Claude-Code

A Hidden Comment in a GitHub Issue Almost Owned Our CI Pipeline

In February 2026, a prompt injection hidden in a GitHub issue title led to an npm supply chain compromise affecting 4,000 machines. A month before that, invisible HTML comments in issues caused Copilot to leak GITHUB_TOKEN values. My team had a near-miss of our own. Here’s the anatomy of these attacks, what the IDEsaster disclosures revealed about the entire AI IDE ecosystem, and the 4-layer defense model that actually makes a difference.

I Let AI Write Our Technical RFC. Here's What Happened

Claude drafted a technical RFC in 20 minutes. My teammates said it ‘reads like a textbook.’ Here’s what the experiment taught us about where AI fits in technical writing.

MCP Servers I Actually Use Daily (And 5 That Were Overhyped)

After running MCP servers in my daily workflow for months, here’s what’s genuinely useful versus what sounded great in a demo and quietly disappeared from my setup.

I Ran Codex and Claude Code Side by Side for a Week

Codex just hit 1M weekly active users, GPT-5.4 under the hood, Figma MCP integration. Claude Code has been my daily driver for months. I gave both the exact same tasks for a week and tracked speed, code quality, context handling, pricing, and GitHub integration. Neither won cleanly.

Every AI Coding Tool Switched to Credits. My Team's Bill Tripled.

AI coding tools quietly moved from flat subscriptions to credit-based pricing. I tracked my small team’s actual spending for a quarter and found we were paying well over $300/month per developer instead of the advertised $20. Here’s the breakdown, the traps, and how we cut costs by 40% without losing productivity.

I Tracked My Team's AI Tool Switching for 3 Months. The Productivity Loss Was Staggering.

In 3 months my team evaluated 6 AI coding tools, switched primary tools twice, and lost an estimated over 100 engineer-hours to setup, configuration, and relearning. I finally enforced a 90-day moratorium on tool changes. Here’s what I learned about the real cost of chasing the next shiny AI tool.

Claude Code Review Checklist (2026): 12 Checks Before You Approve

I use this code review checklist for tech leads to reduce false confidence and catch production-grade bugs: idempotency, timeout propagation, auth boundaries, and unsafe retries.

How I Use AI to Review Code 3x Faster (Without Missing Bugs)

A practical guide to using AI for code review — what actually works, what doesn’t, and where human judgment still matters.

Cursor vs Claude Code in 2026: Which AI Coding Tool Should You Use?

An honest comparison of Cursor and Claude Code from someone who uses both daily. When to use which, and why you probably need both.

GitHub Copilot vs Cursor vs Claude Code: Which AI Coding Tool Wins?

A hands-on comparison of the three biggest AI coding tools. Real code scenarios, real opinions, real costs.