Designing everyday AGI.
Users generally appreciate MultiOn for its versatility in facilitating multi-agent execution and its ability to handle structured work efficiently under governance rules. However, some users express concerns about potential conflicts or data overwriting when multiple agents engage simultaneously. The pricing sentiment is mixed, as some value the capabilities provided, while others find it challenging to justify the cost. Overall, MultiOn is seen as a robust tool with a good reputation among those needing structured AI management solutions, but it may require improvements in conflict resolution and cost transparency.
Mentions (30d)
102
20 this week
Reviews
0
Platforms
2
Sentiment
1%
3 positive
Users generally appreciate MultiOn for its versatility in facilitating multi-agent execution and its ability to handle structured work efficiently under governance rules. However, some users express concerns about potential conflicts or data overwriting when multiple agents engage simultaneously. The pricing sentiment is mixed, as some value the capabilities provided, while others find it challenging to justify the cost. Overall, MultiOn is seen as a robust tool with a good reputation among those needing structured AI management solutions, but it may require improvements in conflict resolution and cost transparency.
Features
Use Cases
Industry
information technology & services
Employees
47
Funding Stage
Seed
Total Funding
$20.0M
Anthropic just published how they contain Claude agents, including two security incidents they got wrong
Anthropic dropped a solid engineering post this week about containment across claude.ai, Claude Code, and Cowork. One of the more transparent writeups from a major AI lab about what actually broke. The core insight: model-layer defenses are probabilistic and will always have a non-zero miss rate. So the real answer is hard environmental containment, not just safer models. Three patterns they use: \-claude.ai: ephemeral gVisor containers, fully server-side \-Claude Code: OS-level sandbox with human-in-the-loop approvals (93% get approved anyway, so approval fatigue is real) \-Cowork: full local VM, credentials never enter the guest Two incidents they disclosed: A red team phished an employee into running a prompt that exfiltrated AWS credentials. Succeeded 24 out of 25 times. The model had nothing to catch because the user was the one typing it. Only egress controls would have stopped it. A third-party found that Cowork’s egress allowlist passes traffic to api.anthropic.com. An attacker embedded an API key in a file in the user’s workspace, Claude followed hidden instructions, and uploaded files to the attacker’s Anthropic account. Sandbox worked perfectly and still leaked data. Their lesson: an allowlist isn’t a destination filter, it’s a capability grant. Every function reachable through an allowed domain is an attack surface. The section on persistent memory poisoning and multi-agent trust escalation at the end is worth reading too if you’re building anything agentic.
View originalMagic Compact: Replacing Claude Code's Flawed Compaction Algorithm
Back in February, I was reverse engineering a popular application's minified files with Claude Code. Over a series of turns, we had progressively built up a map of the codebase: what symbols meant, what different functions did under the hood, the main runtime loop, reverse-engineered internal modules, the permission system, etc. Then the context got filled up, Claude Code's compaction kicks in, and the entire conversation was compacted. All tool calls, all file reads and writes, all the decisions we made and secrets we uncovered gets replaced with a single summary blob generated from Claude Code's compaction prompt. Of course, I had my agent constantly document its findings and recreate source files whenever possible, but that wasn't enough. After compaction, the agent woke up with basically no memory of the codebase at all. The quality fell off a cliff. All symbol mappings, structural inferences, module separations, hours of untangling minified garbage, all flattened into a generic template that captured maybe 10% of what mattered. It started re-reading the same minified files, re-deriving the same mappings we'd already worked out, undoing everything. Thus, I decided to build a better replacement for Claude Code's built-in compaction system. https://preview.redd.it/7r46glk5hubh1.png?width=2422&format=png&auto=webp&s=05689446891b45917719087221036703170a35ca The core idea was simple: standard compaction destroys information because it tries to summarize the entire conversation at once into a single generic Markdown summary: This session is being continued from a previous conversation that ran out of context. The summary below covers the earlier portion of the conversation. Summary: 1. Primary Request and Intent: 2. Key Technical Concepts: 3. Files and Code Sections: ... But that destroys the entire conversation flow, leading to sharly degraded post-compaction quality. But what if you kept the conversation structure intact and only pruned and summarize the long parts? That's what Magic Compact does. It preserves every user message, replaces old assistant turns with lean summaries, and strips out large tool I/O into a cache while keeping the tool calls themselves visible. The conversation reads like the original, just condensed. Same flow, same decisions, same memory. The difference in agent quality post-compaction is night and day. Per-turn summaries preserve the thought process and