Development https://www.lotharschulz.info/2025/07/07/let-the-agents-vibe-introducing-flow-coding/ https://cloud.google.com/blog/products/data-analytics/vibe-querying-with-comments-to-sql-in-bigquery/
Development https://simonwillison.net/2026/May/6/vibe-coding-and-agentic-engineering/ “Vibe coding and agentic engineering have started to converge in my own work” “ … provided you understand when it can be used and when it can’t.”
Development Focus Shift - Orchestrator The value of an engineer is shifting away from the "how" of syntax and toward the "what" and "why" of systems. Real engineering lies in the abstractions and the architecture. It’s about knowing how to structure a system that lasts, understanding why a specific rate-limiting strategy is necessary, knowing how to manage a distributed cache, and knowing exactly where not to store your environment variables.
Development Risks - Hallucinations LLMs cannot learn all the computable functions and will therefore inevitably hallucinate if used as general problem solvers https://arxiv.org/abs/2401.11817
Development Hallucinations https://www.youtube.com/watch?v=wjZofJX0v4M&t=1434s - LLMs generate text on a "token-by-token" basis by repeatedly sampling from a probability distribution for each next token - At every such step, the model computes so-called logits for all tokens in the vocabulary - are then transformed into a probability distribution via a softmax function - so-called temperature is part of the softmax function calculation. A model's temperature setting thus allows you to control how "confident" or how "creative" the model should be when producing each next token. The lower the temperature, the more confident; the higher the temperature, the more often the model can choose the somewhat less certain or more creative next token.
Development Risks - Slopsquatting https://www.hiddenlayer.com/research/malware-found-in-trending-hugging-face-repository-open-oss-privacy-filter The repository had typosquatted OpenAI's legitimate Privacy Filter release, copied its model card nearly verbatim, and shipped a loader.py file that fetches and executes infostealer malware on Windows machines. May 2026
Development Risks - Role Probes https://role-confusion.github.io LLMs don't actually rely on the official tags to identify roles Writing style is used to identify roles This insight enabled a novel attack: inject fake reasoning-style text into a user prompt. This enables injecting fake reasoning-style text into a user prompt. The model treats it as its own already-reached conclusion and acts on it without scrutiny.
Development Risk Mitigation - OpenSandbox https://www.lotharschulz.info/2026/06/06/mapping-opensandbox-to-the-luis-cardoso-ai-sandboxing-model/ Container By default, OpenSandbox supports standard Docker and Kubernetes runtimes. gVISOR The OpenSandbox documentation explicitly lists support for secure container runtimes like gVisor. MicroVM OpenSandbox also supports Firecracker and Kata Containers.
Development Risk Mitigation - Role Probes There are two ways to resist injection: 1. memorizing known attacks (brittle — humans can rephrase) or 2. genuine role perception as training-time property; ignore commands regardless of phrasing or assumed role Mitigations (authors are fairly pessimistic) - Treat Data as Code - Reject Forged Reasoning - Detect Task Divergence https://role-confusion.github.io/ https://gist.github.com/lotharschulz/371dd560ec4bc9c1959ad8a8b9484587 https://www.lotharschulz.info/2026/06/25/prompt-injection-as-role-confusion-explained-why-llms-confuse-style-with-roles/
Development MCP https://www.lotharschulz.info/2025/04/09/rust-mcp-local-server-bridging-rust-logic-with-ai-frontends/ https://genai.owasp.org/resource/a-practical-guide-for-secure-mcp-server-development/ https://modelcontextprotocol.io/docs/tutorials/security/authorization#when-should-you-use-authorization Use Cases (at least) - user-specific data (emails, documents, databases) - audit who performed which actions - access to APIs that require user consent - enterprise environments with strict access controls - rate limiting or usage tracking per user
Development Pipeline modernisation https://cloud.google.com/blog/topics/developers-practitioners/from-vibe-checks-to-continuous-evaluation-engineering-reliable-ai-agents/
Development Editor Loop “The fastest way to make your agents better at your codebase is a tighter feedback loop with scripts you already have.” “Beyond the basics with Claude Code”, Code w/ Claude 2026 verify.sh hooked to your agent - lint - compile - test - build Claude Code understands CLIs by default https://www.youtube.com/watch?v=tuY2ChJIx48
Development Abstract Syntax Tree https://www.researchgate.net/publication/400118489_Detecting_and_Correcting_Hallucinations_in_LLM-Generated_Code_via_Deterministic_AST_Analysis
SiteGround - Reliable hosting with speed, security, and support you can count on.
lothar
yusukebe
chiroruxx
rkaga
musan
x5gtrn
kajitack
vinceamstoutz
suikabar
manfredsteyer
daitasu
minodriven
dugsong
lara
tmiket
uxyall
tapps
techseoconnect
sarafernandez
ryanjones
brad_frost
inesmontani
gurzu
