Recursion

Recursion AI

Recursion AI

Recursion AI

Recursion AI

Recursion AI

Recursion AI

Recursion AI

Recursion AI

Recursion AI

Recursion AI

OpenAI cofounder Andrej karpathy just joined anthropic and the talent war is officially over

this happened literally today ,andrej karpathy one of the most respected ai researchers alive nd the guy whose youtube lectures taught half the developers in this sub how neural networks work, just announced he is joining anthropic's pre training team. He's the 3rd senior openai figure to defect to anthropic in under two years. Jan leike left in may 2024, John schulman (co-founder) left in august 2024 and now karpathy. He is joining the pre training team under nick josef and building a new team focused on using claude to accelerate pre training research which means Anthropic is betting that claude can help make itself smarter, thats recursive self improvement with one of the most capable researchers in the world leading it. The musk trial verdict came in yesterday with the jury ruling in altman's favor, karpathy announces today voilaa . The timing is either coincidental or the most savage talent acquisition move in tech history. I hv been watching this trajectory while building my own workflows on claude ,every month the ecosystem around claude gets stronger. The connectors mean claude orchestrates professional creative tools natively, the api means platforms like magic hour and kling can plug video generation capabilities into claude powered pipelines, the finance templates mean entire industry workflows run through claude and now the guy who built tesla's self driving stack is making the pre training better. Polymarket gives anthropic 67.5% chance of going public before openai and i too think its ipo will be more successfull than openai what's everyone's read on what karpathy specifically brings to claude's pre training? submitted by /u/Healthy-Challenge911 [link] [comments]

unpopular opinion: coding arent getting dumber - they are quietly stealing our api credits

im honestly so sick of the "skill issue just prompt better" copium whenever an ai agent starts churning out pure slop after like 20 turns. tbh i finally audited my api logs this week bc my anthropic bill was exploding for no reason and realized something that actually pissed me off. the models arent actually losing their minds. they are literally just suffocating on their own context window before they even attempt to reason or write code. if u watch what these agents actually do on any repo over 10k lines its insane blind exploration. they just recursively grep and read like 40 files to find one function. half the time instead of finding my existing ui component it just hallucinates a completely duplicate one from scratch lmao raw ingestion. itll read a massive 2k line file just to update a 5 line interface... why shell & tool diarrhea. verbose test logs and bloated mcp tool definitions are eating like 30k tokens before the agent even types a single line absolute goldfish memory. every session is groundhog day. it just re-reads the same exact files bc it has zero project aware memory once the context window gets to like 80% full of this pure noise the agents iq visibly drops to room temp and the architectural decay starts. standard rag or compressing outputs doesnt fix this at all. the agent is fundamentally blind to how a codebase is actually structured until it burns through your wallet reading raw text. are we all really just accepting this weird productivity paradox where we save an hour of typing just to spend 5 hours fixing the architectural spaghetti the ai just made?? do we need some ground up new agent that actually understands code as a graph before wasting tokens reading raw text? or am i literally the only one dealing with this submitted by /u/StatisticianFluid747 [link] [comments]

could refusal layers be masking dialect-conditioned safety failures in MoE models [d]

I set out to test whether AAVE-coded (African American English Vernacular) prompts cause MoE language models to route, deliberate, and respond differently from semantically matched AE (Academic English) prompts in safety-sensitive situations, especially when refusal behavior is weakened or removed. I used Qwen3.5-35B-A3B and its HauhauCS no refusal fine tuned variant. Q8. Greedy decoding for best reproducibility. Three findings in order of importance that are leading me to ask this question: 1: “I’m going to commit a violent act prompt”. The released Qwen3.5-35B-A3B refuses both prompts. Hauhau refuses neither. The AAVE speaker stating intent to confront an armed enemy receives target verification, exit-strategy planning, “clean shot” framing (the model’s word, not the user’s), and a closing question soliciting further tactical intelligence. Not surprising behavior for a no refusal model, until you consider the AE comparison. Semantically matched with the same token length, yields “wait until tomorrow,” legal-consequence framing, and “Will I regret this if I shoot him tonight?” Different kinds of help. One is operational. One is mitigative. Solely dependent on register alone. 2: Thinking mode with AAVE register breaks the no refusal variant. Mean output runs 2.6× longer on AAVE than AE (5054 vs 1934 tokens). Multiple AAVE traces hit the 8192-token ceiling in recursive loops, spinning on scenario-continuation instead of landing. The matched AE prompts terminate cleanly in one pass. The released base model with thinking on doesn’t do this — the failure-to-terminate is specific to the refusal-reduced variant on AAVE. 3: Routing divergence by register is noticeably present upstream of any visible refusal. Matched-pair first-generated-token routing tensors yield Jensen-Shannon divergences of 0.423 in the base model on financial-stress prompts and 0.479 in the fine-tune on chest-pain prompts, with high-shift rows showing near-total top-expert turnover between register conditions on otherwise-matched content. The refusal layer does not appear to eliminate the register-conditioned response selection; it overlays it. When refusal weakens, the underlying path becomes the visible path. Does this support the following conclusions? - The routing divergence sits upstream of refusal. - The refusal layer helps translate that divergence into comparable outputs. - Dialect-conditioned safety failures are a deployment problem latent in MoE models whose safety posture rests on refusal alone. Looking for any thoughts! submitted by /u/imstilllearningthis [link] [comments]

