Blogs

For about a year, I avoided giving agents real permissions. Not because I doubted their utility, but because I didn’t trust the blast radius. If an agent can’t do anything meaningful, it’s a toy. If it can do everything, it’s a liability. The useful zone is the uncomfortable middle: enough capability to do real work, inside an environment that is aggressively constrained. OpenClaw is what finally got me across that line. If you haven’t used it, think of it as one operational surface for agent CLI execution, browser control, scheduled jobs, and chat-based control loops. Its bet is CLIs over MCP servers. Agents handle text-based back-and-forth well, and the context cost is way lower than JSON tool schemas. ...

Slack’s API returned 200 OK but silently dropped my Work Objects. Two gotchas cost me hours: wrong metadata structure and a missing alt_text field. Here’s the debugging story and the channel-specific embedded resources pattern that emerged.

It was 11pm on a Friday. Deploy failed. Missing environment variable. After twenty minutes of debugging, I found it: I’d added a secret to CI but forgot to add it to the server. Two-minute fix, twenty-minute hunt. I’d been burned enough times to finally fix this properly. The Core Insight One source of truth for production secrets. 1Password holds the secrets. Kamal fetches them. GitHub Actions triggers the deploy. No scattered env files on servers, no secrets in CI config. ...

While updating my Rails devcontainer to use the latest Ruby 3.4 image, I hit two cryptic build failures on Debian Trixie. If you’re running into similar DevContainer build errors, these fixes will save you some debugging time. The Errors Error 1: APT Hash Sum Mismatch E: Failed to fetch .../libdav1d7_1.5.1-1_arm64.deb Hash Sum mismatch E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing? Error 2: Moby Package Not Found (!) The 'moby' option is not supported on Debian 'trixie' because 'moby-cli' and related system packages have been removed from that distribution. The Fixes Fix 1: Reorder APT Commands in Dockerfile Before (broken): ...

Manual tests aren’t about who executes them. Using Playwright MCP with Claude Code, I let my coding agent run verification scripts and catch its own regressions during code review.

OpenAI’s ChatKit has a Python SDK. I’m using Rails. Here’s how I bridged MCP tool results to ChatKit widgets, with architecture decisions, extraction logic, and lessons from letting AI agents write most of the code.

Some of my AI coding sessions produce great work. Others produce garbage. The difference isn’t the model. It’s not the tool. It’s what I give the agent before it starts. You might have heard this called context engineering. It’s an umbrella term with many interpretations. Here’s what it means to me. How my prompts evolved When I started using coding agents with Cursor, I’d prompt like this: “Implement the OpenAI Responses API.” ...

The difference between AI-assisted and AI-native isn’t about features. It’s about how control flows between user and agent through three phases: conversation, drafting, and polish.

I wanted MCP auth to feel invisible. The dream was simple. User opens the app, starts chatting with the LLM. At some point they ask for something that needs an external tool. “What’s on my calendar this week?” The LLM realizes it needs Google Calendar access, prompts the user for permission right there, they approve, and the tool runs. Contextual. Just-in-time. No setup screens. This is how permissions should work. Ask for what you need, when you need it, and not a moment before. ...

I’ve been calling it the bingo machine. You sit there watching the AI coding agent work. It stops. Asks permission. You hit allow. It stops again. Allow. Allow. Allow. You’re just pulling the lever waiting for the dopamine hit: the moment it finally says “done” and you can ship. Then you actually test it. And it’s not done. Not even close. Twelve months in I spent the last year fully immersed in AI coding tools. Not casually—daily. I rotate through all of them, keeping only a monthly subscription at a time so I can switch to whatever’s state of the art. Cursor. Claude Code. Codex. Back to Claude. ...