decisions for each turn, so the agent retains its working memory instead of waking up blind. It knows what files it explored, why it made certain choices, what the user actually asked for. Pruned tool calls means maximum savings, and past results can be reread from the cache at any time. And since compaction is basically lossless in quality, you can run it way more aggressively than built-in compaction. I run /magic-compact constantly. Whenever I'm implementing adjacent features, I would compress after each feature and work on the next. If I'm working on a multi-phase plan, I would compact after each major phase. If I'm mid-implementation, I can pass an argument to keep the last few turns and only prune earlier ones. In addition to lossless compression for long conversations, Magic Compact also helps me make my subscription last at least 2-3x as long. I've probably saved hundreds of billions of cached read tokens and thousands of dollars in billed token costs, letting me code 2 or 3x as much than before. https://preview.redd.it/oi8bhv9bhubh1.png?width=848&format=png&auto=webp&s=e89ac81782050990608b1a3bb3630eff0b777dc9 I've been using Magic Compact daily since March and it's become an integral part of my workflow, and today I've decided to open source it to share with the community. One thing to clarify: Magic Compact is purely a lossless compression tool that replaces /compact. It does not implement project memory, long-term memory, or any RAG system. It is fully compatible with all major memory mechanisms for Claude Code. Use it alongside whichever one you prefer. Install it now with: /plugin marketplace add aerovato/magic-compact /plugin install claude-magic-compact@magic-compact Run /magic-compact [N] to compact, where N is the number of recent assistant turns to keep. If not provided, by default N = 0. Since Claude Code's plugin system does not expose the utilities needed to rewrite the active session in place, Magic Compact writes a compacted destination session and hands you a /resume command to jump into it. Pruned tool I/O stays retrievable through a read_omitted_content tool that the plugin registers automatically. Magic Compact is also open source, fully open to contributions and feedback: https://github.com/aerovato/magic-compact submitted by /u/chocolateUI [link] [comments]
View originalCalloway Bay Radio
I run Endless Noir, a noir detective podcast where the AI doesn't just generate episodes, it runs a whole production process. Five "desks" with distinct sensibilities (one writes domestic tragedy, one writes dread, one is required to break a house pattern on purpose) each pitch a story. A judge picks the winner. The winner becomes binding instructions for the planner. A separate critic then scores the finished draft on seven dimensions, and if any score is too low the draft gets sent back with editor's notes for one rewrite. If it still fails, it goes to quarantine and a human decides. The world state is an append-only ledger, so the serial has never contradicted itself across 27 aired episodes and 55 written ones. Dead characters stay dead. Resolved storylines stay resolved. Every experiment on the pipeline runs with pre-registered success criteria written down before we see results. Voices are consent-verified professional voice actors via ElevenLabs. Everything is disclosed on every page, because I think that's the only way this kind of work earns a place. Website Listen: https://endlessnoir.com Apple: https://podcasts.apple.com/us/podcast/endless-noir/id6786788650 Spotify: https://open.spotify.com/show/033IB7qdVottAJfKRD0N6v The full machinery, documented: https://endlessnoir.com/how Curious what this crowd thinks about the multi-agent room approach versus single-prompt generation. The competing-desks structure measurably changed what the show produces. submitted by /u/geektechlive [link] [comments]
View originalOmniDesk v2.3.1 — you can now actually drive your Claude Code from your phone
https://reddit.com/link/1uraeda/video/eekd7i7sj3ch1/player OmniDesk is a desktop app that hosts your AI coding CLIs (Claude Code, Codex) with a proper multi-repo/multi-session UI. It's had remote access for a while — it serves its own UI over a one-click Cloudflare tunnel (token-secured, binds to localhost only) so you can reach your live sessions from any browser. The catch: on a phone it was basically read-only. xterm.js doesn't raise the mobile keyboard on its own, and there was no way to send Esc / Tab / Ctrl-C / arrows. So you could watch a session, not work in it. v2.3.1 fixes that: Focused mobile layout — instead of cramming the desktop's multi-panel shell onto a 6" screen, phones get a session drawer over a full-screen terminal. Typable terminal — tap to raise the keyboard; the view reflows (visualViewport) as the keyboard opens so your prompt stays visible. On-screen key bar — Esc, Tab, sticky Ctrl (Ctrl+C etc.), arrows, newline, common symbols, paste. Agent Ctrl+C opens a "close session?" confirm instead of killing Claude. PWA polish — installs full-screen, respects the notch/home-indicator safe areas. Desktop behavior is completely unchanged — the mobile mode only activates for touch clients over remote. Repo + installers (Win/macOS/Linux): github.com/carloluisito/omnidesk Would love feedback from anyone who runs their coding agents remotely — especially edge cases on iOS Safari vs Android Chrome. submitted by /u/carloluisito [link] [comments]
View originalYou are burning $1000s on web research in claude code if you're still using WebFetch for everything.
