La charla que di en #nerdearla 2019 fue subida a YouTube, si se la perdieron pueden verla acá: https://t.co/XXgtOj02Hk
(in)seguridad informática: 3 casos de estudio
Learn to ship. Shipping is a skill distinct from coding. Shipping is designing, coding, QAing, story-telling, teaching, marketing, selling, pivoting, iterating…
It used to be that coding dominated in importance because of coding ability scarcity. AI will push you to go further.
If you are asking “Why push back against anti-datacenter efforts?” I consider it a tragedy that anti-nuclear efforts largely strangled nuclear power in the US based on vibes, and I don’t want to see that happen to AI. Public opinion matters, and it shouldn’t be ceded unchallenged.
If you are asking “Why should I support AI efforts at all?” I believe we are in the midst of a transition more vibrant than the industrial revolution. Opinions formed a couple of years ago about the uselessness of AI are no longer valid. Millions of people and organizations are getting great returns from using it, and the demand for data centers is the market responding to the value signal. That is how progress is made!
WOW I didn't see this one coming.
Enterprise AI teams are spending months building internal infrastructure that Santander just open-sourced FOR FREE 🤯
The @Santander_es AI Lab just dropped 11 repos under Apache-2.0.
And you don't have to be a bank to use these.
They released actual workflow solutions that every AI engineering team is currently struggling with.
Three massive standouts for builders:
→ llm_bridge: A tiny, pluggable client to swap between OpenAI, Bedrock, and Gemini. Stop fighting vendor lock-in.
→ gen-fraud-graph: A synthetic data generator for graph-based fraud detection. Scales to 100M+ accounts out of the box.
→ autoguardrails: An automated scaffold to stress-test your LLM policy against jailbreaks before shipping to production.
They also open-sourced their internal mechanical governance framework for high-stakes LLM decisions.
Instead of spending millions trying to govern AI from scratch, teams can now fork a battle-tested control layer from one of the world's largest financial institutions.
Tools > hype.
100% free and open-source.
Repo in 🧵↓
Trabajé cuatro años en el Santander, en el equipo de Control dentro del departamento de Riesgos.
Voy a intentar explicar desde mi experiencia por qué esta es una gran noticia para el sector financiero y cómo esto puede abrirles la puerta a la eficiencia y la innovación. 👇
My heuristic is that any diff an agent generates over ~1500 lines is too big and is indicative that the problem needs to be decomposed. This is my general pattern now for feature work:
1. Try to implement the whole feature, loosely guided. I call this the "draw the owl" prompt in reference to the meme. Expect garbage, you're going to get garbage.
2. If the diff is less than 1500 lines, review it and iterate normally. If the diff is more than 1500 lines, prompt the agent to decompose the problem into atomic, incremental, reviewable tasks. Simultaneously, do this yourself.
3. Agents will very often make these tasks way too specific to the shape they solved. You need to massage it into the right general shape. Do that.
4. Kick off new agents to work on those incremental things (as parallelized as possible). Apply the same rules.
5. At a certain, point, repeat the "draw the owl" prompt. At some point, you will get beneath your review-ability threshold.
This has been producing consistently high quality, maintainable, reviewable chunks of code that have a good handoff to either merge as-is or human refinement.
And with the latest frontier models at xhigh thinking, these are all slow enough that you can usually have multiple going concurrently while you are actively reviewing others or working on your own tasks.
HITL (human-in-the-loop) agents are still super important, especially for feature work. Features touch the human boundary in terms of UI, API, etc. And net new stuff can introduce pathologies in the architecture that violate desired invariants (these should be represented in specs or tests but we aren't perfect!).
I know a lot of the leading edge agentic discourse is about "loops" and agents driving agents continuously. I do some of that (will report on that later). But, in terms of raw daily get-shit-done type of work, this is my most rewarding pattern at the moment.
The problem with the "if it works who cares what the code looks like" mindset for agentic work is that it assumes the agent has a perfect understanding of "works." Realistically, things are underspecified, agents make bad assumptions, etc.
To be fair, agents are pretty good at unit test coverage. They're pretty bad at designing human experiences (API, CLI flags, etc.), especially cohesive ones for future roadmap plans they may not have visibility into (unless your backlog is perfect and vision fully laid out, which I doubt). They're bad at knowing where performance matters and what type (CPU vs memory tradeoffs). They're bad at where compatibility matters and where it doesn't (and tend to err on the side of preserving it without further guidance). Etc.
Unless you have this ALL specified, you can't possibly claim "it works" without taking a look and thinking about it.
it's not done if it's not implemented
it's not done if the implementation is ugly
it's not done if it's not documented
it's not done if users can't discover it
it's not done if you can't market it
little psa
most hiring happens march through june
companies set headcount budgets in january and burn through them by mid year
applying in q4 means fighting over scraps