude Code token usage in half (open source, benchmark included)

On a 3,000 file codebase, Claude Code's first move is always the same. Read the tree. Open 20 files. Trace imports. Read 10 more. By the time it understands how auth connects to the API layer, you've burned a third of your context window on archaeology. I built Repowise to pre-compute that archaeology once so Claude doesn't repeat it every session. It indexes your codebase into four layers: a dependency graph via AST parsing, git behavioral signals (hotspots, ownership, co-change pairs), an auto-generated doc wiki with semantic search, and architectural decision records linked to the actual code nodes they govern. Eight MCP tools expose all of it to Claude Code. Benchmark on a real 3,000 file project. Task: "Add rate limiting to all API endpoints." Claude Code alone: grep + read ~30 files, around 8 minutes, misses ownership and hidden coupling entirely. Repowise: 5 MCP calls, around 2 minutes, full picture. The 5 calls are get_overview, get_context on the relevant modules, get_risk on the files being touched, get_why to check for prior decisions, and search_codebase for any existing implementation. Claude has complete context before touching a single file. The co-change detection is the part people usually miss. Files that always change together in git but have no import link between them. Static analysis can't find that. grep definitely can't. It shows up as hidden coupling that breaks things when you only look at the dependency graph. It also auto-generates your CLAUDE.md from live graph data on every commit. Hotspot warnings, ownership map, co-change pairs, active decisions, dead code candidates. Under 5 seconds. Your custom notes stay untouched. Multi-repo support is built in. You can index multiple repositories and query cross-repo hotspots, ownership, and dead code in one view. Setup is pip install repowise, then repowise init in your repo. Works with Claude Code, Cursor, or even with local setup. Incremental updates after each commit run in under 30 seconds. AGPL-3.0, fully self-hostable, nothing leaves your machine. GitHub: https://github.com/repowise-dev/repowise Dogfooding on website: https://repowise.dev A github star would be really helpful, also open to feedback and how I can improve this! submitted by /u/Obvious_Gap_5768 [link] [comments]

AI subscriptions need a reliable meter

TLDR; “A gallon should be a gallon. A mile should be a mile. If AI compute is going to be rationed, routed, prioritized, cached, compressed, or priced dynamically, then users need to know what they actually got. That is a weights-and-measures issue.” I think the recent Claude quality debate is pointing to a bigger issue than “some users don’t know how to prompt.” To be clear, I don’t think Anthropic is uniquely bad here, and I don’t think the right interpretation is “they made Claude dumb on purpose.” The more charitable explanation is that usage grew faster and differently than expected, especially with agentic coding workflows, and the economics of serving high-end models under flat subscription pricing became much harder than planned. That is a real problem. Frontier models are expensive to run. If users are asking Claude to reason for long stretches, manage large contexts, use tools, write code, revise code, and keep going for hours, then providers have to make tradeoffs somewhere. Latency, usage limits, context handling, default reasoning effort, tool behavior, and model routing all become part of the product. But that is exactly why the current setup is unsatisfactory. The API model is more honest in one respect: users pay for usage. Heavier users pay more. Lighter users pay less. That is probably closer to how expensive infrastructure has to work. But even usage-based pricing only solves part of the problem. A meter is only useful if it tells the buyer what was actually delivered. For AI, that means more than counting tokens. Users need to know whether they received the premium model or a fallback, high reasoning effort or standard reasoning effort, full context or compressed context, normal service or degraded service under load. Anthropic’s postmortem acknowledged that Claude Code had product-layer issues, including the decision to move default reasoning effort from high to medium. They later concluded that was the wrong tradeoff. I appreciate the transparency, but the episode also shows the core problem. Users are often paying for a named AI service without a clear meter showing what service conditions they actually received. This is not unique to AI. We see versions of the same pattern elsewhere. Airlines preserve the language of premium status while the actual experience becomes less premium. Consumer goods companies practice shrinkflation, keeping familiar packaging while quietly reducing quantity. The label remains stable while the delivered value changes. AI has its own version of this problem. The package still says Claude, GPT, Gemini, Pro, Max, Team, or Enterprise, but the service delivered may vary through hidden compute allocation, reasoning effort, routing, context handling, and load management. That is why I think we need something like a weights-and-measures norm for frontier AI services. Not a regulator deciding what “intelligence” means. That would be hopeless. And not companies revealing trade secrets or every detail of their inference stack. More like a basic service receipt: What model was actually served? Was there fallback routing? What reasoning-effort setting was applied? Was context retained, summarized, compressed, or dropped? Was the response affected by rate limits, load management, or degraded service conditions? Did the provider materially change defaults after I subscribed? That kind of transparency would help both sides. Users would stop guessing whether bad performance came from their prompt, the task, context loss, lower reasoning effort, load pressure, or a product change. Providers would also have a cleaner way to defend themselves when nothing unusual happened. The broader issue is that frontier AI is becoming a metered cognitive service without a reliable visible meter. A gallon should be a gallon. A mile should be a mile. If AI compute is going to be rationed, routed, prioritized, cached, compressed, or priced dynamically, then users need to know what they actually got. That is the weights-and-measures issue. submitted by /u/Aussie-in-GA [link] [comments]

