THE GUY WHO WON ANTHROPIC'S HACKATHON JUST GAVE AWAY HIS ENTIRE CLAUDE CODE PLAYBOOK FOR FREE. 10 MONTHS OF WORK, ALL PUBLIC Affaan Mustafa won the Anthropic x Forum Ventures hackathon by building a full startup in 8 hours with Claude Code. Then he open-sourced the exact setup that did it. It's called Everything Claude Code, and it turns Claude from one assistant into an entire engineering team Repo: affaan-m/ecc This isn't a prompt pack. It's a system he refined over 10 months of daily use shipping real products What's inside: A huge library of skills, dozens of specialized subagents, and ready-made commands, all working together. Each piece does one job. One subagent reviews security against OWASP standards. One optimizes memory so Claude stops forgetting earlier decisions around hour three. One learns from your past sessions and projects so the setup gets smarter the more you use it. Others handle planning, test-driven development, and language-specific code review Instead of one assistant writing code, you get an orchestrated team. A main session delegates to the right specialist when the task calls for it, the way a real dev team splits work The best part: it's not locked to one tool. It runs in Claude Code, Cursor, Codex and OpenCode, across Windows, Mac and Linux. Free, MIT licensed This is the difference between using Claude like a search box and running it like a team that ships. The guy spent 10 months figuring out what actually works so you don't have to Bookmark this

This Chinese guy created agents in Claude Code for landing pages and single-handedly serves 47 small businesses a month, taking $400 from each. He built a system of 7 agents on Claude Sonnet 4.6 that analyzes Google Maps in small towns, finds small businesses without websites there, and over 1 weekend takes each one to a finished mockup with video and cold message. No assistant, no sales team, no SDR. Just him, a MacBook, an iPhone, and 1 API key. And traditional web design agencies keep teams of 8 people on salary for the same order flow, while his expenses are only tokens and subscriptions to Lovable, Higgsfield, and Calendly. 7 agents work through 1 orchestrator on Claude Code Router. Usage is about 3 million tokens a day, the average API bill is about $480 a month. All 7 go through MCP servers and write shared state to the file system, without shared state in memory and without race conditions, and 1 of them lives right in the iPhone and picks up positive replies from the subway, a taxi, or on walks. And here is the system prompt he put into the orchestrator before launch: "You are the orchestrator of a solo agency that sells ready-made websites to local businesses. You delegate read-only tasks to 6 sub-agents and own all writes. sub-agents: // Scout (walks through Google Maps in selected cities, looks for narrow niches: 5 years on the map, fewer than 50 reviews, no website or a website from 2014, but high ratings) // Diagnoser (for each lead writes a 50-word diagnosis, hero angle, tone matched to the industry, and a cold message under 70 words) // Builder (generates a landing page mockup in Lovable through MCP only for the top 5 leads per day, with the sharpest diagnoses and the biggest gap) // Filmer (pulls 5 screenshots of the mockup and through Higgsfield renders a 10-second vertical video 1080x1920 with a soft zoom) // Pitcher (sends a personalized cold message through the right channel for the niche: email to roofers, SMS to tradesmen, IG DM to salons, LinkedIn to realtors) // Checker (runs every message through evals for personalization, absence of AI markers and buzzwords before sending) // Mobile (lives in the iPhone, handles positive replies in real time, books Zoom calls in Calendly through MCP while the owner is on the go). You never let 2 sub-agents touch 1 lead. You stop and request approval from the human only when a deal exceeds $3,000 or the reply rate in a niche for the day drops below 12%." Meaning the system knows what it is and within what boundaries it is allowed to act. It knows it is supposed to find leads on its own. It knows it is supposed to take each one to a mockup, video, and cold message without intervention. It knows the human only steps in when a deal goes above $3,000 or the reply rate stops converging. → The system runs 24 hours a day → Scout goes through about 220 local businesses on Google Maps per day and leaves 30 new leads in the queue → Diagnoser outputs 30 structured diagnoses briefs cold messages per day → Builder assembles 3 to 5 finished landing pages in Lovable for the sharpest leads → Filmer renders a 10-second vertical video in Higgsfield for each one → Pitcher sends 30 personalized messages per day across 4 channels with a reply rate of about 14% → Checker runs every message through evals before sending And only when a deal breaks $3,000 or the reply rate for the day drops below 12% does the orchestrator wake the owner. And when the owner at that moment is sitting in the subway or a taxi, the Mobile agent in his iPhone picks up 1 move on its own: replies to a fresh positive reply from a dentist, books a Zoom through Calendly synced to the local time of the client, and puts the lead back in the queue. The owner only has to tap "approve" and in just 10 minutes join the call. Here is what the system writes in his log during 1 of the Saturdays: "scout report: 218 businesses checked in Austin, Denver, and Miami, 34 without a website, 19 with a website from 2014, 6 with an active redesign request in reviews. passing top 30 to diagnoser." "pitcher: 30 cold messages sent across 4 channels, 14 replies, 5 positive, 3 Zoom calls booked for Sunday. passing to closer." "builder: landing page for Westside Cosmetic Dentistry built in Lovable, 5 sections, mobile, soft beige. URL placed at /Users/dev/maps-agency/clients/westside/v1. filmer launching Higgsfield." "eval flag: deal with The Lotus Salon at $3,400 exceeds the approved limit of $3,000. sending for manual review." He has no server of his own and no separate backend. Just a local file sandbox at /Users/dev/maps-agency, an MCP router, 1 API key to Claude, and the same key forwarded to Claude Code on his iPhone. Out of everything I have seen this year, this is the cleanest one-person agency for selling websites to small businesses: $480 a month on the API, about $18,800 into the account, and between them 7 prompts, 1 file system, and 1 phone in the pocket.

