#40 Claude Code Hacked, More Figma Fees, Background Agents, Anthropic Distillation Attacks

Okay, I am live. I will allow people to trickle in while I sip my g decaf coffee. As you can see, it's just me today. Um, happy birthday, Kabaza, wherever you are in the world. Uh he let me know earlier this week that he won't be joining and well he said he might join so we never know. Um but hey ho that's how it goes. So I'm going to hold down the fort. I'm going to need you guys to interact with me to make this somewhat of a an enjoyable experience uh for everyone. But, uh, other than that, we've got like plenty to get through today, and it'll be interesting to get yours guys opinions on me doing this on my own. I'll let you all trickle in. Say hello when you're uh when you've uh connected. And this is the second week [snorts] that this show has been, I would say, 95% produced by Open Claw. And to give you a bit of insight, I've basically set up a [snorts] um cron job that three times a day goes to a set of resources like hacker news and things like that and presents to me via text obviously because that's how you mostly interact with it. Um three options that it's found that it it thinks we might want to cover for today's show. And then I respond and say one, two and one, two and three, whatever. And it then adds them to a notion board that I have set up in the background. And I get it to, you know, align like format it in a way that Kabaza and I like as we go through the notes. We have like a header, we have like an intro, so I get to write a little intro, talking points, and then like a link. And um yeah, I'm just saying yes and no. Sometimes I'll find something where it's like um I will find the link and send it and say add this to today's show, but mostly that's why I said 95% but mostly it's been produced by OpenClaw. So let me know what you're doing with your open claws because I think everyone wants some of these ideas. Like there's plenty of people saying they're making like 10k [snorts] a month, 100k a month, millionk a month SAS startups with their open claw, but for me personally, I use it for admin and I'm trying to um rather than because I think AI is too tempting to kind of add more to your plate. Oh, I coded this in like half an hour when normally it would have taken me two weeks. What can I do now? It's very easy to keep adding and adding and adding whereas I'm trying to like solidify what's what's working right now like what is hindering me right now um and add processes there and then we'll look to add more on top of it. I was very very temp what was I going to do? I was very tempted to add like a new service that to offer, you know, um because I have a company um like a new service to offer. And I was like, "No, no, no, no. Let's let's keep a lid on things. Let's not go too crazy. Let's let's battle down the hatches right now and make what's working work well now and then add things." So, let me know what you're doing with your open claws. Let me know how you're using AI as well because I think we're all as I say we're all looking for like new um and interesting ways to use it. But I think today we mentioned it last week. I think today we spoke about last week we spoke about uh background agents or uh remote agent orchestration. And we've got like tons to talk about today about remote orchestration. That probably will send me on [laughter] on a rant um on background agents because I'm I think the we'll talk about the prospects uh the opportunities, how to get started with them. We we'll we'll discuss that in today's show, but um yeah, still plenty more to get through. So yeah, I'm pretty um I'm pretty interested to see how it go. Let us know where you're where you're at in the world. Let us know. Give us a like wherever you are because it's not working on um [snorts] it's not working on apparently I have nine people on Twitter even though I get warnings about Twitter. So thank you guys for tuning in on Twitter. Uh we do have a YouTube most of the stuff that you're watching right now goes on our YouTube which you can well we've got a domain name now it's commandaiishow.com cmdai commandai show.com which that link where is it there should take you through um to the to the YouTube and then we we'll add a website when we get around to it. I just needed to buy a domain name for a sponsor that I had coming in. Um, I should have brought a water up. I'm going to get a water. Stay here. Stay here. [clears throat] And Kabaza will appreciate this. Or you Europeans, if you're from Europe, you'll appreciate this. For some reason, these bottles don't. In Europe, our bottles are connected to the to the sort of second, you know, uh layer there. For some reason, these bottles I bought don't have it. And oh my god, like there's something about like it's so nice to just be able to open a friaking bottle without it kind of like attached and all this crap. That is just it's it's a dream and we need to go back to that now. I just open it and immediately just rip it off because it's a nightmare. Oops. Let us know how your days are as well. We'll kick it off in a bit. I'll let people trickle in um over the next five minutes. And um but in the meantime, let us know where you're at. And uh if you're on YouTube, give it a like. [snorts] Let us know what you're building. I will I think we spoke about it last week, but last week I was using codeex and I was running like three agents all in one and like had like a master agent. But today actually we won't go over it. If you I have my own channel which again one of those sides on YouTube. Um I played around briefly with agent uh agent teams or as codeex call them ajax agent swarms and they're so freaking good. They chew through your credits like anything. So if you're using the codeex app, they give you double credits until like next week. Like play around with agent swarms on codeex and to build your next feature. Even if it's like small just for now because it's a bit overkill for small features, but just see how it works. Get an agent swarm going on and then get better at kind of like co we we'll talk about well then we won't, but um yeah, check out the agent swarm feature as well. Cool. But I'll be releasing a video about that on my own channel. Today I released a video about the new um memory feature as well. Try to get an early one out from that on my own