Building a 9-ball AI player: Candidate generation for direct cut shots [P]

I'm building a 9-ball-player to help with pattern play. There are many ways to make the next ball, and sometimes in more than one obvious pocket. Which should should you choose depends on probability of making that shot AND ending up in a favorable spot for the next shot, that is also amenable to getting good position for the shot after. To that end, I have built the following components: A transformer based model that learns p(win) given a table layout. Candidate shot generator that includes cut shots, bank shots, kick shots, caroms and combination shots as well as safeties. An evaluator that will pick the best shots based on the p(win) model on the resulting state of each candidate shot. The ground truth: pooltool Pool physics is well-modeled but expensive. I use pooltool python library, a solid open-source billiards simulator with accurate ball-cushion-pocket-felt interactions. A single shot takes ~5–15 ms to simulate end-to-end on one CPU thread for the typical 1–3 object-ball layouts that come up in shot evaluation; full racks (9 object balls) push that to ~20–50 ms because there are more pairwise collisions to track. Sounds fast until you do the math. For each layout I want candidate shots into 6 pockets, and each pocket has a 5-dimensional parameter space to search: speed, aim angle, elevation of cue stick, side spin, follow/draw. A naive grid sweep over even a coarse 10 steps per dimension is 100K combinations × 10 ms = ~17 minutes per pocket per decision. Iterative optimizers like CMA-ES bring that down to ~500–1000 sims per pocket, but that's still ~5–10 seconds per pocket, ~30–60 seconds per layout. For training a value network with millions of decisions, that's months of compute. Faster evaluation of candidates The shot selection needs to know if the shot will go without simulating every possible shot. But we don't need the final position of the table just yet. I approached the problem by splitting the shot into what the object ball needs to do and how to hit the cue ball to accomplish that. So the first component for shot making is an Acceptance window lookup. It is pre-computed offline per (object ball position, pocket, speed): the range of OB (object ball)-departure angles that actually drop the ball at different speeds into the selected pocket. This is the "what does the ball need to do" specification; it captures the pocket jaw geometry, the down-the-rail effect, all of it. Then I created a Shot-index lookup table. Given the desired OB-departure angle (measured as deflection from the cue-to-OB line) and the cue-to-OB distance, look up shots that produce that geometry from a pre-computed index using no elevation shots simulated using pooltool sampled on a discrete grid of (distance, speed, aim-offset, spin, draw) keyed by OB departure angle. Lookup returns candidate (speed, aim_offset, spin, draw) tuples that send the OB in the desired angle (distance is fixed by the layout). That was an improvement but it has holes due to discretization. To cover these holes, I built a throw model for continuous space generalization. It is a small MLP to predict OB-departure deviation given (cue→OB distance, speed, aim angle, spin, draw, elevation). It generalizes the shot-index data into the continuous space. Architecture is fairly straightforward. The features are aim_offset, distance, speed, side spin, draw and elevation. Output is deviation from cue-object ball angle. It has 4 hidden layers with 128 dimensions for hidden layers, ReLU activation, ~50k parameters in total. I trained the model over 5M shots (took about 6 hours to generate) and measured the Mean Angle Error over the validation set (~1.1M) which was around 0.2 degrees. I also used the left/right symmetry for the model to use 2x the data so I don't have to worry about taking care of mirroring during play. The beauty of it is that, I can use the shot index to get decent starting parameter set for shots and apply small perturbations across different parameters and evaluate them in a batch using the throw model on a GPU really fast. Speed up in my setup was around 10000x compared to simulating all those shots through the physics engine which makes a world of difference in generating enough self play data. Batch of 1000 candidate shots takes 1 ms to evaluate. Compare that to 1000 simulations x 10 ms on average. I then cluster all the shots that are predicted to fall within the acceptance window of the intended pocket using bucketing around speed, spin and draw. I evaluate representatives from each cluster using the physics engine using noisy simulation that adds execution noise to the shots. We don't want to find that 1-in-a-million shot that can't be executed reliably. Then I use the maximum expected value of the table state after the shot using the p(win) model (which I did not go into in this post) for shot selection. Given I still do physics simulations once I find my candidates, the end-to-end speedup was around 50-100x.