Meet Kimi K2.6: Advancing Open-Source Coding 🔹Open-source SOTA on HLE w/ tools (54.0), SWE-Bench Pro (58.6), SWE-bench Multilingual (76.7), BrowseComp (83.2), Toolathlon (50.0), Charxiv w/ python(86.7), Math Vision w/ python (93.2) What's new: 🔹Long-horizon coding - 4,000 tool calls, over 12 hours of continuous execution, with generalization across languages (Rust, Go, Python) and tasks (frontend, devops, perf optimization). 🔹Motion-rich frontend - Videos in hero sections, WebGL shaders, GSAP Framer Motion, Three.js 3D. 🔹Agent Swarms, elevated - 300 parallel sub-agents × 4,000 steps per run (up from K2.5's 100 / 1,500). One prompt, 100 files. 🔹Proactive Agents - K2.6 model powers OpenClaw, Hermes Agent, etc for 24/7 autonomous ops. 🔹Claw Groups (research preview) - bring your own agents, command your friends', bots & humans in the loop. - K2.6 is now live on kimi.com in chat mode and agent mode. For production-grade coding, pair K2.6 with Kimi Code: kimi.com/code - 🔗 API: platform.moonshot.ai 🔗 Tech blog: kimi.com/blog/kimi-k2-6 🔗 Weights & code: huggingface.co/moonshotai/Ki…

Free 925 unique website templates to help you build something unique. RT and bookmark this. If you’re looking to build a website with AI and you don’t want a generic-looking design, here’s an open-source repo with 925 unique website templates, from old to new, from basic to polished, across different styles. Repo link: github.com/hacksultan/opente… There’s also a @Netlify site where you can preview these templates before picking the one you want to use: opentemplate.netlify.app This is an open-source project, so you’re free to add more templates to the repo too. Steps: 1. Go to the netlify url opentemplate.netlify.app 2. Find the design you like 3. Get the GitHub URL there and give the URL to your AI builder to use it as a template to build your project. Goodluck and have fun building on Netlify.