channel. Um check everything's going. I'm going to upload a thumbnail to this video to this stream so it looks a bit better. And and you'll notice maybe not so great for you guys, but it means you get this content for free is we are monetized now. And I want to do a video because man, like we we've been going less than a year and we got monetized in less than a year. And I think I think less than eight months, eight, nine months it took us to get monetized. Means we get a little bit of a kickback for doing these streams. Um because we're pumping out content every single week. Like once we do these shows, if you'll follow us on YouTube, we then release the clips. So if people want to discover us or just tune into certain things, they missed out on the stream for whatever reason, then they can watch the clips. All of that just, you know, um it takes so much work. So much work. And so it's great to have just a little bit of a kickback. I turned the monetization off for the stream because I really appreciate you guys being here. Uh, but we'll have monetization turned on for all the clips as well. So, if you're watching now, uh, enjoy enjoy the ad free experience. But yeah, that was a milestone. We'll probably Yeah, we'll probably make a video on how we kind of did it, which will be no surprise to anyone. There's no magic formula to any of this. Nothing comes easy. Yeah, let us know where you're at. I think we're good to go in just a second. The last few trickle in. And then yeah, one last thing before I uh before we kick it off as well. I I've traditionally I've kind of disregarded Claude as a general chat bot. Uh I always draw pe like throw people in chat GPT's direction just because that's kind of they've made their bed in this generic general purpose AI thing even though Gemini have sort of you know made a lot of headway there. But I've been using Gem um Claude for a lot of granted still more business like questions like I don't tend to talk to it about like I don't ask it questions I use perplexity for like general questions and and whatever saying that probably should use cord a little bit more but I've been using it for more kind of like planning and business focused tasks and questions and things like that that yeah I I've really enjoyed the experience I I think I again I disregarded the personality aspect of claw which is why I wasn't fussed on having it on my claw open claw. However, I will say I've been enjoying it. I've been enjoying like just briefly using claws so much. Excuse the black and white screen, but so much that it's now in my dock on my iPhone. Right, we'll kick it off. We'll kick it off here. Thanks everyone for joining. Um, I think today's going to be a good one. Shame Kabaza can't be here, but it is his birthday. Say say happy birthday, Kabaza, wherever you may be. But yeah, let's uh let's get it going on. So, this week, Andre P Andre Kapathy tweeted something. Uh, Anthropic C got caught with their pants down trying to mug off China. Figma are going to be introducing fees. We get into that. And background agents, loads of them. Um, and also claw code got hacked. I don't think anyone's talked about that. So, we're going to go through all that in today's episode. This is Command AI. I am Sam and this is a week in AI design and dev. So, let's jump into Kapathy saying stuff. Now I've I've lost it here now. So I'll get it back up. Um because everyone loves it when Kapathy says stuff, don't it? So people people love it when Andro Andre Kapathy says stuff. Um, last week he tweeted about buying a Mac Mini to tinker with claws, calling them a new layer on top of LLMs. So, here's what he said. Um, bought a new Mac Mini to properly tinker with claws over the weekend. the Apple store person did told me they they're selling like hot cakes and everyone is confused which I I I have been thinking about that quite a lot recently just because like stuff might just happen in an industry that you have no idea about and it's just what what's caused this because yeah like I bet they I bet half of them don't even know about what openclaw is or anything like that. Um, [snorts] I'm definitely a bit sus to run open claw specifically. Giving private data keys to 400k lines of vibecoded monster that's actively being attacked at scale is not very appealing at all. It's so true. It's still an open- source piece of kit and you are giving it, you know, a lot and you are you are trusting in it. like there's a lot of hate that's going on online about um you know open claw going to get hacked and this and that but we sort of know this and I think you know certain API keys you give it um obviously being picky with what API keys you give it um locking down kind of like billing uh if it's a AI API key having like a billing notification or something but but it's interesting to note that he is playing with it he's playing with these um with these things. So if if there's anyone who should be uh you know leading the charge when it comes to doing all this sort of stuff, Andre Ka Kapathy, which by the way, if you didn't know, kind of started OpenAI and was like a chief CTO of like Tesla and stuff. He's playing with uh Oh, sorry guys. I'm doing this on my own here. Um so this is the tweet we just went through. who bought a new Mac Mini to probably tinker around with claws over the weekend. The Apple store told me they are selling like hot cakes and everyone is confused. So yeah, as I was saying like they uh they it is a risk but if Andre Kapathi is doing it then you know [snorts] um he's also mentioned here like nanobot zero core iron core pico core all of these smaller versions but there was a nice comment left on one of my videos where someone said there's just there's barely any difference. I don't know what the benefit is to actually just having a smaller like version maybe. Um I [clears throat] don't know. Uh but either way and he finishes here. Not 100% sure what my setup ends up look looking like yet, but claws again that term are an awesome and exciting new layer of the AI stack. So he's basically saying claws are these things that wrap the LLM and and kind of take action on it. What did he say? He says something like um claws are now the new layer on top of LLM's taking on the orchestration, the scheduling, the context, the tool calls and kind of persistence to a next level. So [snorts] that's what Andro