skip to content
#ai
aihackers.net practical notes on building with AI
Models Tools Free & Cheap Build Safely Verify Claims

Security

tag: Security

  • 2026-07-02 | Pi Coding Agent: Minimal, Programmable Terminal Harness Set up Pi as a minimal coding harness with GLM-5.2, persistent sessions, compaction, custom tools, extensions, and clear Z.AI policy caveats.
  • 2026-07-02 | Pi vs ZCode vs OpenCode: Which Harness Fits GLM-5.2? Compare Pi, ZCode, and OpenCode as coding harnesses for GLM-5.2: workflow, permissions, context, setup, quota paths, and a fair same-model test.
  • 2026-07-02 | ZCode: GLM-5.2-Native Coding Harness Guide Use ZCode as Z.AI's integrated GLM-5.2 coding harness: desktop setup, Goal Mode, subagents, safety confirmations, quota, and workflow trade-offs.
  • 2026-07-02 | Fable 5 Returns as Claude Sonnet 5 Becomes Default Fable 5 is back with tighter safeguards while Sonnet 5 becomes Claude's default. Here is the practical routing and cost decision.
  • 2026-06-28 | GPT-5.6 Sol Preview: Access and Agent Risks GPT-5.6 Sol is a restricted API and Codex preview shaped by a government request. Check access, agent risks, pricing, and safeguards before routing work.
  • 2026-06-05 | LLM App-Hacking Field Test: $1,500 Takeaways A cautious read of Kasra Rahjerdi's informal $1,500 field test on whether LLM agents could exploit a deliberately vulnerable app.
  • 2026-04-01 | Claude Code Leak: The Hidden Features That Escaped, and What Builders Should Actually Care About The Claude Code leak exposed hidden features, but the deeper lesson is operational: package artifacts can leak product boundaries, internal experiments, and roadmap intent.
  • 2026-02-28 | Google API Key Privilege Escalation: Gemini Changed the Rules Google spent a decade telling developers that Maps and Firebase API keys are not secrets. When Gemini arrived, those same public keys silently became live AI credentials—with no warning.
  • 2026-02-17 | UltraThink → UltraQuiet: Why Devs Want Receipts Claude Code started hiding file paths and search details behind Ctrl+O. Here's a working fix: the AGENTS.md Audit Ledger pattern.
  • 2026-02-15 | Kimi Claw: Managed OpenClaw Guide Current Kimi Claw guide covering managed OpenClaw deployment, K2.6 Thinking, membership requirements, credits, and security tradeoffs.
  • 2026-02-11 | The 20-Minute Blog, Three Years Later: What Actually Works in 2026 On April 4, 2023 I tested GPT-4 blog writing in 20 minutes. This is the 2026 workflow that replaced speed-first publishing: vibe, verify, ship.
  • 2026-02-11 | The Lost AI Posts of April 2023: What Survived, What Failed, What to Publish Instead A practical reconstruction of three deleted April 2023 AI posts, with 2026 guidance for replacing hype with durable, verified content.
  • 2026-02-11 | Vibe Coding Archive Evidence: 2023 Legacy URLs and 2026 Replacements Wayback verification log for AIHackers legacy April 2023 post URLs and archived snapshots of their 2026 replacement pages.
  • 2026-02-11 | Vibe Coding Lessons (2023-2026): A Production Playbook What changed from speed-first AI drafting in 2023 to verification-first publishing in 2026, with a practical playbook for durable authority.
  • 2026-02-04 | Three Years in the Vibe Coding Trenches: A 2023-2026 Retrospective What we got wrong about AI-generated content in 2023, what actually worked, and how the vibe coding era shaped modern AI security thinking.
  • 2026-02-04 | MCP Server: First Contact (and Early Compromise) Self-hosting a Model Context Protocol server in the early vibecoding days. Logs, lessons, and the security gotchas nobody warned us about.
  • 2026-02-03 | Codex vs Claude Code vs Cursor Current workflow comparison for Codex, Claude Code, and Cursor, with model availability and benchmark claims separated from tool features.
  • 2026-02-03 | Kimi Data Handling & Privacy Considerations Comparative analysis of Moonshot AI's data policies vs Anthropic and OpenAI. Geographic restrictions, retention periods, training opt-outs, and self-hosting options for risk mitigation.
  • 2026-02-03 | OpenAI Codex: Cloud Dependency and Vendor Lock-In Risks Risk analysis of OpenAI Codex cloud dependency, the ChatGPT credits trap, vendor lock-in mechanisms, and mitigation strategies for engineering teams.
  • 2026-02-03 | OpenAI Codex: Current Setup and Models Current Codex CLI setup, GPT-5.5 default guidance, GPT-5.6 preview boundary, AGENTS.md usage, authentication, sandboxing, and model selection.
[prev] [next]
© 2026 aihackers.net · AI tool reviews and safety notes from the trenches
Writing Compare Risks Lab Archive About Accessibility RSS
Telegram · [email protected]