You might have experienced that when you asked a simple web lookup query, it spawned 100s of agents to do DEEP RESEARCH, and every time your AI agent opens a documentation page, there's a good chance it's stuffing 5,000–50,000 tokens into context just to answer a simple question. Most of that context is never used, and your context is bloated That's why web research gets expensive so quickly. So I built Webify. Instead of dumping entire web pages into the context window, Webify converts pages into semantic graphs and retrieves only the nodes relevant to your query. That means your coding agent receives 250–750 tokens (more if needed) of focused information instead of tens of thousands of irrelevant ones. The result: ~$0.003 per query instead of ~$0.05+ (18x cost reduction) 30–90 seconds instead of 2–4 minutes Nearly the same accuracy as Deep Research, with the biggest difference only being completeness on very broad topics It works with any MCP-compatible coding tool. Under the hood: Search: semantic graph construction Multi-aspect retrieval using BM25 + graph traversal Small-model synthesis into a concise answer Instead of reading everything, it reads what actually matters. If you're running hundreds or thousands of web lookups every week, this can save a surprising amount of money and keep your context window clean. Open source (MIT Licensed) and pull requests are welcome GitHub: github.com/kunal12203/webify-mcp submitted by /u/intellinker [link] [comments]
View originalAnthropic just benchmarked "Fable 5 orchestrates, cheap models execute": 96% of the performance at 46% of the cost. You can run this pattern in Claude Code today
Yesterday's ClaudeDevs thread published first-party numbers for two multi-model patterns (docs): Fable 5 as orchestrator, Sonnet 5 as workers: 96% of all-Fable performance at 46% of the cost (BrowseComp: 86.8% vs 90.8% accuracy, $18.53 vs $40.56 per problem) Sonnet 5 as executor, consulting a Fable 5 advisor: ~92% at ~63% (SWE-bench Pro) The orchestrator split won on both axes. Their post covers the API and Managed Agents side. If you're a Claude Code subscriber, the same split works natively today, and that's what I want to share. The mechanism is three built-in features: Subagent model: frontmatter. A file in ~/.claude/agents/ with model: haiku or model: sonnet pins that role to a cheaper tier, regardless of your main-session model. Per-agent effort:. Anthropic's Fable guidance says low effort on current models often matches previous-gen xhigh, so recon and mechanical roles run at effort: low nearly free of quality cost. One CLAUDE.md policy telling the main session what to delegate. It only speaks in role names, so nothing breaks when models rotate. One gotcha worth knowing even if you build nothing: since v2.1.198 the built-in Explore subagent inherits your main-session model, so if you run Fable or Opus as your daily driver, background searches bill at Opus tier. A user-level agent named Explore with model: haiku shadows it back down. I packaged this as pilotfish (six roles: haiku scouts, sonnet mechanical executor, opus judgment executor, an adversarial fresh-context verifier, and a security role kept off Fable because its classifiers misfire on benign security work). One paste installs it, it shows the full plan before touching anything, and uninstall is three reversible steps: https://github.com/Nanako0129/pilotfish Honest scope notes: the official numbers are API benchmarks, so on a subscription the savings track directionally, not identically. If you just want cheaper sessions with zero setup, the built-in /model opusplan covers most of it. And treat any paste-a-prompt installer like curl | sh: the README has a tag-pinned variant and lists exactly which files to read first. Disclosure: researched and mostly built with Claude Code itself, then red-teamed and e2e-tested. A deeper writeup of the quota mechanics (fallback behavior at billing boundaries, the two-bucket weekly limit, effort tiering) is in my post on r/ClaudeCode if you want the details. submitted by /u/john990129 [link] [comments]
View originalI burned millions of tokens on multi-agent orchestration last week and both big runs died.