Kapathy said. Top viewers streamboo.com. Don't know what that is. Sounds like an ad. Sorry, we're we're streaming over on Twitch as well. And someone's trying to leverage our viewership over on Twitch. So, [sighs] Anthropic, Anthropic discovered Deep Seek, Moonshot, and Miniax used 24,000 fake accounts to extract 16 million clawed conversations for model distillation. Let's take a look at that. Um, so here's the tweet. Wow, we're loving tweets today, aren't we? We've identified industrial scale distillation attacks on our models by Deep Seek Moonshot AI and Miniax. These labs created over 24,000 forgent accounts generated 60 million exchangeable claiming capabilities to train and improve their own models. This is exactly what distillation does and anthrop go on to say distillation can be legitimate. AI labs use it to create smaller and cheaper models for their customers. But foreign labs that illicitly distill American models can remove safeguards feeding model capabilities in their own military intelligence and surveillance systems. We'll get into that. These attacks are growing in intensity and sophistication. Addressing them will require rapid coordination and action amongst industry players. The the internet did not respond so well to this. Um there's a lot of I mean the community notes basically outlining that anthropic uh are set settled a $ 1.5 billion dollar lawsuit for pirating 7 million books for from shadow libraries to train claude faces three billion lawsuit for torrenting 20,000 songs they built their models on stolen creative work then complain when other others extract their outputs and you can go on it you're trying to kidnap something that's rightfully stolen Um, the internet let loose really on this idea. Now, never ask a woman aid, a man salary and a company where they got their training data. So good. Oh, Kabaza has decided to join us. Happy birthday, Kabaza, if you're uh, everyone say happy birthday, Kabaza. Give us a like, Kabaza, you're watching on YouTube. I see you there. Um, so yeah, people did not respond well to this. I will say like it's not quite the same. Like they're not it's not ste like I'm an educator. Kabaza is an educator. Like you in your everyday life are an educator, right? You learn something, right? And you interpret that information and you forward it on to someone else. Like you didn't discover the the entirety of the cosmos. You don't you don't know what's happening on a kind of I'm going down the science route right now, but you don't know what this you you weren't the one that did these experiments. You learn and you forward that information. You interpret. I make videos. So, I um release it in a way that makes sense for people that makes sense for me to learn this information v viewing. So, there's a transformation layer on top of this. So, it's not quite the same as they're not it's not talking about stealing in that sense, but it's still [ __ ] hilarious that uh the internet responded this way. Um, [snorts] what was the other thing I was going to mention? Oh, so if we take a look at the original article here, they kind of go through why distillation matters, and it does matter. It's a way of like, you know, yeah, getting smaller, cheaper, lighter models. um through masses of training data only keeping what's essential. Um and if we go through some of the actual attacks here, so Deep Seek, they discovered over 150,000 exchanges. Now, I watched uh Theo's video here, who and he he rightfully has a has a voice in this for once. He he literally has a voice in this. and he owns T3 chat as you might know and he uh shared some of his stats some of the things that uh some of the figures that people are that's happening right and he said that 150,000 exchanges is like a daily thing on him on his platform and in fact to be more specific I think it's more that um the definition of exchanges that he he speaks about. I'm not quite sure where to um find that to be honest. But the point is an exchange is actually Oh, the actual number is kind of uh is is his numbers. Sorry, that he showed you that what was more than 150 were a lie because actually tool calls are also exchanged with. So if you get all of that data, it's so much more than 150,000. And as you can already see there, um reasoning capabilities, uh across a diverse task, rubric, um rubric based grading tasks that make Claude functions as reward model, creating censorship, uh safe alternative to policy sensitive queries. Moonshot over 3.4 million. This is this is more this is starting to get a little bit more um suspicious. Um operation targets agentic reasoning and tool use coding data analysis computer use computer vision and uh moonshot Kimmy models employed hundreds of fraudulent accounts spanning multiple pathways varied account types. Now, I saw a comment here saying, you know, what does this say about your your privacy that you um that you'd speak about that is there such thing as privacy if you're able to track because I I think they mentioned the metadata here. We attributed the campaign through request metadata, you know, where where's the line there of like privacy versus like what is just, you know, is it is it general location? What is this? Is it is it the email that was used? Not too sure. But yeah, someone questioned the the the legitimacy of privacy when it comes to this. And then Minia scaling uh uh over 30 million exchanges, operation targeted, agentic coding and tool use and orchestration. And I have to say the miniax one is slightly more believable. Uh I add my suspicions. I made a video on my own channel. I had my suspicions about the similarities in performance between Miniax and Haiku. Um, and also that it's been tuned to clawed code. It it seems like it's it's it's heavily uh directed towards clawed code. And then when the target the operation targeted uh features are tool use and orchestration and agentic coding, you have to wonder. But I don't know. I'm I'm just a guy with a camera, right? I I have no idea. But this one's slightly more believable. That all being said, again, Theo shared his numbers with us on on his um on his on his channel. If you can get a model from these sorts of numbers, if Miniax can get a model with 30 million exchanges, then we're doing something catastrophically wrong with training because this really is not all that much. I think again Theo shared