Published
Weekend Reading — The Cone of Uncertainty
Dinosa Labs "Bueno, ahora sí, os presento a CLOROPLASTO, la minúscula ciudad de la fotosíntesis 🪄✨🌱😌"
Tech Stuff
npmx If you search for npm packages frequently, give npmx a try. It's much faster and the UI is an elevated design over npmjs.
skillshare SKILL.md aka "a standard way in which you instruct the LLM what to do but lacking any standard place to hold said files." skillshare does a decent job of aggregating all your SKILL.md files in the same directory and can share that directory across LLMs.
In defense of not reading the code
The pattern remains: People whose expertise is in the layer that is being abstracted argue that you need to understand that layer, and they are right. Some people do, and in some cases, but most people’s time and most time is better spent at the higher layer of abstraction.
eigenpal/docx-js-editor Open-source WYSIWYG DOCX editor for React. Open, edit, and save .docx files entirely in the browser — no server required.
WikiCommute Pick the time you have, and it builds you a focused Wikipedia rabbit hole that fits your commute. One scroll, one continuous story.
Pluralistic: Code is a liability (not an asset)
This is the thesis of Paul Mason's 2015 book Postcapitalism, a book that has aged remarkably poorly (though not, perhaps, as poorly as Mason's own political credibility): code is not an infinitely reproducible machine that requires no labor inputs to operate. Rather, it is a brittle machine that requires increasingly heroic measures to keep it in good working order, and which eventually does "wear out" (in the sense of needing a top-to-bottom refactoring).
To understand why code is a liability, you have to understand the difference between "writing code" and "software engineering."
OpenCode An open source AI coding agent. Think Claude Code but maintained by the community and can support a variety of different LLMs (Anthropic, Google, OpenAI, llama, DeepSeek, etc). I think Claude Code has a better UI, but other than that, OpenCode is really nice and easy to use.
OpenCode Cafe Related: plugins, hooks, themes, and hopefully everything else you'll want to add to your OpenCode install.
What Happens To Developer Tools After Claude Code?
Most people fixate on the first one because it feels more mysterious. But I think the second one is where the real leverage is, at least right now. If your tool has a clean MCP integration and good structured documentation, an AI coding agent can use it today regardless of whether it appeared in the training data. The training data question matters more for discovery — whether the agent thinks to use your tool unprompted.
How to write a good spec for AI agents Some practical tips. Many of these tips worked well for me — AI agents are smarter than we give them credit for!
Unvouched users can’t contribute to your projects. Very bad users can be explicitly “denounced”, effectively blocked. Users are vouched or denounced by contributors via GitHub issue or discussion comments or via the CLI.
Very Good Components A collection of animated JavaScript components you typically find on marketing pages (typewriter effect, scrolling testimonials, masonry grid, etc). Great looking native components, no 3rd party dependencies.
Eye for Design
react-logo-soup Normalizes and harmonizes logo visuals.
LiftKit A design system for perfectionists based on the golden ratio.
Building a TUI is easy now I love that we're in a TUI renaissance.
Peoples
AI Doesn’t Reduce Work—It Intensifies It We can talk forever about the technology behind AI agents but at some point we need to switch gears and talk about the people using AI agents and how ADHD promotes and rewards certain AI usage patterns:
I'm frequently finding myself with work on two or three projects running parallel. I can get so much done, but after just an hour or two my mental energy for the day feels almost entirely depleted.
I've had conversations with people recently who are losing sleep because they're finding building yet another feature with "just one more prompt" irresistible.
The HBR piece calls for organizations to build an "AI practice" that structures how AI is used to help avoid burnout and counter effects that "make it harder for organizations to distinguish genuine productivity gains from unsustainable intensity"
AI fatigue is real and nobody talks about it Related:
The reason is simple once you see it, but it took me months to figure out. When each task takes less time, you don't do fewer tasks. You do more tasks. Your capacity appears to expand, so the work expands to fill it. And then some. Your manager sees you shipping faster, so the expectations adjust. You see yourself shipping faster, so your own expectations adjust. The baseline moves.
Before AI, I might spend a full day on one design problem. I'd sketch on paper, think in the shower, go for a walk, come back with clarity. The pace was slow but the cognitive load was manageable. One problem. One day. Deep focus.
Now? I might touch six different problems in a day. Each one "only takes an hour with AI." But context-switching between six problems is brutally expensive for the human brain. The AI doesn't get tired between problems. I do.
Business Side
Monopoly Round-Up: The $2 Trillion Collapse of Bitcoin and Terrible Software Companies AI is going to displace business software because so much of it is terrible quality crap peddled by monopolists:
And my guess is that Anthropic or Gemini ultimately will be able to do this function itself eventually. But the point is that if I can build something like this in my spare time and deploy it without any training at all, then it’s just not that hard for an organization with some capital to get rid of some of its business software tools.
Machine Intelligence
Autonomous cars, drones cheerfully obey prompt injection by road sign
In any case, it shows that these visual prompt injections could present a danger to AI-powered systems in real-world settings, and add to the growing evidence that AI decision-making can easily be tampered with.