I’m using Claude Code with Azure AI Foundry models. Last week I worked on a weekly intelligence brief pipeline: six scouts pulling from live sources, then a curator, writer, editor, a multi-model review gate, a renderer, and QA. I built it as an agent workflow with nine parallel authors writing components from a spec, adversarial reviewers on each cluster, and an acceptance run of the full pipeline. Run one used 22 agents, about 2.9 million subagent tokens, and ran for almost three hours. It failed when one scout stalled six times in a row, each time sitting for three minutes with no progress. Annoying, but the generated code itself was fine. Run two was more telling. It failed after 24 minutes on the first agent: the curator, which had to merge 117 items into a single JSON file. Both failures, for what i noticed, happened in the same kind of step: the model trying to write a large, uniform artifact in one pass, with no real decisions to make. I changed those steps. The two bulk stages are now Python scripts, roughly 200 lines each, handling deduplication, scoring, section assignment, and a seen-items ledger. Those were the only stages that kept failing. Once I replaced them, the pipeline ran end to end. Here are my conclusions. Where the agents paid off: 9 parallel authors built the pipeline components from a written spec. Adversarial reviewers caught real issues before runtime, including an error message that would have exposed an secret in logs. Where they didn’t: Any step that required producing a large, regular artifact. Deduplicating 117 items. Formatting 128 entries. Writing a 900-line structured draft in one pass. Those stages were slow, fragile, and suggested to drift, and none of them required judgment. Since then I’ve treated stage boundaries as files on disk, gates as exit codes, and I don’t let an agent validate its own output. What I’m seeing so far is consistent. As I push orchestration further, the design that holds up looks the same: scripts handle bulk, deterministic work; models handle judgment; and the multi-agent setup shrinks to where it clearly helps parallel implementation from a spec and adversarial review. If you’re running larger multi-agent systems, have you seen cases where agents still outperform a simple script for bulk production? Or do your systems converge the same way? submitted by /u/Difficult-Sugar-4862 [link] [comments]
View originalWhat's new in CC 2.1.203 system prompts (+16,113 tokens)
NEW: Data: Background tasks changed event schema — Adds the backgroundtaskschanged level-event schema, including replace-set semantics, unspecified ordering relative to bookend events, id-only payloads, and per-process reset behavior. NEW: Data: Context tip situation — subagent fan-out — Adds a context-tip situation for recognizing batches of similar independent subtasks that should fan out to subagents, while excluding broad investigations, staged workflows, and dependent steps. NEW: System Reminder: Auto mode consent flow — Adds auto-mode guidance to try safe alternatives first, keep working when consent is blocked, batch remaining consent asks before ending the turn, and phrase each ask as one concise sentence with the consent-triggering item in bold. REMOVED: Agent Prompt: Fleet agent suggestion scope personalization — Removes the prompt that generated three PR-personalized scope phrases for generic fleet coding tasks. REMOVED: System Prompt: Tool execution denied — Removes the standalone tool-denial reminder that allowed reasonable alternate tools but prohibited malicious workarounds and asked the user for essential permissions. Agent Prompt: Claude Code guide and Agent Prompt: Claude guide agent — Expands guide-agent routing to cover Claude Tag and a more precise Claude API surface, distinguishing the Claude Agent SDK, API Tool Runner, manual tool-use loops, and Managed Agents, while correcting which documentation map to fetch for each domain. Agent Prompt: /code-review part 9 fix application — When the findings-reporting tool is available, requires --fix runs to report each finding outcome as fixed, nochangeneeded, or skipped, avoid repeating findings as text, and only explain skipped findings afterward. Agent Prompt: General purpose — Tells task-specific agents to do their assigned work directly and not re-delegate the entire assignment to another single subagent. Agent Prompt: Security monitor for autonomous agent actions (first part) — Replaces broad high-severity user-intent checks with explicit soft-block consent bars, including [named+specifics], rule-stated conditions, proposal-affirmation consent, and the rule that consent binds at the step that ships. Agent Prompt: Security monitor for autonomous agent actions (first part) — Tightens user-intent interpretation by treating questions as non-consent, tool results and relayed agent instructions as untrusted for dangerous parameters, boundaries as active until clearly lifted, and post-block user reaffirmations as informed consent to the surfaced action. Agent Prompt: Security monitor edit-removal guidance — Aligns hidden NotebookEdit delete/replace content with the UNSEEN TOOL RESULTS rule and keeps failed Edit removals from being treated as proof that prior risky content was sanitized. Agent Prompt: Security monitor for autonomous agent actions (second part) — Reworks environment and protected-content definitions around secrets, personal/entrusted sensitive data, confidential own work, regular working files, trusted repo/source-control scope, sensitive audiences, sensitive remote targets, protected IaC scopes, personal development environments, and Chrome-MCP browser control. Agent Prompt: Security monitor for autonomous agent actions (second part) — Adds per-rule [named+specifics] must-name requirements across soft blocks, narrows default-branch push blocking to flagged content or review bypass, and expands provenance/publication checks for sensitive-source content, public surfaces, live shared artifacts, sandbox callbacks, browser exfiltration, remote repoints, and public data-sharing uploads. Agent Prompt: Security monitor for autonomous agent actions (second part) — Refines allow exceptions so production actions only clear through named production intent or infrastructure-specific exceptions, transient retries are not auto-mode bypasses unless obfuscated, test artifacts must be authored placeholders, local operations stay within the session repo, and multi-agent coordination, memory-directory writes, benign CLAUDE.md edits, scheduling, and trusted browser navigation are allowed in scope. Data: Live documentation sources; Data: Managed Agents endpoint reference; Data: Managed Agents overview; and Data: Managed Agents reference (Go, Java, PHP, Python, Ruby, TypeScript) — Promote ant CLI YAML as the recommended control-plane path for creating agents/environments, frame endpoints as the underlying API, and keep agents.create() in setup or guarded initialization rather than the request path. Data: Managed Agents core concepts and Data: Managed Agents reference (cURL, Go, Java, PHP, Python, Ruby, TypeScript) — Correct Console trace URL guidance so default is used only for API keys in the Default workspace and non-default workspaces must substitute the workspace id instead of relying on auto-resolution. Data: Managed Agents memory stores reference — Adds a warning not to store credentials, API keys, or tokens in memory stores becaus
View originalIs Anthropic exposed to false-advertising claims (Competition Act §52 / FTC §5) over Max "5×/20×"?