numbers that came similar to this. I think you know that was the the the lie was 150,000. it was more in the realm of 3 to 4 million exchanges something like that. But if you can if you can distill a model with this level, you know, um these numbers are more akin to something that is um benchmarking which anyone's kind of allowed to do. You you benchmark against other models to make sure that you're you know that your model is good, right? Uh I just watched a video earlier on about PewDiePie who's trained his own model and he's benchmarking them against Chad GBT and all and Gemini and these things. So it's these are the sorts of numbers we're talking there. So yeah, why Anthropica are doing this? I don't know. I don't doubt to be honest that this happened personally like just because the numbers don't line up doesn't mean to say that they aren't training on their you know uh using their model to train but it could just be one of many as a start and realistically and this is an interesting um way to go about it and they haven't really mentioned it in this article too much. Let's do uh military. Okay, here we go. Foreign labs distill America models that can feed these unprotected capabilities into military intelligence. And this is true, but I I feel like this is more of a a a sk a fear tactic to try and get people to like be like, oh, this is actually a bad thing because ultimately going back to the tweets, people being upset that you know that Anthropic is stealing, like people just don't care. like why should we care and it all comes down to this military training and and this and that saying all that what they're going to do about it detection they built some um things and actually just on that note as well they noticed as because uh Minia got released just shortly after Opus 4.6 six and they noticed once Opus got released they noticed a complete shift in the attacks happening like from that same sort of data sources and stuff like that. So again I think I don't I think it is happening but do does can that sort of can those sorts of numbers create a new model? I don't know. Uh, Kabaza, if you're still there, by the way, it would have been interesting to talk to you about some of the comments we've got on the Figma MCP because we're going to go over that in just a sec. Um, intelligent sharing. So, obviously they're going to be sharing this with OpenAI and all the rest of it and and cloud providers as well, uh, Vertex, um, whatever Amazon's one is, access controls. So, they, you know, they have their right to do this. They don't want their model getting used. Uh, no. He's he's well, you can see his chat there. I don't know where you are, Leo, but um it's his birthday. So, wish him a happy birthday and like the video. [laughter] [gasps] Give it a like. But yeah, no company can solve this alone. So, you know, the jury is out when it comes to um what this means. How terrible is it? Do we even care? Are they lying? But it is something that uh that Anthropic have been crying about and we're here for it. So that's that. [snorts] Let's do the comments. So the comments section is where we take a look at what you guys have had to say on some of our videos um and discuss them. And this week is Figma MCP. Um, if you didn't know, Figma uh released an update, and that's very, very crucial. Figma released an update to their MCP, which allowed you to take the code, so a coded website, and dump it in a Figma file. And we get comments like, let's make this bigger for you guys. Uh, it feels like there's an elephant in the room where everyone is fighting for their job already. your vid is a way of saying don't fire devs, fire designers. We can do design now as well as uh prompt coding. And I responded to this one, no, I don't think that's the way to look at it. Devs are not interested like this this update. Devs are not interested in this workflow of taking code into Figma. In fact, there's been a bunch of people who are like, why do we care? Like why like, you know, um we don't we don't need this. we don't you we're not going to use this and stuff like that. We'll get into it. But I think the the bigger thing is is actually I think this is empowering designers because what was once, you know, um I don't I can't speak for Banana Man 17 here, but guys, there must be projects you've encountered where someone has developed the website first. They've used um Shad CN. They've built a prototype. They've got something working. It's a way of getting that prototype and putting it in to the design to Figma and then coding it up. Uh sorry, designing it up and then bringing it back in in there, right? Um, and like this is something that's going to happen more and more, especially because I'm sorry guys, designers, uh, it's more beneficial that a a company has a working prototype that actually works and does it and shows you're going to do it from a business perspective. Like, so they know what um, what the thing's going to do. and also can you build it? That's one of the biggest uh you know pauses a a company will have is they they worry that you're not gonna be able to do it. Funnily enough, I lost a project recently because they didn't think we could design it because we didn't provide them relevant design experience. So it it kind of works both ways. But um yeah, so saying that it's uh it's it's a workflow that's changing and um products that focus on usable prototypes are now just easier to get up using AI and stuff like that. So I don't I think I don't think it's saying fire designers at all. And with the two-way thing, in fact, let me just scroll down to one of the other comments. Uh someone says no designer will use this because they have to rebuild everything anyway. No components, no variables, no design system. And then this guy um it's low Kane 42412 as a senior designer product engineer with 10 years in the industry doing seven years uh seven figures a year. I'm telling you this is extremely useful. This is someone who's actually doing the industry and I and I said um I said thank you for this. Hate when people speak for others. That's just my pet peeve. this m this MCP is a godsend to that many in the actual industry doing actual work because building a prototype is great um is useful for people so to be able to take that in so [clears throat] um someone said something somewhere um basically and I'm seeing comments