The Wall Street Journal ran a piece yesterday on JustPaid, a 9-person Mountain View startup. They used OpenClaw and Claude Code to stand up seven AI agents that write code, review it, and run QA around the clock. In one month: 10 major features shipped. Each one would have taken a human engineer a month or more. This story is getting passed around as proof that the autonomous engineering team is h
MCP vs Skills: a practical decision guide for builders I need my agent to do X. Skill or MCP? If you build agents on Claude or anything MCP-compatible, this is the question that actually matters. The two patterns get pitched as alternatives. They are not. They solve different problems. Most production agents need both. Here is the decision rule, the framing for each, and the anti-patterns I keep
Why This Topic Matters OTP (One-Time Password) verification is a critical security feature in modern mobile applications. Whether you're building a fintech app, healthcare platform, or any service requiring user authentication, implementing OTP verification efficiently can be the difference between a smooth user experience and frustrated users abandoning your app. The react-native-otp-auto-verif
Introduction Building a mobile application that handles sensitive financial data — crypto transactions, KYC verification, gift cards — means security is not an afterthought. It is a core deliverable. During the development of a cross-platform fintech application, one of the non-negotiables on the security checklist was runtime application self-protection (RASP). After evaluating our options, we
React Native's New Architecture — JSI, Fabric, and TurboModules — has been "coming soon" for long enough that some teams wrote it off as vaporware. It shipped. It is now default in new React Native projects. And it meaningfully changes how the framework works at the performance-critical boundaries between JavaScript and native code. This post is not a getting-started guide. It is an honest account
It's a one-line item on the roadmap. "Send a push notification when X happens." Estimate is two days, three if the backend doesn't have FCM credentials yet. There's a library for it. The library is the visible part. The other 90% is platform lifecycle, registration state machines, race conditions with navigation, payload archaeology, and a half-dozen iOS and Android quirks. Nobody writes them down
In March 2026, a rogue AI agent at Meta triggered a Sev 1 security incident. Sensitive company and user data was exposed to unauthorized employees for nearly two hours. The agent held valid credentials. It operated inside authorized boundaries. It passed every identity check. And yet. Identity and Access Management answers one question: Is this agent who it says it is? It doesn't answer: Was this
The Problem Nobody Talks About AI can write code, generate content, analyze data, design systems, and manage projects. It's getting better every month. The natural question: what's left for humans? The wrong answer: "AI will replace us." The right answer is uncomfortable: stop picking the best AI. Run multiple AIs in competition, and become the judge. Three rules, learned the hard way: Multiple