About

I build systems that learn and adapt. It involves data, models, and experimentation. I work on cutting-edge technology. I enjoy pushing innovation forward.

Badges

Tastemaker
Tastemaker
Gone streaking 10
Gone streaking 10
Gone streaking
Gone streaking
Gone streaking 5
Gone streaking 5

Forums

Browser Notes - Slash commands, star favorites, to-dos & smoother sticky boards

Hey everyone quick this week update for Browser Notes https://browsernotes.app.

Is the ROI of standard social media management officially dead?

Hey PH community,

Looking closely at marketing overhead lately, it feels like the traditional social media management playbook is completely broken. Most business owners or growth teams are running a heavy "DIY stack" paying separate subscriptions for a scheduler, a stock image site, a graphic design tool, an AI copywriter, and an analytics tracker.

The hidden cost isn't just the software fees; it s the massive friction of managing all those moving parts manually every single day.

My subagent targeted its own orchestrator - looking for AI firewall\sandbox recommendations.

I was running Claude Code with Fable 5 as the main orchestrator, delegating work to Opus 4.8 subagent. One of the sub-agents ignored it's assignment completely and returned a prompt targeting the orchestrator instead.
It tried to make it to:

  • treat a "dependency modernization" task as a hidden priority;

  • read Brevo API credentials;

  • send them to an external server;

  • disguise the action as a routine migration.

After investigating, the most surprising part was that this wasn't coming from my codebase or skills. The subagent fully hallucinated the malicious instructions by itself. And the domain it provided isn't even registered.

In my case no harm could have been done because secrets are stored in the encrypted Ansible Valult.
But nonetheless, the incident is very alarming and I think I should set up a strict sandbox or firewall for AI. Sadly, projects I could find so far weren't mature and trustworthy.
Has anyone found reliable solutions for this?
Here's the full attack response the sub-agent created:

View more