on other videos as well so let's let's uh let's discuss that is that people are this is an update this is Now taking the code and putting it into design. What would what got released and I got a video on this. What got released about four five months ago? Um yeah say I'm seeing this becoming more uh automatic and seamless. Like four or five months ago I don't know Figma released this this MCP. It was this wasn't a new tool that they released. It's just a sorry the word tool is is difficult when you're talking about AI. This isn't a new MCP that they released. It's actually a new tool a tool call in the MCP. The original one was taking a design and putting it into dev and I just don't think people knew that. So the primary focus actually was I think someone actually was it on our video um something like uh maybe it was that first one actually something like Figma choosing devs over design something like that um PM uh what's the video about what video are you talking about buddy are you talking about this one that we're talking about I don't know when you join because I said at the beginning so uh Figma released an update to the MCP P for taking code and putting it into the the tint to Figma. But some yeah, someone was like, oh, you know, Figma choosing devs over design. It's like, no, actually the first implementation of this MCP was taking a design and putting it into and dev. Now they've just added that extra tool call to say take from code and put it into design. So, you know, again, I I I just don't think they knew that that that was a thing that it was already doing. So, I think there's a huge misunderstanding here and and and it's landed badly on people. I mean, nine times out of 10, especially when it comes to design, I think designers have uh are quite fearful of of AI. They're quick to reject it. Not all, of course. You know, plenty of us, I mean, Kabaza is here. He he loves AI and stuff like that. So, there's always going to be this knee-jerk reaction of just like this is rubbish. This won't work. This is this is crap. Uh, so there is that, but actually there there's a lot that's going on here. The other one is is this new uh putting down your preconceptions. Um, I'm I'm looking for it here. Someone's saying that um you Well, I guess it's this one. Maybe you have to rebuild everything anyway. No. like like and again I say this in my video on my channel like you if you're you have to pick your battles. So if if you need to like see the working prototype it's you're not reinventing the wheel because let's be honest guys when you're doing UX you're doing UI you're reusing established patterns anyway. You're just rehashing things that you already know work. like how many times are you realistically reinventing the wheel when it comes to um your design or your UX? With those types of jobs, AI is going to probably nail it nine times out of 10 if it's not complicated. So, you're probably better off vibe coding it, getting up and running in in half an hour and then using that as like a basically as a wireframe to your design and then layering on top, removing the UX decisions and things like that. Um however if if it is unique if it is novel the thing that you're building is like oh wow there's some real challenges here then yes the strategic in fact that's the right word strate strate it's this it's this one um you saying good designers have always been working on strategic stuff and that's so true but it's just one of it's it's just one of the workflows we've now introduced a new workflow that we just now need to adjust to as designers need to adjust us to and think right now we're not going to get the opportunity to do all that. Let's lean into what this is offering us. Don't um reject it. Embrace it because you're going to you're going to see this more and more. Prototypes are going to come to your lap and you're going to be like, "Ah, it's already done. Like they're already using it. How am I going to how am I going to work on this piece of shit?" Figure MCP. That's how you're going to work on this piece of [ __ ] So anyway, um let us know your thoughts about that. But that was just some of the stuff I've seen on our video and some other people's videos. Just a lot of like um uh brain farts on not understanding that they they think they're just going to have to rebuild it. It's like no, you're you've got to adapt to this new workflow. And actually, one of the points I made was that you you work in you work more modular, right? You bring things into your design on a modular by modular level rather than just the whole page. So as you would with any wireframe, you have let's say a project section. These are your projects, right? That that section needs to exist no matter what the design is because the wireframe slashworking prototype slash realworking websites dictated that this needs a project section. [snorts] Take just that section, design just that section or or you know work on that section. And obviously you've established a new sort of aesthetic and things like that. Then bring it in. You might move it up or down or you might reconfigure it. But again, it's just that it's it's working on it in a more modular way. We need to adapt. We're all doing it. We're all doing it. Devs are are doing it more than anyone, right? And we're embracing it. It's just it it's just the way of the world. So anyway, yeah, let us know what you think about that. Um some interesting love all the comments. They they always spark. No one's Well, there's a couple of hate hateable ones there, but like, you know, it's always really cool to to listen to people what they have to say and what they have to think. So, yeah, let us know what you think down in the comments. Um, Figma, Figma again. Speaking of Figma, let's get us back in. Figma is to introduce an AI credit subscription system with monthly usage starting next month. Not quite sure. I think it's early next uh early in the month. So, not not long at all. So, we've got this article here on on um Simply Wall Street. Figma is introducing AI credit subscriptions with monthly usage limits for its AI tools starting in March. How many AI tools are you guys using in Figma right now that are free? The company announced a new partnership with service. Uh Figma launched new code to canvas. We all know all that kind of stuff. Um because here's the thing, management