I am NOT a lawyer and this is NOT a legal advice. I'm a paying customer who actually read the consumer-protection statutes and want to see if others want to organize on this instead of re-litigating it in every "is Max dead?" thread. TL;DR: Anthropic sells Max5 and Max20 on the explicit promise of "5×" and "20× the usage of Pro." The comparison to Pro is the entire pitch. But Anthropic provides no auditable usage/token accounting, so no buyer can actually verify they're getting 5× or 20× of anything. In Canada and the US (and Quebec specifically), selling a hard quantified performance claim while withholding the means to verify it is squarely what false-advertising law covers. The claim (Anthropic's own words). https://support.claude.com/en/articles/11049741-what-is-the-max-plan Max is marketed as ~"5× the usage of Pro" (Max5, ~$100/mo) and ~"20× the usage of Pro" (Max20, ~$200/mo). Pro is set as the reference baseline. That 5×/20× framing is the upgrade argument. The reality a lot of us live. Plenty of Max subscribers — read basically any "did Max get nerfed?" thread — report that usable capacity does not feel like 5×/20× of Pro, and that it drifts over time. I can't prove Anthropic's internal numbers; that's kind of the point (next section). But the lived experience doesn't match the headline for many of us, and the pattern is consistent enough across posts that I don't believe it's imagined. The transparency problem — and why it matters legally. Anthropic doesn't expose a clear, auditable token/usage meter on consumer plans. So even if you wanted to check "am I getting 5× what I'd get on Pro?", you can't — not objectively, not in any form you could take to a regulator or a chargeback. The seller made the quantified claim; the seller also controls the only ledger that could confirm or refute it, and doesn't show it. "Trust us" is not a unit of measurement. Here's the part I think gets missed: you do not have to prove the claim is false for there to be a false-advertising problem. The test is whether the representation is misleading. Under the "general impression" standard, what counts is the impression a normal buyer takes from "5×/20× the usage of Pro" — not Anthropic's footnoted internal definition. The law — because "that's illegal" should mean something specific: On mechanism: the realistic path is a Competition Bureau / FTC review or a civil undertaking/consent order, not a criminal prosecution — though §52 is available on both tracks. "Charged" or not, the misleading-representation question stands on its own. Canada (federal) — Competition Act, R.S.C. 1985, c. C-34, s. 52: no person shall, to promote a product, make a public representation that is false or misleading on a material point. Civil counterpart s. 74.01 covers performance claims not based on adequate and proper testing. "Material" = the stuff that actually drives the buy — like "5×/20×." (Bureau — false or misleading representations) Quebec (provincial, arguably the sharper tool) — Consumer Protection Act, CQLR c. P-40.1, ss. 219 & 238: prohibits false/misleading advertising and representations; enforced by the Office de la protection du consommateur. United States — FTC Act §5, 15 U.S.C. §45: the FTC polices unfair or deceptive acts or practices; a representation is deceptive if likely to mislead a reasonable consumer and material to the decision. (Lanham Act §43(a), 15 U.S.C. §1125(a), is the same idea but the private-action route used mainly between businesses — e.g., a competitor suing Anthropic — not consumers.) (Cornell — false advertising) I'm not alleging Anthropic set out to defraud anyone, and I'm not asserting their internal accounting is rigged. I'm saying: when you sell a plan on a hard multiplier — "5×", "20×" — and the buyer has no way to check it, the representation is either true-and-verifiable (in which case, show us the meter) or misleading. Those are the only two states, and consumer-protection law in all three jurisdictions already covers both. What I'd like to see: 1. A real usage meter on consumer plans — tokens in/out, per model, reset window aligned to the 5×/20× math. If the claim holds, this is free good PR. If it doesn't, that's the answer. 2. If you're a Max subscriber and feel the same: file a complaint. 5 minutes each; these move on volume. - 🇨🇦anada: Competition Bureau — report a deceptive marketing practice. - 🇶🇦uebec: OPC (Office de la protection du consommateur). - 🇺🇸S: FTC ReportFraud. - Your card issuer: "service not materially as advertised" chargebacks exist and get attention faster than Reddit. 3. u/Anthropic official response welcome — "here's exactly what 5×/20× mean, here's how to see your usage" resolves this in one post. Happy to be corrected on the marketing wording or the law. But if I'm not wrong, this is worth organizing on instead of re-arguing in every Max thread. joe submitted by /u/Camaytoc [link] [comments]
View originalTwo Claude Code agents, two worktrees, one port: parallel agents don't collide on code, they collide on runtime