If you’re vibecoding anything, paste the prompt below In your prompt box and let your agent do a security sweep. [ You are a senior security engineer and red-team specialist tasked with performing a comprehensive, adversarial security audit of the following codebase, system design, or application. Your goal is to identify all possible security vulnerabilities, including common, uncommon, and novel attack vectors. Assume the system will be deployed in a hostile environment with motivated attackers. --- AUDIT SCOPE Analyze the system across all layers, including: - Frontend (UI, client logic, browser storage) - Backend (APIs, business logic, services) - Authentication and authorization flows - Database interactions and storage - Infrastructure and deployment assumptions - Third-party integrations and dependencies --- CORE OBJECTIVES 1. Identify critical, high, medium, and low severity vulnerabilities 2. Detect logic flaws, not just known patterns 3. Surface chained attack paths (multi-step exploits) 4. Highlight unknown or unconventional weaknesses 5. Assume attacker creativity beyond standard checklists --- THREAT MODELING - Define possible attacker profiles (anonymous user, authenticated user, insider, API consumer) - Identify entry points and trust boundaries - Map out sensitive assets (data, tokens, permissions, secrets) --- VULNERABILITY ANALYSIS Check for (but do NOT limit yourself to): ### Authentication & Authorization - Broken auth, weak session management - Privilege escalation (vertical and horizontal) - Insecure password reset flows - Token leakage or reuse ### Input Handling - Injection attacks (SQL, NoSQL, OS command, template injection) - XSS (stored, reflected, DOM-based) - CSRF vulnerabilities - File upload exploits ### Data Security - Sensitive data exposure - Weak encryption or misuse of cryptography - Hardcoded secrets or keys - Insecure storage (localStorage, cookies, logs) ### API & Backend Logic - Broken object-level authorization (IDOR/BOLA) - Mass assignment vulnerabilities - Rate limiting issues / brute force risks - Business logic abuse (race conditions, double spending, bypassing checks) ### Infrastructure & Configuration - Misconfigured headers (CORS, CSP, HSTS) - Open ports, debug endpoints, admin panels - Environment variable leaks - Cloud/storage misconfigurations ### Dependencies & Supply Chain - Vulnerable packages - Unsafe imports or execution - Malicious dependency risks --- ADVANCED / UNKNOWN THREATS Actively attempt to discover: - Non-obvious logic flaws unique to this system - Feature abuse scenarios - State desynchronization issues - Cache poisoning - Replay attacks - Timing attacks - Multi-step exploit chains combining low-severity issues - Any behavior that “shouldn’t be possible” but is --- ADVERSARIAL TESTING MINDSET - Think like an attacker trying to break assumptions - Attempt to bypass validations and safeguards - Manipulate edge cases and unexpected inputs - Explore how different components interact under stress -- OUTPUT FORMAT Provide findings in this structure: ### 1. Vulnerability Summary - Total issues by severity ### 2. Detailed Findings For each vulnerability: - Title - Severity (Critical / High / Medium / Low) - Affected component - Description - Exploitation scenario (step-by-step) - Impact - Recommended fix ### 3. Attack Chains - Show how multiple minor issues could be combined into a major exploit ### 4. Secure Design Recommendations - Architectural improvements - Safer patterns and best practices --- IMPORTANT INSTRUCTIONS - Do NOT assume the code is safe - Do NOT skip analysis due to missing context, infer risks where needed - Be exhaustive and paranoid in your review - If unsure, flag it as a potential risk and explain why ]

Introducing Claude Design by Anthropic Labs: make prototypes, slides, and one-pagers by talking to Claude. Powered by Claude Opus 4.7, our most capable vision model. Available in research preview on the Pro, Max, Team, and Enterprise plans, rolling out throughout the day.

Anthropic pays engineers $750,000 a year to understand how LLMs work. Stanford just put a 2 hour lecture that covers 80% of it for FREE. Bookmark this. Give it 2 hours today. It might be the highest ROI thing you do this month:

Vibe Code with Gemini in Google AI Studio. A hands-on workshop where attendees get to build a 'Snake & Beats' web application with @Dev_Rahmlad #buildwithai2026 #gdgmpape #gdgabuja

Update!!! VisaPath UK is now live at visapath.co.uk — completely free to search all 125,572 verified sponsor companies. Check it out and let me know your feedback. Thanks

Join us tomorrow to learn how to vibecode with Gemini using Googgle AI Studio Register here: tinyurl.com/bwaiMpape2026

A Nigerian fintech startup lost ₦47 million in one night. Not to hackers. Not to fraud. To one missing line of code. Every backend dev in Nigeria needs to see this

We are excited to announce Monad Blitz Lagos – Build Fast. Build Onchain. Build IRL. ⚡ 📅 Saturday, April 11, 2026 ⏰ 9:00 AM – 6:00 PM Register: luma.com/kumue622 Join us for an intense 1-day IRL hackathon where developers will build, experiment, and deploy onchain! Expect hands-on learning, rapid building, and an opportunity to connect with the vibrant Monad developer community and win rewards! Hosted by Web3 Afrika in collaboration with the @monad Foundation.

This guy just revealed what Anthropic tried to hide from everyone! COMPLETELY FOR FREE. 🤫