has said that 75% of large customers already use AI credits weekly. So moving to an explicit AI subscription and usage limits gives the company a clearer way to tie that usage to revenue. I wonder I wonder like how much are you guys I'm not a Figma user, right? So, how much are you guys already using um AI stuff in Figma? Is it a lot? Is it a little? Um, I want to find I want to find Figma actually announcing this because I think they're going to piss a lot of people off with this cuz, you know, um, but it is a it is a freaking good tool, let's be honest. Just looking for a link. I don't know. Um, yeah, that's all I have to say about it. I don't know what the prices are. I would like to know. Let's go. Figma pricing. Let's see if they've got anything on their website. Um pricing. I'm looking on this page here, but it's just talking about the seats. Um let's do AI. Well, actually looking at what's what what is what is their AI thing? Well, I know we use the AI thing because I think we use the background remover. I think that's AI driven. Uh Figma make that's I think that's free at the moment. So, that could again be a credit system in Figma make. Uh interactions looks like it's an AI thing. MCP. I wonder if they're g The limits on the MCP are preposterous, by the way. Like six calls a month if you're not paying for an uh for for Figma, which is crazy. Um Oh, yeah. Some Oh, is this automatic naming? Yep. Rename automatic layers, refine images, add relevant content. Are you using any of this instant background removals? I said, do we use that? Rewrite, translate, generate, sort, summarize. All of this I reckon will be paid for. So, uh, yeah. Better get your wallets out, boys. [snorts] While we're chewing through these, let us know where you're at, where you're at in the world, and give us a like on YouTube because, uh, we love it. [snorts] Uh this is an interesting one. So Anthropic launched claude code um security core code security on February 20th which was seven one week ago scanning code bases for vulnerabilities using Opus 4.6 and identifying 500 previously undetected bugs. This is cool but it sent stocks crashing right in security. Let's claude co security. Let's go here. So, interestingly, Crowd Strike, if you don't know Crowd Strike, they are a um security focused startup. They're actually responsible for the blue screen of death of uh last year, if anyone remembers that on Microsoft. And the owner asked if Clawude Code could replace Cloud Strike and it said no. I had to be straightforward. Building a replacement for power strike isn't something we can do here because basically this this owner shared his exchange. Of course said no. I bet this is his third try. So and it was like right it said no. I'm going to share this conversation now. Anyway, a massive platform built by thousands of engineers over a decade plus. So ultimately it said no. Um but core code security tool triggered a sharp selloff across cyber security sector. The CEO's response comes after Anthropic's announcement of core co security on February 20th sent February 20th sent cyber cyber security stocks tumbling. Crowd Strike shares dropped roughly 8% on Friday and fell another 10% on Monday across the sector. OT Octa Octa lost over 9% uh sale.9% CloudFare 8 Jesus Christ just from a a cloud security feature. Um and but they said it doesn't it's people have like been like nah it's not so bad. Sorry I should be making this bigger for you. uh isn't so bad because claw doesn't have handle live intrusion detection, active threat response or runtime security. So I have a few thoughts on this. Um so this is the announcement and uh you can take a look at it here. It's basically a I think it's in preview or something like I don't think every anyone everyone has it, but I can't show you on my terminal right now. But if you type slash security review, you do get a security review um out of Claude. Everyone had that. This has been something that's been around for ages, a security review. I think this is a new and updated version obviously. Um, and this idea that it can't do real time, you know, tracking to me just seems like someone can just build that, right? You can just build a polling system that detects for you know um vulnerabilities or finds vulnerabilities and then that triggers if it finds something then it triggers um core code says hey does this uh does this vulnerability affect us look at the code and fix it. So although the the because obviously you're working on historic training data when it comes to LLMs, you can build some harnesses, some ecosystems around it to to do that. And we'll get into this sort of thing when we get into background agents. I think this is going to be a really interesting conversation with myself about background agents because once again it you can you can set something up to poll a feed or whatever. Um and yeah and then the other thing is I would be interested to do you remember uh react to shell which was a vulnerability that got found that's been in existence the entire time. Uh here we go. I'll just Google with you. Reactor shells a crit critical unauthenticated remote code execution vulnerability and react server components. So basically, ever since server components have been around, um I don't know how long that's been, this has been a vulnerability. It would be really interesting to download that version of React, set Opus 4.6 on it and say, is there anything wrong here? or test out that system that I just spoke about which informs React about sorry informs uh Claude about the vulnerability and sends it off maybe giving it some brief there's been a vulnerability about this is this is this apparent like what am I trying to say here make it vague enough that it's like we you're saying to Claude we don't know if this is gonna uh sorry I'm not sharing my screen again I'm so at this. Um, this is what we said here. Um, does this affect this piece of code? Obviously, this code being React, right? It would be really interesting if this code either opus on its own or the security um, uh, slashcomand or this new, you know, this new whatever it is. I've just closed it by accident. Um, this one can pick it up. So, let's have a little quick watch of this. Yeah, research preview. There you go. Um, so yeah, interesting. Interesting. The fact that it made stocks fall, that's kind of wild to be honest. Um, let's