The Wall Street Journal ran a piece yesterday on JustPaid, a 9-person Mountain View startup. They used OpenClaw and Claude Code to stand up seven AI agents that write code, review it, and run QA around the clock. In one month: 10 major features shipped. Each one would have taken a human engineer a month or more. This story is getting passed around as proof that the autonomous engineering team is h
MCP vs Skills: a practical decision guide for builders I need my agent to do X. Skill or MCP? If you build agents on Claude or anything MCP-compatible, this is the question that actually matters. The two patterns get pitched as alternatives. They are not. They solve different problems. Most production agents need both. Here is the decision rule, the framing for each, and the anti-patterns I keep
We're all learning how to ship more side projects. If you're "in the bubble" it can feel like everyone is repo-maxxing. Shipping weekly. Spinning up agents to scaffold full apps overnight. New OSS dropped every Friday. The reality I see with most developers is much more normal: They have six or seven repos sitting in various states of half-attention. A side project from last year that still gets a
Hey dev.to community! I just launched CodeLens AI — an AI-powered code review tool that automatically reviews every pull request. Connect your GitHub repo Open a PR AI automatically reviews the code Detailed review comment posted on PR Bugs and logic errors SQL injection and security vulnerabilities Performance issues Code quality improvements Next.js + TypeScript NextAuth + GitHub OAuth Supabase
Why We Open-Sourced Our AI Safety Layer When we built the AI safety layer for As You Wish (AYW), we faced a choice: keep it proprietary or open-source it to help the community. Here's why we chose the latter (and why it made our platform stronger). If you're building AI-assisted development tools, you need: Input validation (sanitizing prompts, preventing injection) Output filtering (catching u
If you want to Automate GitHub PRs, the real goal is not just adding another bot comment to a pull request. The goal is to give reviewers the context they usually have to gather manually: who owns the service, whether it is deployed, whether basic repository standards are in place, and whether the change looks safe to merge. A useful AI pull request workflow can do exactly that. When a PR opens, i
How I Used GitHub Actions to Auto-Publish to AMO on Every Release Manually uploading extension files to AMO (Mozilla's Add-On Observatory) is tedious. After the fifth time forgetting to increment the version number, I automated it with GitHub Actions. Here's exactly how I set up the pipeline for the Weather & Clock Dashboard extension. Trigger on new GitHub release Validate the manifest version
In March 2026, a rogue AI agent at Meta triggered a Sev 1 security incident. Sensitive company and user data was exposed to unauthorized employees for nearly two hours. The agent held valid credentials. It operated inside authorized boundaries. It passed every identity check. And yet. Identity and Access Management answers one question: Is this agent who it says it is? It doesn't answer: Was this