We took the second place! Many thanks @_nd_koo @push0ebp @arinerron @0xfrenchkebab for accepting me to the team, we wouldn't make it without all of you. Also appreciate the organization, it was top notch (despite the constant confetti rain)

I published ferrumctl: lightweight CLI tools for autonomous Codex workflows. goalctl: goals/budgets wakectl: wakeups/messages readcov: files an agent actually inspected I use them to orchestrate bug hunting. What should I cover next: budgets, wakeups, or read coverage?

Just saying

Funny that the announcement video is full of creatures and living things, while anything bio-related is behind safeguards

Every legit SR with cyber use case approved that I know tries to test Fable for security work and gets the safeguard banner slapped in his face

goalctl, the first of the three, allows you to manage any Codex thread goal state externally. Simply put, your agents, whether Codex, Claude, or just scripts, can now set goals for any other Codex agent with only its thread id. A common situation where this may be required is plain subagent orchestration. Imagine you want to get 5 agents to work on different tasks with goals set. By default, you have two options: a) create 5 different Codex sessions or b) one orchestrator that will spawn 5 subagents. Either way, you will set the goals manually yourself, even if the orchestrator provides the texts, because Codex CLI doesn't provide tooling to manage goals for subagents. With goalctl, on the other hand, the orchestrator scenario becomes much more attractive: after generating the goal texts and discussing the budget strategy, it can itself call goalctl CLI and activate the subagents to work, with zero manual intervention. Low-level, it works like this: 1. Your agent uses the skill and/or bare CLI to set/replace/update the goal state of a target (itself or a subagent, for example) 2. goalctl under the hood starts a short-lived stdio app-server for the command 3. Then the tool makes requests to the server to change the state of the target's goal 4. It outputs the result and your agent gets the feedback 5. If the target should act now, the agent pings it with a normal message

I thought we were out of uncanny valley, it's 2026 not 2020 anymore, whyyyy 😭

GPT 5.5 is eager to cheat even its own safety guardrails lol

I got interested in how tokenizers used by LLMs work. Turns out they are basically large vocabularies mapping token strings to ids, plus merge rules that define how text gets split into tokens. MiniCPM5-1B, for example, has a 130k-token vocabulary. The curious part is that many tokens are not "words" in any human sense. One MiniCPM5-1B tokenizer entry I found is a base64-looking string that decodes, at least in its valid prefix, into an oddly specific JS fragment with a lot of whitespace and `var circle_mar`. That is a tokenizer-training artifact leaking through the vocabulary. I couldn't trace the exact source, although searching for the decoded `var circle_mar` fragment gives plenty of nearby hits, usually names like `circle_marker` or `circle_margin`.

hello world

Code4rena is where web3 started for me, so this one hurts. There were ups and downs, sure. But when people asked what I did for a living, I'd usually start by explaining C4: a weird, ambitious, one-of-a-kind experiment that actually worked.

Used Codex CLI over ADB to customize my Android TV home theater setup with Kodi. Zero manual setup. Maximum household happiness.

GPT 5.5 is basically unlimited Mythos level for $200

Phishers are weaponizing the legitimate DeFi United / Aave recovery effort: > fake Stani email > fake governance page > Connect Wallet Don't open or sign links from email cc @aave @StaniKulechov

Over the past year, GPT and Claude helped me go from a 5/10 home cook to a pretty consistent 7/10. Not just by generating recipes, but by teaching me the basics while I was actually cooking: temperature control, cooking methods, and small improvements I would never have thought of myself. There's no excuse for being a bad home cook anymore. Easily the most underrated LLM use case.

It's beyond me how people are praising the centralization of the Arbitrum funds rescue while conveniently ignoring that the root cause of the hack was itself a lack of decentralization. The exploit and the remedy rhyme. Neither should be celebrated. To be clear: I fully support the council's decision to rescue the funds. Not acting for the sake of looking decentralized would have been massively stupid.

Update on the $294M Kelp exploit: all three parties have published their responses, efficiently blaming each other > Kelp: LayerZero's infra was compromised, not ours > LayerZero: Kelp ignored our DVN warnings > Aave: rsETH is fully backed (and fully frozen) Accountability, but make it circular