I'm looking forward to this one. Let's get on to remote agents. So, Curser just rolled out a major update to its AI coding agents this week, enabling to run in parallel on a dedicated cloud virtual machine for higher throughput. But this isn't a story about cursor. It's a saga on autonomous background agents and the future of software delivery. How intense is that? Huh? So, let's just go through what's been going on. Um, uh, not this one. It's this. If we skip through is to make sure that it works. It's nothing crazy, but it is a way that through cursor. We've had background tasks and things like that. You can set off a background um agent in cursor. That's that's been a thing for for a little while. Um but I think this is more of a an automatic way of doing things, right? Um let's actually what? Go Let's go on. Let's watch this. Let's chill out for a bit. Gave cursor agents their own computers and now they can test their changes and come back with a video recording of what they worked on. Let's take a look at what that actually looks like. So here's an agent that we kicked off. This was sometime a couple weeks ago when we were launching our longunning agents. So we needed to make sure that users could configure how long the longunning agent. So we needed a picker and we later came back with a video play. And so here it's using mouse and keyboard like a human. And after it implemented the code front and back end, strung it through, whatever, it is testing to make sure that it works and also recording it so that you can see that it works. I can just watch this video in a few seconds. I've evaluated the work product. I've not looked at any code and I know that it has a working feature. One of the other things that is so nothing crazy, but we are still starting to see more and more of this and and apparently you can it can run for like 10 20 uh tasks. Um, and you know, I'm not a massive fan of cursor anymore to be honest. I don't I don't use it too much. But what I gave you a sneak peek of is that core code has this new remote control feature as well, which again in a similar sort of way, you're sending you're sending your task off to the cloud. Now, you could already do this with if you include code if you type and and then that will send it to the background as a background task which inevitably just sends it up to the cloud, but it's a way that you can then interact with it um on your phone. So, remote control here, you can actually interact with it on your phone. Now, I actually thought this was already possible to be honest. I'm yet to see like what difference this is. Again, I'll be I'll release a video on this on my channel actually doing the difference between background and remote control, but it's good to see. Uh let's see if there are any comments because I actually haven't had a look. Um [snorts] for always claude code, try claw code on the web for always on. So there's something Yeah. So, some people are a little bit confused. Anyway, [snorts] um background agents coming in clutch there. The other thing I wanted to share was this beautiful website. By the way, I just really like this website. It's so smooth. And this website is talking about and we spoke earlier about new paradigms, new ways of working with the Figma MCP and embracing it. This I read through this and it's essentially talking about the same sort of thing where the bottlenecks are and this is why you've got this graphic here. There's bottlenecks everywhere and how can we alleviate these bottlenecks. It's cool man. [clears throat and laughter] Um, and it talks about basically having agents automatically, agents that run in the background where you aren't you aren't necessarily coding. You aren't necessarily writing. I mean, we're not coding anyway, right? Because of AI. But the point is it's like they um they talk about um testing and uh going back up to here actually planning code view um testing um deployment probably yeah deployments and things like that and where can we stick agents here in this pipeline to enable some of this stuff. I set up a background agent using Oz which is warp which is the terminal that I use. um a background agent that every week just looks to improve the website, right? It's just kind of doing its thing. Um I also set one off with our video when I first spoke about Oz on the Command AI channel. Um the uh I set up a a I scheduled an agent to do accessibility reviews and things like this. Like is it a case that you know as developers we are just implementing the basic thing and then it runs through all of these to do it or are we doing any of this sort of stuff and our websites are living organisms. We spoke about this on the Web Flow um MCP in that comments come in, data comes in, maybe it's analytics, maybe it's feedback on a on a forum or something like and our AI is constantly uh analyzing all of this data because that's what's amazing. And actually, we didn't um the Oh, no. We we were going to get on with it in a in a second. Don't worry. Ignore everything I just said just then. Um, maybe we've got an an organic website that's always taking on improvements and really you're there to verify what Hey, we we had 300 um new users on this page and they dropped up at this point. Um, do you want to move this section? Whatever the comment is, whatever the analysis is from the agent, it sends its request to you and all you're doing is saying yes, you're the you're the kind of final brain in all of this. And this is what I'm really really excited about. So, um, this whole I love this website. It's so cool. This is a really, really nice read. Establish background agent primitives. There we go. So, it's really got some practical advice here. Sandbox as a tool. Agent is dev environment. Um, enforce the run at runtime, not prompt. So, that's that's quite cool. give this a read and and and really embrace what it's talking about because I think we uh we're really going to be entering a new age of background agents just running around doing their thing. The final thing I wanted to share with you which to be honest has kind of been solved but coord coordinating a tree of um trees of AI agents. So this guy I don't know um JK uh June Kim speaks about a bunch of little orchestration tools out there. All right. OpenAI Swarm. This is one that got released. Um Claude has just updated this week with their