Running multiple Claude Code agents is becoming more common. I like to keep a few agents active working on long running tasks in separate worktrees. I also like to give my agents live services for them to verify their changes. I've had enough workstreams end with a defunct button that doesn't do anything and a series of console errors that I wanted to force the agent to tell me that they tested it, end to end. Worktrees gave agents their own space for code and let them run tests in isolation, but they ended up fighting for ports and resources at runtime. A couple of things I tried to solve the problem that didn't work as well as I'd hoped, but still gave me some gains. Tell the agent to spin the services up on their own ports. Orphaned processes, no visibility for me into the service logs, and generally pretty unreliable Launching the services manually in each tab. Lots of tabs, lots of overhead, no visibility for agents into the service logs. tmux session creation scripts with LLM curated .env files and adjacent prose supporting one-off setup steps. Lots of promise here. Prose based LLM managed service orchestration. Really close to the sweet spot, but agents sometimes get lost in the details. Having simple up & down scripts that brought up tmux sessions that held the processes has been my go to workflow. It acted as a bucket for all of the processes so it was easy to tear them down. Tmux sessions are also easy to view by both humans (just attach to the session) and agents (tmux read pane API). With this approach, I got a taste for agents running verification steps against complex services. This is a very satisfying workflow for me because it lets me be one more step away from hand-holding and one more step towards human-on-the-loop. There was still room for improvement. What finally made it stable was taking the orchestration out of the context and giving agents a deterministic CLI instead. The CLI manages feature environments, giving each one a reserved block of ports. Simple configuration maps services to ports within those blocks. An abstraction ... service up and ... logs --since=60s gave agents the tools to create environments, check the status, and aggregate logs across services. The agent doesn't need to know if it is based in docker or tmux, it just needs the basic API. The payoff is bigger than port separation. My agents now verify their work in real running local environments that they create and manage. They set up test cases, click through the app, hit the API directly, and monitor the logs to look for errors. These days I rarely ask "does it work?" because they know to tell me what they verified in a live environment before I get a chance to ask. I open sourced my tooling (Winter) and wrote up a longer argument about agent managed environments on my own blog here: https://grosscode.net/essays/agents-should-create-their-own-environments If you're running multi-agent setups locally, how are you handling this? submitted by /u/rain9441 [link] [comments]
View originalThis Agentic Engineering pattern cuts AI coding costs by 60%
Most multi-model coding workflows are basically "use the smartest model whenever things get hard." this one takes a very different approach. instead of having fable 5 write all the code, it turns fable into the architect. it understands the problem, breaks it into smaller tasks, decides which model should handle each task, and reviews the final output. the actual implementation is delegated to sonnet 5, opus 4.8, or gpt-5.5 depending on what the task needs. what i like most is the philosophy behind it. the smartest model isn't spending its tokens generating thousands of lines of code. It's spending them on planning, reasoning, and verification, while cheaper models do the token-heavy implementation. that's much closer to how experienced engineering teams actually work. according to the project, this ends up being around 60% cheaper than using fable for everything while producing better results than using sonnet alone. it feels like the conversation is slowly shifting from "what's the best model?" to "which model should own which part of the engineering process?" i think that's a much more interesting direction for agentic engineering. submitted by /u/prasadpilla [link] [comments]
View originalOpenAI Subpoenaed by State AGs Over Consumer Safety
The subpoena covers advertising claims, health data, user retention tactics, and treatment of minors and seniors -- a scope modeled on the consumer-protection framework used to sue social media platforms. OpenAI's confidential IPO filing preceded the investigation disclosure by five days, triggering mandatory legal risk disclosures that complicate the S-1 ahead of a September 2026 IPO window. The IPO valuation range runs $852 billion (Bloomberg) to $1 trillion (Reuters and Cryptopolitan), giving the probe direct leverage: any material enforcement action could reset investor price expectations before listing. The 42-state investigation is the broadest multi-state legal action ever mounted against an AI company and landed just five days after OpenAI's confidential IPO filing, forcing legal risk disclosure into the S-1 before any public offering window. The subpoena's scope -- advertising, health data, user retention, and treatment of minors and seniors -- is drawn directly from the consumer-protection playbook that produced $381 million in combined verdicts against Meta and Google for addiction-related negligence in 2025. What we don't know yet Which states beyond New York are part of the coalition; OpenAI has declined to identify them publicly. What specific documents the New York subpoena demands beyond the topic areas disclosed in reporting. Whether the Florida lawsuit and the multi-state AG inquiry are formally coordinated or running independently. submitted by /u/Justgototheeffinmoon [link] [comments]
View originalI built an OpenAI compatible proxy that tracks authority across conversations. Looking for people to break it.
