CMDev

THIS GUY LOST $200 IN ONE DAY BECAUSE THE STRING "HERMES.md" WAS IN HIS GIT COMMITS HERMES.md is a real convention used in AI agent projects. it's a system prompt specification file. not some obscure edge case he's on claude max 20x at $200 a month. yesterday claude code hit him with "you're out of extra usage" out of nowhere his dashboard showed 13% weekly usage. 0% current session. 86% of his plan was sitting there untouched but $200.98 in extra usage already burned through what should have been covered by his subscription he tried logout & login, different models, fresh installs and nothing worked anthropic support sent the ai bot (four rounds of the same scripted response). eventually they just gave up on him so he started binary searching repos and commits manually on his own time until he found the trigger the string "HERMES.md" in a recent git commit message uppercase, with the .md extension, anywhere in your commit history that's it claude code includes recent commits in its system prompt and something server side flags HERMES.md and quietly routes you off your max plan onto API rate billing > AGENTS.md? fine > README.md? fine > HERMES without .md? fine > lowercase hermes.md? fine > uppercase HERMES.md? you're getting charged API rates he reported it. anthropic support acknowledged the bug three times, called it an "authentication routing issue", thanked him for finding it then refused to refund the $200 so the man pays $200 a month for max, lost another $200 to a billing bug they confirmed, did anthropic's QA work for free on his weekend, and got a "thank you for your patience" in return check your commit history before claude code quietly drains your account too

Doing some training today and realised the 5090, while it has more than proven its utility in training many smaller models, just wasn't going to cut it specifically for a larger experiment... So this little guy better be the difference (GB 10 Blackwell). Slower training, but wayyyyy more unified memory to work with, no CPU offloading bottleneck! My friend Jackrong is getting full SSH access for his training runs. Honored to be his free compute provider while we keep pushing our collaborative experiments. If this thing delivers (and early signs from Jackrong renting one are promising), we’re adding another. We will be expanding the open-source community and running training (in Wyoming of all places) on our own (humble) datacenter. More to come, big training still running on the 5090 today, albeit slowly, thanks to some offloading!

🚨 BREAKING: Anthropic’s Most Dangerous Model Ever Breached By Hackers > anthropic builds a cyberweapon > calls it mythos > “can hack every major OS and browser” > dario: “we’re the safe & responsible ai lab” > “can’t release it to the public” > Mercor (their training contractor) gets breached > leaks anthropic’s model naming conventions > hackers guess the URL pattern > contractor credentials still work > they’re inside The group also has access to other unreleased Anthropic models. Not just Mythos. The whole pipeline. Anthropic’s statement: “investigating a report of access through one of our third-party vendor environments.” Mythos got breached on day one 💀

just checked github trending, the #1 repo this week is a CLAUDE.md file. 44,465 new stars this week. a skill distilling Andrej Karpathy's LLM coding pitfalls into 4 principles: → think before coding: ask when unsure, don't silently pick one interpretation and run with it → simplicity first: minimum code, any overengineering shows at a glance → surgical edits: only touch what's required, don't fix up neighboring code on the way by → goal-driven: translate fuzzy instructions into verifiable targets before starting swapped it into my claude.md, a few tasks in it feels tighter. repo below 👇

Right now AAVE is not in a good spot. People are sending their tokens to exchanges → which usually means they are selling. There was a $292M exploit and about $200M of that turned into bad debt. Because of this a lot of money left the platform around $6.6B AAVE is still a big DeFi project but right now it’s under pressure.

⚠️ALERT: $AAVE is now down -19% today after a $292M Kelp DAO rsETH exploit triggered a full-blown liquidity crisis. Aave's ETH pool just hit 100% utilization. That means one thing: there's almost no ETH left to withdraw. Here's what happened: Attacker drained 116,500 rsETH ($292M) from Kelp DAO's LayerZero bridge He then deposited the stolen rsETH as collateral on Aave V3 to borrow ~$236M in WETH. Because the rsETH is now unbacked, those positions are unliquidatable. Aave is now stuck with ~$280M in bad debt it cannot recover. Panic withdrawals have followed: $5.4 BILLION in $ETH outflows, with Justin Sun pulling 65,584 ETH ($154M) alone. ETH utilization has maxed out at 100%, which means there's almost no ETH left to withdraw. This is the FIRST real-world test of Aave's Umbrella safety module & the BIGGEST DeFi exploit of 2026. This is a developing story.

Claude Code fully dissected! Researchers from UCL reverse-engineered the leaked Claude source. What they found changes how you should think about agent design. Only 1.6% of the codebase is AI decision logic. The other 98.4% is operational infrastructure. Permission gates, tool routing, context compaction, recovery logic, session persistence. The model reasons. The harness does everything else. This is the opposite of what most agent frameworks do today. LangGraph routes model outputs through explicit state machines. Devin bolts heavy planners onto operational scaffolding. Claude Code gives the model maximum decision latitude inside a rich deterministic harness, and invests all its engineering effort in that harness. The core loop is a simple while-true. Call model, run tools, repeat. But the systems around that loop are where the real design lives: A permission system with 7 modes and an ML classifier. Users approve 93% of prompts anyway, so the architecture compensates with automated layers instead of adding more warnings. A 5-layer context compaction pipeline. Each layer runs only when cheaper ones fail. Budget reduction, snip, microcompact, context collapse, auto-compact. Four extension mechanisms ordered by context cost. Hooks (zero), skills (low), plugins (medium), MCP (high). Each answers a different integration problem. Subagents return only summary text to the parent. Their full transcripts live in sidechain files. Agent teams still cost roughly 7x the tokens of a standard session. Resume does not restore session-scoped permissions. Trust is re-established every session. That friction is the point. The bet behind all of this is simple. As frontier models converge on raw coding ability, the quality of the harness becomes the differentiator, not the model. Paper: Dive into Claude Code (arXiv:2604.14228) In the next tweet, I've shared an article I wrote on Agent Harness and what every big company is building. Do check.