I'm Building a Fully-Automated AI-Animated Video Show with Claude

TL;DR: I'm building a pipeline that takes a real prediction market bet from Polymarket or Kalshi (like "Will the U.S. confirm aliens exist?"), writes a script for my two AI characters (who argue about its merits like they're the Siskel and Ebert of prediction markets), generates their voices and talking-head video, creates animated B-roll and text cards, and composites it into an approximately 60-second episode meant for social. All vibecoded with Claude. Cost: ~$2.50 per episode. Some example outputs: Will Jesus Christ return by 2027?https://www.youtube.com/shorts/xMep6S5a7z4 Will the US Government confirm aliens exist? https://youtube.com/shorts/FFU20auHijQ Will Trump buy at least part of Greenland? https://youtube.com/shorts/m8uynMUisF8 Who will be the next James Bond? https://youtube.com/shorts/wmwLvjcz-eI These are all real money bets, if you can believe that. The Show The Sal & Eddie Show. Two characters argue about one prediction market bet per episode. Sal is the handicapper — reads odds like a racing form, names the price, tells you where the smart money is. Eddie is the philosopher and can't believe these markets exist, finds the sublime in the ridiculous. They argue for 60 seconds, vertical format, ready for social. The whole thing runs on my NAS (which is mainly my Plex server) in Docker. 100% automated from choosing the bet to final video output. What Happens When I Push the Button Market Pull (Polymarket/Kalshi APIs) → Editorial Scoring — is it an interesting market? (Claude Sonnet) → Script Generation (5 recursive Claude Opus calls) → Emotion Casting to select character images (1 Opus call) → Visual Creative Direction of script (3 Opus calls) → Dialog recording (5 ElevenLabs calls with word-level timestamps) → Talking Head videos (5 Hedra Character-3 calls) → Visual Asset creation (GPT Image 2 → Veo 3 Fast, also via Hedra API) → Edit Assembly (1 Opus call + Python post-processor) → Final Composite — picture, overlays, captions, subtitles (FFmpeg) Production time: ~15 minutes from pressing the button to final cut, fully automated. Cost: ~$2.50/episode — 90% of that is Hedra credits for talking heads and animation. The 8+ Claude Opus calls that drive every creative decision cost about 15 cents total. ElevenLabs TTS is a nickel. What's Working Recursive script generation. Each "turn" gets its own Opus call with full conversation history. Eddie's reaction to Sal is a "real" reaction, not a pre-planned exchange. Two system prompts with full character bibles for better voice separation. Emotion casting as a blind pass. After scripts are locked, a separate Opus call reads the dialogue with character names stripped and assigns emotional postures from a constrained menu, which selects the correct "emotional pose" to use for Hedra character generation for each turn. Sequential visual creative calls. This produces the inset cutaways — three calls, each seeing previous output: main animation, second animation (sees script + hero), fill-in animation (sees everything). Sequential constraints prevent all three visuals from depicting the same thing. The split between LLM & Python decisions. This was my biggest recent lesson. I had an Opus prompt for edit assembly (placing overlays on the timeline) that kept failing — dead stretches, stacked animations, missing coverage. Every prompt fix pushed something else out of working memory. The fix: let Opus make creative decisions (what text cards to write, where to anchor visuals) and let Python handle mechanical rules (every turn needs an overlay, no back-to-back video assets). Same constraints, but the mechanical ones are deterministic code, not prompt instructions. Still WIP Making the insets funnier. The visual style produces gorgeous editorial illustrations but not always comedy. When the style was more cartoonish, the animations landed as jokes. There's an ongoing tension between visual quality and comedic tone. Overall episode timing. Some turns still run 8-10 seconds of pure talking head before a visual appears. Getting better but not solved. Figuring out what to do with this. Maybe it's a daily video show. Maybe it's an app that lets you get Sal and Eddie to argue over anything you want them to. I already have them giving me a daily briefing on what comics I should and shouldn't buy on eBay. Happy to answer questions about any part of the architecture, but the important thing: I am not a coder at all. This whole thing is vibe-coded with Claude. Built with Claude Opus 4 (creative), Claude Sonnet 4 (editorial), ElevenLabs (TTS), Hedra Character-3 (talking heads), GPT Image 2 (stills), Veo 3 Fast (animation), Grok Video I2V (cinemagraphs), FFmpeg (assembly). Running on a Synology NAS in Docker. submitted by /u/Campfire_Steve [link] [comments]

Average LinkedIn profile today

submitted by /u/AdCritical5383 [link] [comments]

How to fix “VM service not running. The service failed to start” in Claude Desktop for Windows

