Still have to validate it.

I’ve started to see bug bounty programs put flags into the product (see apples target flags https://security.apple.com/bounty/target-flags/).

I wonder if it’s partially to make it easier to validate from an AI perspective

> You could discover this with some other coding agent harness.

And surely that would be relevant if they were using a different harness.

You mean this?

https://support.claude.com/en/articles/14063676-claude-march...

No, I think they mean:

- https://www.reddit.com/r/ClaudeAI/comments/1s7mkn3/psa_claud...

- https://www.reddit.com/r/ClaudeAI/comments/1s7zgj0/comment/o...

I have heavy usage on two accounts with option c and didn't get an email

> And I assume that Sam Altman won't allow his children to use AI chatbots.

I doubt that, but the others seem reasonable

Everyone has access to the same models. Even the best internal builds are only a month away from public access.

The ones a year from now from all companies will likely be better than the best today.

It doesn't matter that much. Trust me you could just have an LLM reverse engineer the obfuscated code.

The point is that a "secure coding platform" leaked something they were trying to keep under wraps, whether the contents of the leak matter or not.

Also, as many others have pointed out, there is roadmap info in here that wouldn't be available in the production build.

> The point is that a "secure coding platform" leaked something they were trying to keep under wraps, whether the contents of the leak matter or not

Sure, but that's completely different from what they were responding to to, which was someone insinuating the Claude Code CLI has secret sauce that makes it better than the competition.

Fair, I was just seeing so much of this and randomly responded to yours.

No reasonable person actually thinks that Claude Code cannot make mistakes. So if your point is that this is going to change anybody's opinion about it then I think that's pretty silly.

Also who really cares about the roadmap? Any feature they release can be easily copied quickly. The only moat they have at the moment is in giving access to their models via a subscription.

> No reasonable person actually thinks that Claude Code cannot make mistakes.

This was insanely rookie mistake that could have been caught if anyone was paying attention as opposed to "vibing."

As a Claude Code user why should I care?

yeah it actually works to use claude to reverse engineer itself; I've used that to workaround some problems. E.g. that's how I discovered that I had to put two slashes for absolute paths in sandbox config. The thing is, the claude team is so quick that soon enough they add more and more features and fix more and more bugs that your workarounds become obsolete

> they add more and more features and fix more and more bugs

My experience has been that they add far more bugs in every release than they fix

timeoutMs is shorter ;)

You guys can't appreciate a bad joke

Megaseconds are about the right timescale anyway

What megaseconds? They clearly meant the Microsoft-defined timeout.

Well megaseconds has the nice property that it's about about equal to a Scaramucci so it can be used across domains.

timoutμs is even better. People will learn how to type great symbols.

They wouldn't have to, if the file format accepted floats in proper exponential format.

Yes timout indeed!

It helps a ton but it doesn't last forever and you still have to pay to write to the cache

Not sure why you were downvoted because this is actually correct. Can also use --model opus

Even more than that in practice once you factor in prompt caching

I think we still skew back to an insanely high input token ratio when you consider agentic loops. For example, when I see the tools I use do a web fetch or a search or other tool use, it's an incredibly high number of new input tokens.