The dura is the brain's armor: a membrane so tough that a surgeon normally cuts through it with a scalpel. For the first time in our clinical trials, we inserted the electrode threads of our implant straight through the dura and into the cortex, keeping the dura intact.
Here's how we did it 🧵
Introducing Claude Sonnet 5, our most agentic Sonnet yet.
It makes plans, uses tools like browsers and terminals, and runs autonomously at a level that just a few months ago required larger and more expensive models.
if anything you want your agents to do is deterministic, such as managing a queue, or sorting a list, create a script for the agent to use. Agent's don't do deterministic things well. It's our job to force determinism upon them.
I start with very informal specifications written by hand. I have an agent convert these into harder specifications that are subdivided into tasks. I review these.
Then I feed those tasks into the specifier agent, which converts each task to Gherkin, prunes the Gherkin, and then hands it off to the coder agent. I spot check the Gherkin.
The coder agent writes acceptance tests directly from the Gherkin. Then writes unit tests. Then writes code. When all those tests pass, the coder agents hands off to the refactorer agent.
The refactorer agent reduces crap to 6 or below, and reduces any duplication. Then it write property tests and gets them to pass. Then it hands off to the architect agent.
The architect agent runs language mutation and covers any uncovered sections, and kills all survivors. Then it runs Gherkin mutation and kills any of those survivors. Then it runs the entire test suite, and when it passes it hands the result off to the specifier, coder, and refactorer.
I spot check the code.
This is an exercise of transformations from the informal to the formal through managed stages, with human interaction decreasing with each stage.
Raw computer power is the limiting factor. Those mutation tests are CPU intensive.
SECURITY ADVISORY — TanStack npm packages
A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package.
Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down.
Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys.
If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised:
• Rotate cloud, GitHub, and SSH credentials immediately
• Audit cloud audit logs for the last several hours
• Pin to a prior known-good version and reinstall from a clean lockfile
Detection — the malicious manifest contains:
"optionalDependencies": {
"@tanstack/setup": "github:tanstack/router#79ac49ee..."
}
Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root).
Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level.
Full technical breakdown, complete package and version list, and rolling status updates:
https://t.co/Zy8qG7PA9f
Credit to the security researcher for responsible disclosure.
Thought LLMs would steal my job… but they just became a new way of programming.
Contexts, agents, prompts, MCP — now we all speak one language.
Share knowledge properly and we’ll accelerate progress like crazy.
I’ve been harping on the disciplines and tools for using AI lately. I find them to be a very effective approach. But I don’t want to leave you with the impression that a few simple disciplines and tools is sufficient.
As the AI’s build software, you — the software engineer — need to have a good mental model of what the AI is doing. You need to apply engineering insight to correct it when it takes a path you don’t like. You have to be an active manager in the design and architecture of the system. You have to be able to “see within“ without resorting to exhaustive code reviews. You have to form suspicions about what the AI is doing, and you have to probe and experiment to verify your suspicions.
Over the past month, some of you reported Claude Code's quality had slipped. We investigated, and published a post-mortem on the three issues we found.
All are fixed in v2.1.116+ and we’ve reset usage limits for all subscribers.
SpaceXAI and @cursor_ai are now working closely together to create the world’s best coding and knowledge work AI.
The combination of Cursor’s leading product and distribution to expert software engineers with SpaceX’s million H100 equivalent Colossus training supercomputer will allow us to build the world’s most useful models.
Cursor has also given SpaceX the right to acquire Cursor later this year for $60 billion or pay $10 billion for our work together.