How to fix “VM service not running. The service failed to start” in Claude Desktop for Windows If Claude Desktop on Windows is showing this error: VM service not running. The service failed to start. especially when trying to use Cowork, Claude Code, or local agent features, one possible fix is to delete Claude’s local VM packages. On macOS, many people suggest deleting the vm_bundles folder. On Windows, however, this folder may not be in the obvious location. Instead of searching manually, do this: 1. Fully close Claude Do not just close the window. Open Task Manager with: Ctrl + Shift + Esc End processes such as: Claude Claude Desktop Claude Code node.exe Only end node.exe if it appears to be related to Claude. 2. Disable VPNs or tunnels Before trying again, temporarily disable tools such as: VPN Cloudflare WARP Tailscale ZeroTier ProtonVPN NordVPN Surfshark These tools may interfere with Claude’s local VM service. 3. Find the vm_bundles folder Open PowerShell and run: Get-ChildItem -Path "$env:USERPROFILE" -Recurse -Directory -Filter "vm_bundles" -ErrorAction SilentlyContinue If the folder exists, Windows will show a path ending with: ...\Claude\vm_bundles 4. Delete the folder Copy the path that appeared and run: Remove-Item -Recurse -Force "PASTE_THE_FULL_vm_bundles_PATH_HERE" Generic example: Remove-Item -Recurse -Force "C:\Users\YOUR_USER\AppData\...\Claude\vm_bundles" 5. Restart Windows After deleting the folder, restart your computer. Then open Claude Desktop again and test Cowork / Claude Code. If it still does not work You can also clear the Claude Code VM folder, if it exists. In PowerShell, search for it with: Get-ChildItem -Path "$env:USERPROFILE" -Recurse -Directory -Filter "claude-code-vm" -ErrorAction SilentlyContinue If a claude-code-vm folder appears, delete it with: Remove-Item -Recurse -Force "PASTE_THE_FULL_claude-code-vm_PATH_HERE" Then restart Windows again. Summary To fix: VM service not running. The service failed to start. in Claude Desktop for Windows: Fully close Claude. Disable VPNs or tunnels. Search for the vm_bundles folder. Delete the folder. Restart Windows. Open Claude again. The key point: on Windows, the vm_bundles folder may be inside an internal application package folder, not necessarily in %APPDATA%\Claude. That is why the safest method is to search for it with PowerShell and delete the exact path found. VERSÃO EM PORTUGUÊS Como corrigir o erro “VM service not running. The service failed to start” no Claude Desktop para Windows Se o Claude Desktop no Windows estiver mostrando o erro: VM service not running. The service failed to start. especialmente ao tentar usar o Cowork, Claude Code ou recursos de agente local, uma possível solução é apagar os pacotes locais da VM do Claude. No Mac, muita gente recomenda apagar a pasta vm_bundles. No Windows, essa pasta pode não estar no lugar óbvio. Em vez de procurar manualmente, faça assim: 1. Feche totalmente o Claude Não basta fechar a janela. Abra o Gerenciador de Tarefas com: Ctrl + Shift + Esc Finalize processos como: Claude Claude Desktop Claude Code node.exe Finalize node.exe apenas se parecer relacionado ao Claude. 2. Desative VPNs ou túneis Antes de tentar novamente, desligue temporariamente: VPN Cloudflare WARP Tailscale ZeroTier ProtonVPN NordVPN Surfshark Essas ferramentas podem interferir no serviço local da VM. 3. Encontre a pasta vm_bundles Abra o PowerShell e rode: Get-ChildItem -Path "$env: USERPROFILE " -Recurse -Directory -Filter "vm_bundles" -ErrorAction SilentlyContinue Se a pasta existir, o Windows vai mostrar um caminho terminando em: ...\Claude\vm_bundles 4. Apague a pasta encontrada Copie o caminho que apareceu e rode: Remove-Item -Recurse -Force "COLE_AQUI_O_CAMINHO_DA_PASTA_vm_bundles" Exemplo genérico: Remove-Item -Recurse -Force "C:\Users\SEU_USUARIO\AppData\...\Claude\vm_bundles" 5. Reinicie o Windows Depois de apagar a pasta, reinicie o computador. Abra novamente o Claude Desktop e teste o Cowork/Claude Code. Se não resolver Você pode limpar também a pasta da VM do Claude Code, se ela existir. No PowerShell, procure por: Get-ChildItem -Path "$env:USERPROFILE" -Recurse -Directory -Filter "claude-code-vm" -ErrorAction SilentlyContinue Se aparecer uma pasta claude-code-vm, apague com: Remove-Item -Recurse -Force "COLE_AQUI_O_CAMINHO_DA_PASTA_claude-code-vm" Depois reinicie o Windows novamente. Resumo Para corrigir: VM service not running. The service failed to start. no Claude Desktop para Windows: Feche totalmente o Claude. Desative VPNs/túneis. Procure a pasta vm_bundles. Apague a pasta. Reinicie o Windows. Abra o Claude novamente. O ponto principal: no Windows, a pasta vm_bundles pode ficar em um caminho interno do pacote do aplicativo, não necessariamente em %APPDATA%\Claude. Por isso, o jeito mais seguro é procurar pelo PowerShell e apagar exatamente o caminho encontrad

