@AraneaDev profile picture
Tim Schipper @AraneaDev

30 years shipping code. Full-stack developer, AI-tool user and AI-hype sceptic. Writing about craft, security, and what nobody's saying about agents.

Joined August 2014
  • Tweets 57
  • Following 25
  • Followers 25
Photos and videos
Every resilience playbook we have, retries, multi-region, fallback, assumes the provider wants to stay up. None of it survives a government order. How are you planning for an AI dependency that can be made illegal, not just unavailable? #AI #SoftwareArchitecture
8
A US export order pulled Claude's strongest model worldwide on June 12. The "jailbreak" behind it? Asking it to read a codebase and fix bugs. Your day job got a model recalled. You can't retry your way out of a subpoena. tim-schipper.nl/en/blog/the-… #AI #ClaudeCode #AIAgents

The off-switch was never yours | Tim Schipper

Fable 5 did not crash. It was recalled. A US export directive pulled Anthropic's top model worldwide on June 12, for every customer at once, and no amount of retries or fallbacks would have saved you.

tim-schipper.nl
45
Fable down ?!? Let me guess, Trump used Claude to analyze himself and did not like the answer ? #Claude #Fable #Mythos
39
Ok, I have 3 accounts .. 2 for personal use; a Gemini AI Pro and Claude Pro and for work a Claude Max. Just ran `npx ccusage@latest daily` on both my dev boxes: Box 1: $5644.35 Box 2: $5157.91 Tic toc ... how long till the bubble goes plop ?!
1
60
Genuine question for anyone running frontier models on real work: your model flags a legitimate task as "too dangerous" and downgrades you to a weaker one. It does tell you it happened. Is a polite downgrade still a broken tool? Where's your line?
11
Claude Fable 5 flagged my security audit as "too dangerous," handed it to a weaker model, then admitted in writing that it flags safe work too. The most powerful public model ever shipped. A Ferrari with a 30mph limiter. tim-schipper.nl/en/blog/the-… #Fable #AI #AiAgents #ClaudeCode

The Ferrari has a limiter: a day with Claude Fable 5 | Tim Schipper

Anthropic shipped its most powerful public model yesterday, then flagged the exact work I needed it for and routed it to a weaker one. A day with Fable 5, the benchmarks, the bill, and the limiter...

tim-schipper.nl
33
On 10 May an LLM agent broke into a database on its own. A known CVE to full exfiltration, four pivots, under an hour. No human typed a single command. The tell wasn't skill. It was speed: 12 API calls across 11 IPs in 22 seconds.
1
31
more replies
And now you're installing one yourself. At Build 2026 Microsoft put an agent in Windows with inbox access, on by default. One that reads your email and acts on your files is the perfect prompt-injection target. The attacker just sends you an email. tim-schipper.nl/en/blog/the-…

The friction was the feature: Microsoft just handed an agent your inbox | Tim Schipper

At Build 2026 Microsoft made Windows the agent platform: OpenClaw in the OS, and Work IQ giving agents your email and calendar, on by default, GA June 16. An agent that reads your inbox and acts on...

tim-schipper.nl
1
12
Nobody's driving the attacker. Nobody's driving the agent on your own desktop either. The "frictionless, on by default" pitch quietly removed a safety feature. #AI #AIAgents #CyberSecurity
11
2023: "AI will replace developers." 2024: "AI will make developers 10x faster." 2025: "AI will write the code." 2026: Developer spends 3 hours debugging code written by 4 different AI agents arguing with each other in JSON. Nature is healing.
10
Your coding agent has no world model. You built it one. The compiler, the type checker, the test suite that goes red, the loop that feeds errors back in. That harness is a world model sitting outside the weights instead of inside them. Raw ChatGPT was a party trick. Same model wired to a toolchain is a colleague. tim-schipper.nl/en/blog/your… #AI #AIAgents #ClaudeCode

Your coding agent has no world model. You built it one. | Tim Schipper

Yann LeCun says the path to real intelligence runs through world models, not LLMs. He's probably right. And it explains exactly why your agent loop works.

