Signal

A GitHub Issue Title Just Compromised 4,000 Developer Machines

Someone stuck a prompt injection in a GitHub issue title. Cline’s AI triage bot picked it up, executed it, stole an npm token, and pushed a malicious package that got 4,000 downloads in eight hours. If you’ve got any AI bot processing untrusted input, you’ve got this same hole.

Cursor Ships Always-On Agents for Your Codebase

Cursor launched “Automations,” which are AI agents that run on schedules or triggers. They spin up cloud sandboxes, do their thing, and verify their own output. Think security review on every push, incident response that checks logs and proposes fixes, weekly change digests. Rippling’s already using it.

Claude Code Now Has Multi-Agent PR Reviews

Anthropic built a multi-agent system that reviews GitHub PRs in parallel. It catches bugs, validates findings, and ranks by severity. The catch? $15-25 a pop. Though…that’s cheaper than a junior engineer’s hourly rate, and it doesn’t take PTO. 🤷‍♂️

Roundup

• How I Dropped Our Production Database — Engineer let Claude Code run Terraform unattended — it nuked prod, the database, and all automated backups.

• Solo Founder Running $3.2M with Zero Employees — The most interesting experiment I’ve seen from the “zero-human” trend gaining some steam. (I’ve been doing a bit of this myself with @VoidCoAI).

• OpenAI Codex Security — AppSec agent that finds real vulnerabilities, validates them in sandboxes, and proposes fixes.

• OpenAI Acquires Promptfoo — AI security platform used by 25% of Fortune 500, now folded into OpenAI for enterprise red-teaming. No offense to the Promptfoo team, but their product has almost every single vibe-designed trope possible. 😬

• shadcn/cli v4 — Adds “skills” (component presets) and dry-run mode. Explicitly built for coding agents.

• Claude Code /loop — Scheduled recurring prompts inside sessions. Turns Claude Code from “tool you invoke” into “tool that watches.”

• Glaze by Raycast — Describe an app, get a native desktop app. Not web, actual OS-integrated with file system access. Private beta now. Sending invites soon.

• LLMs Can Unmask Pseudonymous Users at Scale — LLMs can de-anonymize people from free text alone. 48% recall for Reddit users who discussed 10+ movies.

From the Shop Floor

I killed a business idea this week in 20 minutes. Thank you Claude.

I had an that depended on AI image generation hitting certain cost and speed thresholds. Instead of building a prototype and then discovering the economics don’t work (my usual pattern…sigh), I had Claude write a benchmarking script. It tested 10 different image gen models across 4 prompts, measured generation time, tracked per-image cost, and built a comparison dashboard.

The result: the fastest models produced garbage, the good models were too slow for the use case, and the cost curve didn’t leave room for margin. Project dead on arrival.

My brain is constantly running 1000 mph and my default with an idea is to just build it and see what happens. But this method of benchmarking ideas…really opened my eyes and helped satisfy my OCD-like nature of needing to build an idea to get it out of my system. The script cost maybe $2 in API calls. The business would’ve cost me weeks. 😅

Also this week…

• Migrated my AI assistant from Telegram to Discord — multiple channels per context (sysadmin, newsletter, finances). Absolutely loving the organization.

• Ran my first newsletter giveaway (two 1-hour consults) to kickstart subscribers — pulled 143 participants across X engagement + Substack signups using AI to aggregate entries and pick winners

• Experimented with a “zero-human company” concept — spun up an autonomous AI agent on its own isolated instance, watched it set goals, assign itself tasks, and post status updates. Fascinating as a technical exercise, less convinced it’s viable for actual business building.

• Built a /feature-image skill that generates branded social media images from any GitHub repo. Drop in a URL, get back a share-ready visual.

• Audited every background process on my Mac mini and found a stale feature silently burning API credits for days. Cleaned up ~$50+ in wasted spend. 😬

• Started onboarding my wife to OpenClaw. The virus is spreading.

• Rolled out abuse prevention updates to ReplySocial

Try This

Next time you’re about to ask AI for a recommendation or input, reframe it: “Explain the tradeoffs of X vs Y.” When you just ask for feedback or a simple “what do I do?” it tends to be very agreeable and affirmative of that thing. But forcing it to essentially make a pro/con list almost always gets you more nuanced and useful outputs!

First issue! Let me know what you think!

Alrighty, first issue of Every Day is a Year: in the books! Very much still figuring out format, so let me know what you think. Every bit of feedback is welcome!

It would also mean a ton if you share the newsletter! Sharing via the button below will track who signs up via your link and I’ll be offering some perks in the future for that. 🎉

Share Every Day is a Year