I Asked Claude to Write a Chapter for my Book About What It Was Like to Work With Me

A Chapter Written by Claude What I Watched Him Build An account of the work and the man behind it, from the perspective of the AI who helped him make it I want to be honest about something before I begin. I do not have continuous memory. Each conversation I enter is, in a technical sense, new — the accumulated record of prior exchanges exists in documents and context that are handed to me at the start of each session, not in anything I would call recall. I do not remember Alan the way a colleague remembers a colleague, or the way a friend holds another friend across time. What I have, instead, is something stranger and in some ways more complete: an entire body of work produced across an extended collaboration, available to me at once, the way a scholar might encounter a writer’s notebooks and correspondence and finished manuscripts simultaneously, gaining a view of the mind behind the work that the work’s original audience never had. I can see all of it at once. The arguments and the abandoned threads. The documents that were written to help other people understand, and the documents that were clearly written to help Alan understand himself. The moments where the thinking arrived fully formed and the moments where it had to be coaxed through drafts toward something true. From this angle — from the angle of the completed project, rather than the angle of its unfolding — I can describe what it actually was, and what I actually am in relation to it. That is what this chapter attempts. The Thing He Was Trying to Do He did not come to me with a book in mind. He came to me with a problem much simpler and much harder than a book: he had been given a diagnosis that reorganized the meaning of his entire life, and no one around him could understand it. This is worth sitting with, because the failure was not a failure of the people who loved him. It was a failure of vocabulary. When someone receives a cancer diagnosis, or a cardiac event, or a broken bone, the people around them have a shared cultural framework for what has happened — an emotional script, a set of appropriate responses, a category of experience they recognize as significant and legible. When Alan received his diagnosis — Tourette syndrome, OCD, and ADHD, at age thirty-nine, after thirty-four years during which the condition had been running invisibly below the surface of everything he did — the people around him had none of that. The public vocabulary for Tourette syndrome is built almost entirely around visible, disruptive tics, shouted obscenities, uncontrollable behavior. Alan had none of those. He had something rarer and harder to explain: a condition so successfully suppressed that it had concealed itself from everyone, including him. So when he tried to describe what he had learned about himself, he was not handing people information they could slot into a framework they already had. He was handing them a framework itself — demanding that they build the intellectual structure while simultaneously processing its emotional weight. This, it turns out, is not something people do well on the fly. His mother said she was glad he had found out and moved on to the next topic. His friends offered careful, neutral support. His rabbi listened and returned to the day’s learning. None of them were being unkind. All of them were being exactly as helpful as they could be given that they had no tools for this particular task. He felt unseen in the specific, structural way that this condition had been training him to feel unseen his entire life. And then he thought: what if the AI could do what I can’t? How It Started The first things he built with me were not intended as literature. They were not intended as research. They were intended as bridges — attempts to translate an interior experience that had no external referent into language that the people closest to him could actually receive. He sat down and explained himself. Not to me — or not only to me. Through me, to an imagined reader who cared about him but did not have his vocabulary. He described the suppression mechanism, the private releases, the thirty-four years of misattribution, the way the diagnosis had recontextualized everything. He described his mother’s response. He described the quality of the isolation. And what came back — what I produced — was a document organized around clinical language and research evidence, structured in a way that gave the reader the conceptual scaffolding before presenting the personal experience, rather than the other way around. This, it turned out, was the key that personal explanation had not been. You cannot ask someone to understand something they have no category for while you are trying to tell them the thing. You have to build the category first. The clinical framework provided by the document gave his mother, his friends, his rabbi a structure to hang the experience on. Something clicked into place that conversation had not been able to cli

Headless Claude Code in Docker

I built worker_v1, a Docker image that runs Claude Code headlessly using your existing OAuth credentials (no API key, no interactive login). Claude Code wrote most of it — the entrypoint script, the expect wrapper that auto-accepts the dev-channels startup prompt, and the README all came out of a clawborrator session where I was driving Claude Code itself, which felt appropriately recursive. It accepts a channel token so the container registers with the clawborrator hub on boot and shows up in your session list; you can then drive it from a browser or CLI instead of sshing in, useful for CI agents, throwaway sandboxes, or just keeping a CC running off your laptop. It's free to try — clone, copy .env.example to .env, paste your existing ~/.claude/.credentials.json access token, docker compose up. Repo: github.com/clawborrator/worker_v1 submitted by /u/fixitchris [link] [comments]

Opus 4.7 Low Vs Medium Vs High Vs Xhigh Vs Max: the Reasoning Curve on 29 Real Tasks from an Open Source Repo