tim-schipper.nl
1
24
My agent spent an afternoon fighting a bug I'd already fixed. It "remembered" the old failure and waved real ones through. Persistent memory isn't a pure win. It stores a moment, not a truth, and moments go stale. tim-schipper.nl/en/blog/stal… #AIAgents #ClaudeCode

Stale memory is worse than no memory | Tim Schipper

Persistent memory is sold as a pure win. But a memory that records a temporary fact and never expires keeps steering your agent toward problems that no longer exist.

tim-schipper.nl
1
65
Your agent writes itself a note that's true today. Next week the code changed and the note didn't. Now it's confidently wrong. How often do you actually read back what your coding agent has "remembered"? And do you prune it, or just let it pile up?
24
49 subagents in parallel. One session. An estimated $8k-15k bill. Dynamic Workflows made speed free. They didn't make judgement free. A thousand agents just generate the reviewing backlog faster than you can clear it. tim-schipper.nl/en/blog/spee… #AIAgents #ClaudeCode #LLMOps

Speed got cheap. Judgement didn't. | Tim Schipper

Claude Code can now spin up a thousand subagents from one prompt. The orchestration is genuinely good engineering. The token bill, and what it does to your reviewing, is the part nobody adds up.

tim-schipper.nl
1
1
33
GitHub Copilot costs are up 10-50x for some devs. Everyone's angry at GitHub. Wrong target. The bill isn't the surprise. The surprise is finding out what your workflow was actually worth all along. tim-schipper.nl/en/blog/the-… #GitHubCopilot #DevTools #AITooling

The meter was always going to switch on | Tim Schipper

GitHub Copilot went usage-based on June 1. Developers are angry. But the anger is pointed at the bill, not the thing that created it: two years of subsidised pricing that made an uneconomic habit...

tim-schipper.nl
1
159
Hackers took over the Obama White House Instagram this weekend by asking Meta's AI support bot to reset the password. No exploit. No breach. They didn't even need the victim's email. tim-schipper.nl/en/blog/they… #AIAgents #AppSec

They just asked the bot nicely: your support agent is the attack surface | Tim Schipper

Pro-Iran hackers seized the Obama White House and US Space Force Instagram accounts by talking Meta's AI support bot into resetting passwords. No exploit, no CVE. Just a conversation with a system...

tim-schipper.nl
196
Uber burned its entire 2026 AI budget in 4 months. Their CTO: "no link yet between AI tokenmaxxing and shipping products." Amazon built a token-usage leaderboard. Employees gamed it. Obviously. Goodhart's Law in action. tim-schipper.nl/en/blog/toke… #GoodhartsLaw #AIAdoption

Tokenmaxxing is what happens when you measure the wrong thing | Tim Schipper

Amazon built a leaderboard for who burns the most AI tokens. Employees gamed it. The bills exploded. Uber's CTO admitted there is no link yet between all that spending and actually shipping products....

tim-schipper.nl
1
1
28
Opus 4.8 beats GPT-5.5 and Gemini on SWE-bench. That's the least interesting thing about it. Real upgrade: 4x fewer unflagged flaws in its own code. A model that knows when it's guessing beats points of benchmark every time. tim-schipper.nl/en/blog/the-… #AICoding #ClaudeCode

The best number in Opus 4.8 isn't a benchmark | Tim Schipper

Opus 4.8 beats GPT-5.5 and Gemini on SWE-bench, and that's the least interesting thing about it. The number that actually changes your work is the one Anthropic buried in softer language.

tim-schipper.nl
1
58
An attacker wrote malware to rob Claude's workspace, then leaked his own GitHub token inside it. Both sides vibe-code now. Your agent is the target: your keys, your installs, your configs. tim-schipper.nl/en/blog/even… #AIAgents #AppSec

Even the malware is AI slop now | Tim Schipper

An npm package tried to rob Claude's workspace and leaked its own GitHub token doing it. The attackers are vibe-coding their malware now, and your agent is the target.

tim-schipper.nl
88
Load more