Just open-sourced a fast dependency license compatibility checker. Supports all 10 major ecosystems (PyPi, npm, crates-io etc.). This is a CLI tool that surfaces your project compliance posture, as every direct and transitive dependency has its own license, and some licenses may be incompatible with your own. It also includes a handy Claude Code review skill. Check it out, and leave a ⭐️ if you find it interesting/useful: https://t.co/IOV1QkOSwG
Just open-sourced a fast, multi-ecosystem (10) dependency license compatibility checker. Important for compliance and investability (due diligence). It also bundles a Claude Code review skill for resolving occasional compliance gaps. Would appreciate a ⭐️ and a share if you find it useful! https://t.co/IOV1QkOSwG
I built licenseal: an open-source CLI for dependency license compatibility checks across 10 ecosystems.
Transitive by default. CI-ready. No installs/builds. Markdown/JSON reports. Checked-in review trail.
Includes a Claude Code skill to walk through flagged findings and record decisions.
GitHub: https://t.co/IOV1QkOSwG
Please ⭐ / share the repo if you find it useful!
Two economists just published a mathematical proof that AI will destroy the economy.
Not might. Not could. Will — if nothing changes.
The paper is called "The AI Layoff Trap." Published March 2, 2026. Wharton School, University of Pennsylvania. Boston University. Peer reviewed. Mathematically modeled.
The conclusion is one sentence.
"At the limit, firms automate their way to boundless productivity and zero demand."
An economy that produces everything. And sells it to nobody.
Here is how you get there.
A company fires 500 workers and replaces them with AI. A competitor fires 700 to keep up. Another fires 1,000. Every company is behaving rationally. Every company is following the incentives correctly. And every company is building a trap for itself.
Because the workers who were fired were also customers.
When they lose their jobs faster than the economy can absorb them, they stop spending. Consumer demand falls. Companies respond by cutting costs — which means automating more workers — which means less spending — which means more falling demand — which means more automation.
The loop has no natural exit.
The researchers tested every proposed solution. Universal basic income. Capital income taxes. Worker equity participation. Upskilling programs. Corporate coordination agreements.
Every single one failed in the model.
The only intervention that worked: a Pigouvian automation tax — a per-task levy charged every time a company replaces a human with AI, forcing them to price in the demand they are destroying before they pull the trigger.
No government has implemented this. No major economy is seriously discussing it.
Meanwhile the numbers are already tracking the curve. 100,000 tech workers laid off in 2025. 92,000 more in the first months of 2026. Jack Dorsey fired half of Block's workforce and said publicly: "Within the next year, the majority of companies will reach the same conclusion."
Nobody is doing anything wrong. Companies are following their incentives perfectly. That is exactly the problem.
Rational behavior. At scale. Simultaneously. With no mechanism to stop it.
Two economists built the math. The math leads to one place.
Source: Falk & Tsoukalas · Wharton School + Boston University ·
https://t.co/4m8E9jQNYm
Today's release of Claude for Word by Anthropic made it even more obvious that there is simply no way for LegalTech companies that focus (primarily) on contract review / drafting to survive long-term, unless they pivot.
🚄 litellm, a popular open-source unified LLM gateway, has been compromised. Versions 1.82.7+ contain a credentials stealer, that scans all secrets (.env files, SSH keys, Git credentials, etc.) and sends them to the attacker's server disguised as a litellm models endpoint. It even goes as far as deploying backdoors in Kubernetes clusters. Allegedly, the attacker infiltrated the publishig workflow by getting access to the account of litellm GitHub repo's owner. PiPy has already quaranteed the package, but hundreds of thousands of installs already took place.
💎 ContextGem, my open-source framework for structured data extraction with LLMs, which has litellm as a dependency, is NOT compromised, since litellm is always pinned to a specific, locally tested version before contextgem is packaged and published on PiPy. The latest pin is litellm==1.82.2. Importantly, contextgem is egress-controlled during development by 🪁 tethered, my other open-source package for Python runtime network egress control.
When I released 🪁 tethered a month ago, the idea was simple:
- create a lightweight, zero-dependency package for controlling where exactly an application's data can be sent;
- prevent compromised dependencies from 'phoning home';
- provide defense-in-depth against local misconfigurations and coding agent's mistakes that could leak data to unexpected hosts.
As we will witness more and more often, packages like 🪁 tethered become increasingly relevant for local development, CI, and as open-source libraries' internal guards.
Being at an early stage, tethered still has certain 'blind spots' (as documented in its README), but the overall direction, coupled with incremental improvements, is the right one, I think.
See the litellm hack overview and tethered repo in the comments 👇
I've just published tethered, a Python package for runtime network egress control, which is dependency-free, zero-infrastructure, and very easy to set up. It takes one function call to restrict which hosts your code can connect to.
Use cases:
- Supply chain defense. A compromised dependency can't phone home if egress is locked to your known services.
- AI agent guardrails. Constrain LLM-powered agents to only the APIs they need.
- Test isolation. Ensure your test suite never accidentally hits production endpoints.
- Least-privilege networking. Declare your app's network surface the same way you declare its dependencies.
https://t.co/mmN5o9sE4Y
There's a growing narrative that AI coding agents make open-source frameworks and abstractions obsolete - why use a 5-line abstraction when AI can generate the 100-line version "for free"?
I think this misses the point. Abstractions aren't just about saving human keystrokes. They compress the problem space, which matters just as much for an LLM navigating a codebase as it does for a person.
More code means more context to parse, more surface area for bugs, and more cognitive overhead when reasoning about changes. That's true whether the next actor is a human or an agent.
As code becomes cheaper to produce, the scarce resource shifts to understanding and evolving it. That makes good abstractions and architectural judgment more valuable - not less.
The open-source frameworks that win in an agentic world will be the ones whose abstractions are explicit, composable, and easy to reason about. That's always been the mark of good design. AI just raises the stakes.
If you are excited about or already using #clawdbot, read this to understand the risks you may be exposing your system and data to:
https://t.co/WD3FY61jA1