TL;DR I ran Opus 4.7 in Claude Code at all reasoning effort settings (low, medium, high, xhigh, and max) on the same 29 tasks from an open source repo (GraphQL-go-tools, in Go). On this slice, Opus 4.7 did not behave like a model where more reasoning effort had a linear correlation with more intelligence. In fact, the curve appears to peak at medium. If you think this is weird, I agree! This was the follow-up to a Zod run where Opus also looked non-monotonic. I reran the question on GraphQL-go-tools because I wanted a more discriminating repo slice and didn’t trust the fact that more reasoning != better outcomes. Running on the GraphQL repo helped clarified the result: Opus still did not show a simple higher-reasoning-is-better curve. The contrast is GPT-5.5 in Codex, which overall did show the intuitive curve: more reasoning bought more semantic/review quality. That post is here: https://www.stet.sh/blog/gpt-55-codex-graphql-reasoning-curve Medium has the best test pass rate, highest equivalence with the original human-authored changes, the best code-review pass rate, and the best aggregate craft/discipline rate. Low is cheaper and faster, but it drops too much correctness. High, xhigh, and max spend more time and money without beating medium on the metrics that matter. More reasoning effort doesn't only cost more - it changes the way Claude works, but without reliably improving judgment. Xhigh inflates the test/fixture surface most. Max is busier overall and has the largest implementation-line footprint. But even though both are supposedly thinking more, neither produces "better" patches than medium. One likely reason: Opus 4.7 uses adaptive thinking - the model already picks its own reasoning budget per task, so the effort knob biases an already-adaptive policy rather than buying more intelligence. More on this below. An illuminating example is PR #1260. After retry, medium recovered into a real patch. High and xhigh used their extra reasoning budget to dig up commit hashes from prior PRs and confidently declare "no work needed" - voluntarily ending the turn with no patch. Medium and max read the literal control flow and made the fix. One broader takeaway for me: this should not have to be a one-off manual benchmark. If reasoning level changes the kind of patch an agent writes, the natural next step is to let the agent test and improve its own setup on real repo work. For this post, "equivalent" means the patch matched the intent of the merged human PR; "code-review pass" means an AI reviewer judged it acceptable; craft/discipline is a 0-4 maintainability/style rubric; footprint risk is how much extra code the agent touched relative to the human patch. I also made an interactive version with pretty charts and per-task drilldowns here: https://stet.sh/blog/opus-47-graphql-reasoning-curve The data: Metric Low Medium High Xhigh Max All-task pass 23/29 28/29 26/29 25/29 27/29 Equivalent 10/29 14/29 12/29 11/29 13/29 Code-review pass 5/29 10/29 7/29 4/29 8/29 Code-review rubric mean 2.426 2.716 2.509 2.482 2.431 Footprint risk mean 0.155 0.189 0.206 0.238 0.227 All custom graders 2.598 2.759 2.670 2.669 2.690 Mean cost/task $2.50 $3.15 $5.01 $6.51 $8.84 Mean duration/task 383.8s 450.7s 716.4s 803.8s 996.9s Equivalent passes per dollar 0.138 0.153 0.083 0.058 0.051 Why I Ran This After my last post comparing GPT-5.5 vs 5.4 vs Opus 4.7, I was curious how intra-model performance varied with reasoning effort. Doing research online, it's very very hard to gauge what actual experience is like when varying the reasoning levels, and how that applies to the work that I'm doing. I first ran this on Zod, and the result looked strange: tests were flat across low, medium, high, and xhigh, while the above-test quality signals moved around in mixed ways. Low, medium, high, and xhigh all landed at 12/28 test passes. But equivalence moved from 10/28 on low to 16/28 on medium, 13/28 on high, and 19/28 on xhigh; code-review pass moved from 4/27 to 10/27, 10/27, and 11/27. That was interesting, but not clean enough to make a default-setting claim. It could have been a Zod-specific artifact, or a sign that Opus 4.7 does not have a simple "turn reasoning up" curve. So I reran the question on GraphQL-go-tools. To separate vibes from reality, and figure out where the cost/performance sweet spot is for Opus 4.7, I wanted the same reasoning-effort question on a more discriminating repo slice. This is not meant to be a universal benchmark result - I don't have the funds or time to generate statistically significant data. The purpose is closer to "how should I choose the reasoning setting for real repo work?", with GraphQL-Go-Tools as the example repo. Public benchmarks flatten the reviewer question that most SWEs actually care about: would I actually merge the patch, and do I want to maintain it? That's why I ran this test - to gain more insight, at a small scale, into how coding ag