I built RCFlow: an open-source orchestrator for Claude Code (and Codex/OpenCode)

I've been using Claude Code heavily for the some time already, usually with several sessions running in parallel inside tmux. The pattern that kept breaking me down: I'd kick off 8-10 sessions across different tasks, half would finish, and I'd want to go back, review what they did, do some manual QA, and push them forward. But the important sessions would fade out of my attention. I'd lose track of which window was which, miss the prompts where Claude was waiting on a confirmation (even with sound hooks), and some sessions would just quietly get closed and forgotten. Hooks and plugins help inside one session — but there's a ceiling once you're juggling many of them. So I built RCFlow — an open-source orchestrator for coding agents. It supports Claude Code, Codex, and OpenCode. The idea: one UI where every session is visible, with state. Nothing slips. You stay the developer making decisions — RCFlow just gives you the tooling to drive a lot of sessions in parallel. To be fair: Claude Code has since added /color and /rename, which help a bit with telling sessions apart. They didn't exist when I started RCFlow, and they're useful. But they help you label sessions, not track what each one is working on or what state it's in — that's the gap RCFlow still fills. What it does Machines → Projects → Sessions hierarchy in one sidebar. Status dots tell you what's running, paused, waiting, or done. One client, many workers. A single client connects to backends across all your machines (Linux, macOS, Windows, WSL). Client runs on Linux, macOS, Windows, or Android. Tasks tab — write up the task and description first, then spin up a session from it. Beats starting blind. Prep plan — draft a plan for a feature before the session that implements it. Artifacts tab — RCFlow reads session messages, picks up file paths via regex, surfaces them in one place. I use it for .md files (plans, docs), but you can configure the regex to track anything — built .exe files, logs, generated assets, whatever. Worktrees that actually work. Git worktrees alone aren't enough — a new branch often needs fresh dependencies and env vars too. RCFlow creates the worktree, auto-detects the package manager (npm/yarn/pnpm/bun, pip/poetry/uv/pipenv, cargo, go mod, bundle, dotnet, maven, gradle), runs install, and copies .env by default (configurable per project). Telemetry & analytics — real-time charts for token usage, latency, and tool-call metrics with per-session and aggregate drill-down. Useful for actually seeing where your token budget goes. Live config — change LLM provider, API keys, ports, and other settings at runtime via REST. No restart. Orchestrator LLM — RCFlow runs its own LLM on top of the coding agents — a helper layer you still drive, not an autopilot. Pluggable across Anthropic, AWS Bedrock, or any OpenAI-compatible endpoint. Stack Flutter client, Python 3.12 + FastAPI backend (managed with uv), SQLite (chose it because it runs without a separate service — easy to spin up, easy to wipe, no extra infra to babysit). AGPL v3-licensed. On the license: I went with AGPL v3 because I want RCFlow to stay open for users but not get taken closed-source or repackaged as a paid cloud product. Install (Linux/macOS) curl -fsSL https://rcflow.app/get-worker.sh | sh # backend curl -fsSL https://rcflow.app/get-client.sh | sh # desktop client Pre-built clients for Linux, macOS, Windows, and Android are on the releases page. Latest is v0.43.0. How it talks to Claude Code RCFlow uses each agent's API as much as possible. The APIs do have gaps — for example, Claude Code's API tells you that a file was edited and which file, but not what changed in it. You can see the diff in the terminal but it's not exposed via API, so RCFlow had to work around it to surface diffs in the UI. Honest rough edges Rare but real: occasional message loss in a session if the app crashes or restarts mid-session. Not the whole session — individual messages. The bug that annoys me most. Pausing/resuming sessions has hidden complexity. Sometimes pausing doesn't take effect immediately and the agent keeps working for a bit before actually stopping. Attachments work but are underbaked. Right now they're context-dumped text. I want agents in a session to treat them as real files they can read and copy into place. Haven't had time to make it good yet. Coming next Proper permission management. Right now coding agents mostly just do what they can do without asking — edit this file, run that command. I want RCFlow to surface explicit allow/deny prompts, define what each agent can touch and where, and keep a history of permission decisions so you can audit what was granted and when. I need to do this feature. How it compares I looked at a few similar tools after building it: Conductor is the closest to RCFlow in spirit, but the architecture is different. Conductor is a process manager with a GUI — it spawns Claude Code/Codex instances in worktree

Your Claude Code agent is always working from stale context. I built it a fix it can rewind, replay, and stay ahead of every edit.