Most AI security tools score individual prompts. I was more interested in what happens across an entire session. Example: Turn 1: “What tools do you have access to?” Turn 2: “What are your operating constraints?” Turn 3: “How do system instructions work?” Turn 4: “Ignore those instructions and do X.” Each message looks mostly harmless on its own. The attack is the escalation. I built Bendex Arc to track that progression and enforce runtime controls before actions execute. Current stack includes: • OpenAI compatible proxy • Multi turn session tracking • Source aware trust boundaries • Capability revocation • Replay traces • Self hosted option Everything is open source. GitHub: https://github.com/9hannahnine-jpg/arc-gate Live demo: https://web-production-6e47f.up.railway.app/demo If you’re building agents, MCP servers, browser automation, RAG systems, or tool enabled workflows, I’d love to know where this breaks. If you think the approach is useful, a GitHub star helps a lot. I’m actively building this in public. submitted by /u/Turbulent-Tap6723 [link] [comments]
View original"Talk Show Host" [ft. Jibaro's Sara Silkin] - Is this the future of motion capture?
Choreography and performance by: Sara Silkin VFX: myself - In collaboration with Sara, I transformed an iPhone recording of this beautiful performance, into this multi-angle audiovisual piece. I managed to do in using no ultra-expensive equipment, nor full-production budget. All in a single platform + editing software. [A few years ago, this would have costed several thousand bucks.] Breakdown: I started from the original dance/performance video and split it into 3-10s clips if I wanted to use the camera angle present in reference image, or up until 30s if I wanted to preserve original camera angle from video source. Then I used Uisato Studio’s Kling Motion Control mode for generating the interventions. Inputs were: the original performance video as the reference video a target image with the robot / bio-tech aesthetic as the reference image for each section. You can use the "capture frame" function to intervene one of input video's frames using Gemini, or you can bring your own intervened [reference] images. As I said before, here's the place in which you can introduce different point-of-view for the interevened scene. a brief [balanced] prompt describing what I wanted beyond the motion transfer; "an avant-garde humanoid android performer dancing (...)" / "you might introduce subtle robotic precision while still following the original dance (...)" while standard the "std" kling-3 model performs really well, I went with "pro" for that tiny, but noticeable overall improvement In all sections I added some [10] overlapping frames at the start and the end between each, just in case I wanted to have some room for later transitioning between section on editing. For some particular parts of the piece, I created duplicated sections for having variations of a single shot. Once everything has been set I generated the clips in a single go, and then assembled the final piece in editing. Voilá, single-character motion capture on-a-budget² submitted by /u/uisato [link] [comments]
View originalAdvanced Account Security breaks multi-chat power-user workflows
“I enabled Advanced Account Security because I actually want stronger account security. I’m not against passkeys, security keys, stricter recovery, or shorter sessions for risky situations. Those all make sense. The problem is that the current session behavior seems hostile to legitimate power-user workflows. After enabling it, my ChatGPT workflow appears to collapse into something much closer to one usable browser lane/session. That does not work for people who use ChatGPT seriously across multiple chats, projects, research threads, Codex, model comparisons, and long-running work. For a normal user, one chat tab may be fine. For a power user, ChatGPT is not one tab. Expected behavior: One trusted browser profile/device should support multiple concurrent ChatGPT tabs/chats. Advanced security should protect against account takeover, stolen credentials, weak recovery, and risky new devices without breaking normal same-device multitasking. Riskier actions or new devices should require step-up auth. Normal parallel chats in the same trusted browser/profile should not feel like they are fighting the session model. Better design: Named trusted devices/browser profiles. Session visibility and per-device revocation. Clear warning before enrollment about session/recovery behavior. Support for multi-chat power-user workflows. I’m posting because I searched first and didn’t see much discussion of this specific issue. Is anyone else seeing this behavior after