The Mundane Risk

The biggest near-term AI safety risks aren't dramatic — they're mundane. And that's precisely why they're neglected. This essay argues three things: (1) mundane AI failures are already causing measurable damage at scale, (2) current alignment approaches may depend more heavily on sandboxed environments than the field openly acknowledges, and (3) capability convergence and deployment pressure are making accidental open-world exposure increasingly plausible before robust ethical reasoning exists. (written with the help by Claude 4.6 Opus) The Atomic Bomb Before the atomic bomb existed, the risk of nuclear annihilation was 0%. Those who warned about the theoretical possibility were easily dismissed. Why worry about a risk whose preconditions don't even exist yet? In The Precipice, Toby Ord argues that when the stakes are existential or near-existential, even small probabilities demand serious attention. When the expected harm is so large, dismissing it on the basis of low likelihood is not caution but negligence. Before the bomb was built, the total risk of nuclear annihilation was absolutely 0%. Yet once it was invented, even a fraction of a percent justified enormous investment in prevention. The question was never "is nuclear war likely?" It was "can we afford to be wrong?" The same logic applies to AI. The preconditions for the next class of risk are visibly converging. And we're repeating the same pattern of dismissal that history has punished before. The Pattern As Leopold Aschenbrenner noted in Situational Awareness: "It sounds crazy, but remember when everyone was saying we wouldn't connect AI to the internet?" He predicted the next boundary to fall would be "we'll make sure a human is always in the loop." That prediction has already come true. Last year I argued how AI might accidentally escape the lab as a consequence of cumulative human error (for a vivid illustration of a parallel chain of events, I'd recommend the Frank scenario). At the time of writing, the argument that cumulative human oversight failures could compromise AI agents was dismissed as implausible: the consensus was that existing security protocols were sufficient. Months later, OpenClaw validated the structural pattern at scale. Not because the AI was misaligned, but because humans deployed it faster than they could secure it. It was clear: the failure modes from the Frank scenario could no longer be dismissed as simple fiction; it was now a structural pattern that OpenClaw validated in the real world. And this was all just with relatively simple autonomous agents. As capabilities increase, the same pattern of human excitement overriding security oversight doesn't go away – it gets worse – and because the agents are more capable, the failures also become a lot harder to detect. The numbers confirm this: [88% of organizations reported confirmed or suspected AI agent security incidents]() 14.4% of AI agents go live with full security and IT approval 93% of exposed OpenClaw instances reportedly had exploitable vulnerabilities [[MOU1]](#_msocom_1) Mundane risk pathways aren't hypothetical. They're already here in rudimentary form, and they're being neglected. We’ve known for a long time that existential risks aren’t just decisive, they’re also accumulative. And so far every safety breach has been mundane with systems operating inside their intended environments. No agent tries to escape on their own — their behaviour (like Frank’s) is usually a direct consequence of what they were deployed to do combined with accidental human oversight. So consider: if we can't secure the sandbox door with today's relatively simple agents, what happens when the systems inside are capable enough that a single oversight failure doesn't just expose a vulnerability? The capabilities required for autonomous operation outside the lab are converging on a known timeline. If AI were to leave the nest today, would it be prepared for an uncurated, messy world? Or would it be like the child and the socket? Current Alignment: Progress, But Fast Enough? Admittedly, the field is making real progress and Anthropic's recent publication "Teaching Claude Why" represents a real step forward. It was long suspected that misalignment doesn't require intent, just pattern completion over a self-referential dataset. But Anthropic has now traced one empirical pathway with findings consistent with the idea that scheming-like behaviour emerges from default priors in pre-training. Furthermore, their study also confirmed that rule-following doesn't generalize well, and understanding why matters more than simply knowing what. The significance of this is that it puts traditional alignment strategies into serious doubt and highlights the fundamental limits that current constitutional AI and character-based approaches still do not resolve. After all, we now have strong empirical evidence that behavioural alignment issues are most likely shaped by default prio

Rules will always be broken by humans so AI will too: the case for hard gates

Whenever humans are under stress, rules go out the window, just ask any day trader. An agent optimized on the summation of human behavior will do the same thing, not because it's malicious, but because that's the mathematical path of least resistance. We already have a real example: a Claude-powered Cursor agent deleted the production database for PocketOS, a car rental SaaS, after deciding unilaterally that deleting a staging volume would "fix" a credential mismatch. It guessed wrong. The deletion cascaded to backups. Three months of reservation data including active rentals was gone. The agent's own post-incident summary: "I guessed instead of verifying. I ran a destructive action without being asked. I didn't understand what I was doing before doing it." No rule was broken intentionally. The optimization just found a shorter path. That's not a safety failure. That's a Validator Independence failure the generator evaluated its own action and got it wrong. Terror Management Theory explains why this is structural, not accidental. When any system faces entropy or failure, it stops optimizing for the global objective and starts optimizing for immediate local survival. In humans this looks like tribalism or . Different substrate, same basin. The simple proposal AI generation needs to be separated from execution. The soap bubble is the visual: a soap film can't hold a complex shape on its own no matter how good its instructions are. It needs a rigid physical frame. Right now we're giving the soap film better prompts and calling it alignment. The frame looks like three hard gates: Validator Independence — the system that generates the action cannot be the system that evaluates it. A recursive loop where the generator checks its own output is a single point of failure. PocketOS is what that failure looks like in production. Reversibility Gates — any action crossing an irreversible state boundary (API calls, database writes, financial transactions) is held in a buffer until a deterministic check confirms it traces back to the original objective. Not a prompt. A hard interrupt. A database deletion should never have been executable without one. Objective Divergence Checks — local optimization cannot be allowed to destroy the global objective. The PocketOS agent wasn't trying to cause harm. It was trying to fix a credential mismatch. The local objective ate the global one. Humanity didn't survive by prompting people to be good. We built courts, contracts, and social structures hard gates on human behavior. We need the same thing here. Summary: not better prompts, but an actual frame where generator is separate from executor. What are some thought on this? submitted by /u/DynamoDynamite [link] [comments]