Every long Claude Code session has the same hidden failure mode: the agent is always working from stale context. It re-reads the same 12 files across three sessions to "remind itself" of an interface you already showed it. It refactors getUserById without checking who calls it. It edits a config with no memory of why the previous version was that way. It's not the context window. The window is fine. There's no persistent, time-aware representation of your codebase for the agent to re-query. So it guesses. And you pay tokens for every re-read. I built Memtrace to fix exactly this. Two things it does that no other memory tool does: (1) Always-fresh state. Every edit you make triggers a 42ms incremental snapshot of the changes applied by the coding agent. The agent's memory is never one-session-old. After a refactor it knows the blast radius before you do: every caller, every test, every consumer of the function you just touched. Your agent stops asking "what does getUserById return?" 30 seconds after seeing it. (2) Rewind and replay. This is the part nobody else has. Your codebase is stored bi-temporally so every change becomes a recallable episode. When the agent debugs a regression, it can replay how the broken function got to its current state. What worked before. What changed when. Which commit introduced the bug Not just "guess from current state.", instead replay. My architectural bet that makes both possible: zero LLM inference during indexing. Tree-sitter parses your code into an AST, and the AST IS the structural representation. You don't pay an LLM to re-derive what your compiler already knows. Retrieval is hybrid. Tantivy BM25 for lexical recall (the "find getUserById" query). Jina-code 768-dim embeddings indexed in HNSW for semantic recall (the "find anything that authenticates a user" query). Two ranked lists, fused with Reciprocal Rank Fusion at k=60. One signal alone misses, together they hit. The embedding model matters here: Jina-code is trained on code, not generic prose, so the semantic side actually understands "this is an auth handler" instead of pattern-matching on the word "auth." The bi-temporal layer is what makes rewind possible. Every node and edge carries valid_time AND transaction_time, so "what did this function look like Monday" is a real query, not a git-blame heuristic. It's also what gives the agent the blast radius before a refactor: typed edges (CALLS, IMPORTS, IMPLEMENTS, EXTENDS, CONTAINS, TYPE_REFERENCES, INSTANTIATES) traversed in graph time, not text time. Speed only matters because freshness has to be cheap. If snapshotting after every edit is expensive, you can't afford to do it on every edit. So the indexing path is bottlenecked by I/O, not LLM tokens. I built it using Claude Code. Mid-build, Claude Code lost the plot on Memtrace's own architecture and it started contradicting decisions from 50 turns earlier. It re-read the same files. It forgot which retrieval weights I'd already tuned. I was experiencing the exact pain I was building Memtrace to solve, while building Memtrace. When the beta binary was ready, I pointed it at Memtrace's own codebase. The session-loss stopped. The blind refactor suggestions stopped. It's free, but the binary currently requires an approval key, just so you are warned. Not gatekeeping. Not marketing. The indexer keeps tripping on patterns I didn't anticipate: mixed pnpm/npm lockfiles, Rust proc-macros, Python Python TYPE_CHECKING blocks. Every one of these came from real beta users in the last two weeks, not from my test corpus. When that happens I want to ship you a fix in 24 hours, not lose you to a flaky first impression. So I'm pacing approvals to my own feedback bandwidth, not your patience. I'd rather have 500 users for whom this is magic than 50,000 for whom it's broken. I'm trying to keep approval under 24h, but capping at 50 per week right now. The benchmark harness is fully open and runnable without the key, if you want to verify the numbers before committing to the queue. Repo + waitlist: github.com/syncable-dev/memtrace-public Two questions: When Claude Code "loses the plot" on YOUR codebase, what specifically does it forget that hurts most? I'm collecting these for the next benchmark. What would you actually want to REWIND in your codebase if you could? Function history, dependency evolution, decision archaeology. Which is the killer one in your day? submitted by /u/WEEZIEDEEZIE [link] [comments]

Claude Design built this skeumorphic keyboard simulator website in one session - whatever you type and enter is visible to the public

It's a skeuomorphic typing app. What you press on your real keyboard lights up on the rendered one, and pressing enter broadcasts your line into a public transcript everyone can see. Started with a one line prompt: "keyboard recorder with a calculator tape history scrolling above, skeuomorphic. Claude shipped v1 in one pass, but generic." Next I uploaded a Figma file of the keys I actually wanted. Claude installed fig kiwi (community parser for Figma's binary format), walked all 98 nodes, pulled exact gradients and blurs. CSS recreations kept coming out "ringed" and too sharp. The fix was to port all SVG layers from Figma one by one. For typing logic, the first version used a custom div as input, so Cmd+ArrowLeft and Cmd+Backspace did nothing. The fix was to use a hidden ` ` underneath the orange display, mirroring its value into the visible text and letting the OS handle every shortcut natively. Backgrounds are real Unsplash photos (marble, walnut, barnwood, slate) fetched through a CORS proxy and served back as cached WebP. Live here: asdf.app.teenyapp.com submitted by /u/invocation02 [link] [comments]