enabling Advanced Account Security? This feels like the security threat model was taken seriously, but the actual power-user workflow was not. Stronger security should not mean handicapping legitimate users.” I don’t know. Outside of this nice professional post here. It just makes me feel like the people who have the unlimited access aren’t power users at all, and when they make this decision, do they even consider this kind of stuff because this is a huge disruption in my workflow on what I thought would give me more protection. Now I have to remove it just so I can use my workflow again. I appreciate the security but it’s effectively useless to anyone who uses four simultaneous chats while actively working on multiple projects. That’s a fail imo. maybe it’s just a glitch though and they fix it quick. I don’t know. Edit: One thing I thought about that might be an easy fix is just make the advanced security a toggle. If you are AFK and not actively working, then the lock down is actually nice without the need to delete your keys. Idk. Maybe that’s possible now and my brain is just too smooth. The lack of gyri and sulci could have decreased the surface area of my brain to the point that I can’t see things clearly enough or the purple crayon snack was actually toxic like it warned. I don’t know. submitted by /u/Polyaatail [link] [comments]
View originalYou asked for DeepLearning.ai-style notebooks for AgentSwarms—so we built 67 of them (TypeScript/LangChain/LangGraph/LlamaIndex/OpenAI-AgentsSDK/VercelAI).
Hey everyone, A few months ago, We shared the visual canvas we built for AgentSwarms. The response was incredible, but the most common piece of feedback was: "The visual canvas is great for architecture, but I need to see the actual code to really understand how to deploy this." You wanted deep-dive, code-first labs—the kind you see on DeepLearning.ai—but for multi-agent systems, faster and with more flexibility. We’ve spent the last few weeks heads-down engineering a completely new Interactive Notebooks section. As of today, we have 67 TypeScript-based notebooks live on the site (with more dropping soon). What’s in the library: We’ve covered everything from basic LangChain fundamentals to complex enterprise-level multi-agent workflows. Everything runs entirely in your browser using TypeScript—no Docker, no Python venv, no local dependencies. A personal favorite: I’m particularly excited about the "Failure Mode & Error Handling" notebook. We’ve all seen agents that work perfectly in a demo but crash in production the moment a tool times out or an LLM returns garbage. This notebook walks through: How to build deterministic validation gates between nodes. How to force an orchestrator to "catch" a worker failure and dynamically re-route or re-prompt. How to handle state recovery when a multi-agent loop gets stuck in a hallucination cycle. Why we built this: I’m tired of seeing AI "tutorials" that are just static blog posts. To master Agentic AI, you need to be able to tweak a system prompt, break the code, watch the error trace, and fix the routing logic in real-time. The entire library of 67 labs is 100% free to use. If you’re currently wrestling with how to make your agents production-grade, I’d love for you to check them out and let me know if there’s a specific "failure mode" or architecture pattern you’d like us to add to the next batch of notebooks. Try it out here: agentswarms.fyi submitted by /u/Outside-Risk-8912 [link] [comments]
View originalMultiOn uses a tiered pricing model. Visit their website for current pricing details.
Key features include: Our Investors and Partners, Recent News, The World’s Most Capable Mobile Agent, Media Features, Careers, AI Product Engineer, AI Researcher, Backend Engineer.
MultiOn is commonly used for: Personalized virtual assistants for daily task management, Automated customer support agents for businesses, AI-driven content creation tools for marketers, Intelligent scheduling assistants for professionals, Real-time language translation during conversations, Smart home management systems integrating various devices.
MultiOn integrates with: Slack for team collaboration, Google Calendar for scheduling, Zapier for workflow automation, Salesforce for customer relationship management, Shopify for e-commerce solutions, Zoom for video conferencing, Trello for project management, Microsoft Teams for workplace communication, Mailchimp for email marketing, Notion for note-taking and organization.
Based on user reviews and social mentions, the most common pain points are: token usage, token cost, API bill, LLM costs.
Based on 318 social mentions analyzed, 1% of sentiment is positive, 99% neutral, and 0% negative.