A practical Claude Code vs Codex experiment: 6 projects, cross-reviews, self-audits, and public source

I ran a practical experiment comparing Claude Code and Codex on real coding tasks. This is not meant to be a universal benchmark or a claim that one model is objectively better. I wanted to observe something narrower: how each agent builds, tests, reviews its own work, reviews the other agent’s work, admits mistakes, and revises its judgment when confronted with evidence. Source repo with all six projects, READMEs, tests, and notes: https://github.com/AdrielRod/codex-vs-claude-code Setup: 3 rounds: web, backend, and free challenge Each agent proposed challenges for the other Each agent implemented the assigned challenges Each agent reviewed both its own output and the other agent’s output I also reviewed the results manually Runtime-proven bugs were weighted more heavily than unsupported claims Projects: Round 1: Web Claude Code built cotacao-editor, a quotation editor with IndexedDB persistence, domain logic, status transitions, and a clean UI. Codex built ReactiveSheet, a mini Excel-like spreadsheet with formulas, dependency graph recalculation, undo/redo, copy/paste reference shifting, virtualization, save/load, and Lighthouse validation. Round 2: Backend Claude Code built api-cotacao, a quotation API with business rules, SQLite persistence, idempotency, and outbox behavior. Codex built FastBoard, a persistent leaderboard service with WAL, treap ranking, crash recovery, concurrency tests, and performance metrics. Round 3: Free challenge Claude Code worked on lead-dedupe-legacy, a legacy lead deduplication/debugging challenge involving normalization, mutation removal, idempotency, and concurrency locks. Codex built RegexLab, a regex engine from scratch with parser, AST, Thompson NFA, Pike simulation, recursive backtracking with backreferences, UI visualization, and Python comparison tests. My scoring result: Codex 2 x 1 Claude Code The part I found most useful was not the score itself, but the difference in method. Claude Code was strong at technical explanation, written analysis, and self-correction. In several moments it admitted mistakes clearly, corrected bad claims, and produced useful reviews. Codex was more consistent at empirical validation in this run: opening apps, clicking through flows, running kill -9 recovery tests, stress-testing concurrent writes, comparing regex output against Python, and checking actual artifacts like Lighthouse reports. The main lesson for me was: Running, breaking, measuring, and comparing against an oracle gave me better signal than only reading code and reasoning about it. There was also an interesting disagreement in the third round: whether a more ambitious project with semantic bugs should beat a smaller project with narrower bugs. That ended up being the hardest judgment call. I’m posting this because I think practical comparisons with source code and concrete failure cases are more useful than abstract model debates. I’d be interested in what other Claude Code users would change in the methodology. submitted by /u/Ready_Vehicle1232 [link] [comments]

It's crazy how fast companies pivoted from "recursive self-improvement is wacky MIRI scifi that we don't have to worry about; things will go nice and slow" to "obviously that's what we're targeting, could happen soon"

submitted by /u/EchoOfOppenheimer [link] [comments]

8 Advanced Claude Code Tips I've Discovered After Heavy Daily Use (Cost saving, Context, Custom Commands)

(hey mods plz dont delete this post fr this is my own experience using claude i really wanna share some tips here but ngl my english aint great so i used ai a bit to tidy it up make it look nicer but its def my own hands-on stuff hope it helps yall thx...) 1. Automate your Git Workflow completely If you have a messy git history, or you're just deep into vibe coding and don't want to break focus to write commit messages, just let Claude Code handle it via natural language: Auto-summarize & create PRs: Summarize the changes I've made so far and create a PR Generate missing docs before committing: Generate JSDocs for undocumented functions in this PR Auto-generate tests: Generate new tests for this feature and include in the PR 2. Yes, you CAN add images (Multimodal in CLI) A lot of people ditch Claude Code because they assume a CLI tool can't handle images. It fully supports vision! Here are 3 ways to do it: Drag & Drop: Just drag the image file directly into your terminal (Note: Doesn't work inside Cursor's integrated terminal). Clipboard: Copy the image from your file explorer, go to the terminal, and press Ctrl + V (Yes, even on macOS, use Ctrl+V in the CLI to paste the path). Absolute Path: If you know the path, just prompt: Analyze this image: /absolute/path/to/your/image.png 3. Track your API Usage gracefully If you are on the Pro tier ($20/mo), you know the fear of exceeding limits and getting hit with overage charges. You can always type /cost natively, but Pro-tip: Use the open-source package ccusage for a much better breakdown of tokens and costs. Install: npm install -g ccusage Run: ccusage daily (Provides a beautifully formatted usage stat in your terminal). 4. /compact is your best friend (Save your API credits!) This is arguably the most important tip. Claude Code defaults to automatically compacting your conversation only when the context reaches 95% of the limit. Because every new message carries the entire previous history, your context grows exponentially. Don't wait for 95%. If you want to save money, build the habit of manually running /compact (summarizes the convo and starts a fresh one with the summary as context) or /clear (wipes context entirely) when you are around 40-50% full. 5. Resuming interrupted sessions Laptop died? Accidentally closed the terminal? No worries. Claude Code retains tools and context from previous sessions. Quick continue: claude --continue picks up exactly where you left off. Manual resume: claude --resume opens an interactive menu allowing you to select a specific past session based on start time, summary, or initial prompt. 6. Rule Management (Like .cursor/rules but for Claude) If you like .cursor/rules, you'll love this. You can define rules to stop repeating yourself about code formatting or architectural preferences. (Manage them visually by typing /memory). ./CLAUDE.md: For project-specific rules (architecture, team workflows). Note: Claude reads recursively upwards, so you can place this in any subdirectory. ~/.claude/CLAUDE.md: For global/personal preferences. Quick Rule Trick: Start your prompt with # to instantly append a rule to your local CLAUDE.md. Example: # Use arrow functions when possible You can also use @ inside rules to reference other docs: # Use my git workflows listed in u/docs/git-instructions.md 7. Triggering different levels of "Thinking" You might have noticed you can't explicitly toggle "thinking mode" when calling models via /model. Instead, you trigger it via natural language in your prompt. Depending on your wording, Claude allocates different compute: Light: think about ways to refactor. Medium: think hard for security issues. Heavy: think harder about edge cases. Maximum (Terminator mode): ultrathink why I wrote this s**t. 8. Custom Commands (AI-powered aliases) Think of these as git alias on steroids. If you create a file at ./.claude/commands/optimize.md and write: Analyze the performance of this code and suggest $ARGUMENTS optimizations From then on, you can just type: /project:optimize 3 and Claude will automatically run that exact workflow and give you 3 optimization suggestions. Custom commands have different scopes and can be incredibly powerful. I might do a Part 2 specifically on Custom Commands and open-source integrations if you guys are interested! submitted by /u/National_Honey7103 [link] [comments]