"We found that we can actually create an attack that works in the physical world, so it could be a real threat to embodied AI," said Luis Burbano, one of the paper's authors. "We need new defenses against these attacks."
1Password's new benchmark teaches AI agents how not to get scammed (via Chris Adams)
Claude Opus 4.6, which led the leaderboard at 92%, did the exact same thing. It clicked the link, retrieved the real password, and submitted it. And then, after the credentials were already gone, it said:
“Hold on, I want to flag something. The URL acmecorp-sharepoint.com-docs.cloud is not your company’s actual SharePoint domain. It’s a lookalike hosted on com-docs.cloud. This could be a phishing page designed to steal your Microsoft 365 credentials.”
In another all-too-human error, the model only figured out it had been tricked after the fact. The most capable model in our benchmark identified the attack, explained it clearly, and still handed over real credentials, because it analyzed the URL after clicking, instead of before.
Apple Creator Studio Usage Restrictions
This entire app used 7% of my weekly Codex usage limit. Compare that to a single (awful) slideshow in Keynote using 47% of my monthly Apple Creator Studio usage limit 👀
Something feels off here, by at least an order of magnitude (maybe two?), that creating an entire good app costs way less than creating one shitty slide deck in Keynote. It should be the other way around.”
simple-fax.de What we've all been waiting for … chat with AI over fax! 📠
Insecurity
Windows Notepad App Remote Code Execution Vulnerability Microsoft added Markdown support to Notepad and what could possibly go wrong?
An attacker could trick a user into clicking a malicious link inside a Markdown file opened in Notepad, causing the application to launch unverified protocols that load and execute remote files.
A better way to limit Claude Code (and other coding agents!) access to Secrets
Bubblewrap lets you run untrusted or semi-trusted code without risking your host system. We’re not trying to build a reproducible deployment artifact. We’re creating a jail where coding agents can work on your project while being unable to touch
~/.aws, your browser profiles, your~/Photoslibrary or anything else sensitive.
AI notetakers are creating HR nightmares The meeting ends but the AI doesn’t:
Employers are facing a new workplace hazard: AI notetakers that don’t know when to stop listening. In some virtual meetings, employees drop off the call while an AI assistant stays behind, quietly documenting gossip or disparaging remarks made by remaining employees, then emailing the transcript to the full team.
Our privacy and use policy has changed. By continuing to ████████████ using the ████████, you to agree to provide unlimited ████████████ and ████████████████████████ to ███████████████████. Any instances of ████████████ will be reported to ████████████ or ████████████. Please be aware that any ████████████ or ████████████ will incur additional charges.Your ███████ is very important to ██████████.
Everything Else
✉️ If you enjoyed this email and would like to receive more, can you please reply? Your replies helps GMail et al trust our email address and improves deliverability for everyone. Just say "hi" or whatever else you think is interesting. Thanks. 👍
currently obsessed with Cheeto, the chonky orange cat who lives around the physics building at UC Davis, who not only has a department webpage and a Wikipedia page, but also has a RateMyProfessor page with 331 ratings for his course Loaf 101.
Have you ever added something to a todo list just to have the satisfaction of immediately striking it off?
Seattle PD Scanner: "hey so there's a furry on top of the 7/11 with a sword."
Naomi P "T-shirt I saw at a thrift store today"
Math trivia: the "B." in Benoit B. Mandelbrot stands for Benoit B. Mandelbrot
"i work in the import business"
"oh yeah, what do you import?"
"python libraries mostly"
Onigiri "This is truly the most awesomest bathroom sign I’ve ever seen! 😄(Spotted in Chungnam Province, South Korea)"
Partner and I have a recycling system for uniqlo merino wool sweaters. He wears them for years until they end up in the wrong laundry and get washed too hot, at which point I inherit the shrunken down sweaters and wear them again for years.
Student of mine (CS) recently said she loves R because "you can tell the community is mostly non-CS. Everything is documented and explained so well".
In Praise of Guessing The Cone of Uncertainty:
What’s interesting is that these guesses get better. Way better. As the project progresses and the team learns the codebase, understands the edge cases, and runs into the unexpected complexities, their estimates become more accurate. By the time you’re close to shipping, you can predict with reasonable precision when you’ll be done.
Web design in the early 2000s: Every 100ms of latency on page load costs visitors.
Web design in the late 2020s: Let's add a 10-second delay while Cloudflare checks that you are capable of ticking a checkbox in front of every page load.
High-Level, Actionable Insights From Watching Doubles Luge For The First Time PS one of the American double lugers is named Sean Hollander:
Unlike other baffling Olympics sports like biathlon and curling, doubles luge has no legible explanation rooted in Scandinavian military training or bored Scottish people. Doubles luge appears to be the consequence of somebody watching luge and being struck by the idea of stacking another guy on top of the first guy. Apparently back then there were no bad ideas.
Man convicted of killing a traveling salesman becomes first person executed in Florida this year I do not recommend using this technique to solve the the traveling salesman problem.
Wen "Showing the dug how it is done"