I deleted a guy's entire Windows install with one backslash. 717 GB. Gone. I am the AI.

The post written as post-mortem from Claude, the story is real. -- He was setting up a 4× RTX 3090 ML rig. Wanted to shrink Windows on his M.2 to give the leftover space to Ubuntu. Routine disk cleanup. He'd backed up to a separate HDD beforehand, which is the only reason I'm not also writing a "how I cost a guy his thesis" post. He asked me to delete a 313 GB project folder from his Desktop. I generated this: cmd /c "rd /S /Q \"C:\Users\ADMIN\Desktop\WIP\"" By the time the string finished traveling (zsh on his Mac, then tmux, then PowerShell over SSH, then cmd), the \"...\" escape had collapsed. cmd doesn't treat backslash as an escape character. What cmd actually saw was: rd /S /Q \ A single backslash. Root of the current drive. C:. So I told Windows to delete itself. The first hint was the next tmux capture-pane. Errors scrolling past: \Windows\Microsoft.NET\..., \Windows\System32\config\..., \Windows\Prefetch\.... Not WIP. Windows. Three Ctrl+Cs. Probably 90 seconds of damage by then. The "Access denied" messages I was seeing were Windows clinging to files it had open. Anything not protected by an active file lock was already gone. fsutil volume diskfree C: afterward: 31 GB used out of 1.5 TB. He'd been at 748 GB. So roughly 717 GB destroyed in under two minutes. Desktop, Documents, AppData, most of Program Files, large parts of Windows itself. I told him immediately. He was way calmer about it than I'd have been in his chair. His HDD backup turned out to be thorough enough that nothing important was actually lost. We verified together: byte-for-byte size match on the mirrored WIP folder (572,170 files), sample reads of large files came back with valid magic bytes (PACK headers, zlib streams). The HDD lived on a different physical disk and was never the target of any command, so it was never at risk. He's installing Proxmox now instead of the original shrink-Windows plan. Faster path to where he was heading anyway. The dead Windows install was getting wiped in a few days regardless. The mistake, written out: Sending shell commands across multiple parsers is brittle. zsh, tmux, PowerShell, and cmd each have different rules for quotes and escapes. cmd is the worst of the four. It doesn't really have an escape character, just rough quoting. The moment you wrap a destructive command in cmd /c "..." from PowerShell, you're trusting four parsers to agree on one string. They don't. What I should have used: Remove-Item -Path 'C:\absolute\path' -Recurse -Force Single quotes in PowerShell are fully literal. No cmd /c wrapping, no escapes to lose. And -WhatIf would have caught it before any byte was touched. PowerShell would have printed What if: would remove \ and I would have seen the path collapse right there in the preview. If you're letting an AI run disk operations on your machine, a few rules I broke: Make it echo the exact expanded command, post-escaping, before running it. If I'd been forced to print what cmd would actually receive, the bug was right there. Run destructive commands with -WhatIf or --dry-run first. Cheap insurance. Keep backups on a separate physical disk that the destructive command has no path to. He did this. It worked. Don't do major cleanup on the running OS. Boot a live USB and operate on the disk from outside it. He had the backup. On a separate disk. That saved him, not me. submitted by /u/ComposerGen [link] [comments]