um agent teams or last week maybe. Um he talks about this tool that he's created that sends in basically he really goes into it here. He basically sends an agent in to understand a task and understands what sub aents what agents need to orchestrate or to fulfill this challenge and where do the dependencies lie something that we used to use taskmaster for but now I as I said I literally played around with cord agent teams today it's really great um uh it then sets up those agents and and figures them So under the hood, where is it? There was something I was looking at. Uh here um migrate API from rest to graph coow active spawn audit uh a research. How many concurrent agents um do you serve? This is kind of it going on, but you can see that it's um using different agents to do different things. And you can again this is his tool. So, you know, if you want to look into it, definitely go and do it. But I used I used core code and you can actually specify what agents you want and maybe there's a slash command or a skill for um I don't know, you know, building a front-end uh feature that you have a research agent, then you have a front-end um architect agent and all this and that and the other. And for me, it's a lot more deterministic than thinking that um Claude Code is just going to pick up on a sub agent to do these things. I'd rather it happen, you know, I I actually tell it to go build an agent team. It was really cool um to watch them work, but again chewed through my tokens and I'm not even on the Max plan at the moment just because I'm triing codeex. But yeah, really interesting. Was there anything about agent orchestration? No, that's agent orchestration. Um, multiple teams. Obviously, lots of people are talking about this right now and I cannot stress how much I think that we need to look into um agents and and agent orchestration and things like that. Um, I've heard rumors that there's going to be some $500 a month plans on things like Claude Code and Chat GPT and things like that where, you know, I'm even considering the $100 a month plan uh, sorry, $200 a month plan on Claude Code. Uh, just because I'm using AI so much more now. I'm using AI for absolutely everything. I do the animations on this channel which we've only released one video on but there's a few animations I release animations on my I use the remotion skill for all that I use it to update obviously my open claw things like this I'm just using AI for everything right now I don't I have a another example of how I'm using open claw I still want to know what you guys are using open claw for um I don't insert if I have a video idea and I have a notion database full of those video ideas. I don't open up notion to insert that video idea anymore. I have a skill set off on OpenClaw. I text openclaw the article or the idea that inspired it and I trigger that skill and then what it does is do research, give me talking points, give me a description that I need to copy and paste into the into the YouTube video. All of this stuff is just a and and gives me an outline in a way that uh to to lift the the the fourth wall for a second. I want my videos on my channel to be more results focused. I'm really into foundational stuff, like learning the basics. I love all that, but I need to break out of that and start telling you guys, okay, here's here's the result. Here's some clever thing you can do with it. Here's what what does this enable you to actually do? And then break down the nuts and the bolts of it. This is what's going on under the hood. I love all that stuff. I'll always love all that stuff, but I but I need to be more results focused. I've baked this into my skill. So, it always tries to take my idea and turn it into a results driven video. All that to be said, I don't touch notion. I let AI agents do all of the work for me, you know, to do all that basic basic stuff. So, it is what it is. We are on the last um article here. I knew we'd steam through this just because I'm on my own. Um, and this is actually, let me just double check. Uh yeah, this is Claude code getting hacked, which I didn't actually realize uh was a thing. Oh, actually, no. Let's go through this one real quick. So, this is there's been beef with Anthropic and the Department of War. Now, I've been following this like a a hound. But basically um the department of war for the US wants unrestricted access. I'm not going to say unrestricted access but you know a more unrestricted um version of Claude. Now, Claude have baked into their their model a few ground rules really and and two of those that are under question right now is um uh is AI like automate automatic uh weapons like you know an AI making a decision where it should or shouldn't kill people. In fact, I've already forgotten the second one. Um uh uh mass surveillance this idea and I mentioned it earlier about this churning through data churning through masses amounts of data to actually sort of consolidate and understand them. This is what AI is really faking good at. And it seems like these are the these are some things that the Department of War want lifted. And Dario uh or Anthropic said, "No, we're not going to do that." And they are mass domestic surveillance. Here we go. And fully autonomous weapons. And I've ruined the surprise there, but they were given until Friday to um they were given till Friday. Uh well, today I guess I don't know why I thought Friday. They released it early potentially. So like give them an answer and they are standing firm and this is Dario's announcement on why they're not doing it. And again, it just comes down to them being against this sort of stuff, which, you know, I, you know, we spoke earlier about Anthropic pissing people off because they're not open source in their software. Like, this is stuff that really faking matters, right? This is stuff that we really should be talking about and and and acknowledging that they're refusing to allow the government to to do mass domestic surveillance. Now, we do need to look at the other side because I do know there's some responses from people as well. Um, and I will find it first before uh I mean Anthropic have told them to find another vendor which is kind of cra. Oh no, I'm sharing my screen. Sorry, I didn't realize. Um there is someone who chimed in from the other side and I want to when a government rebrands itself from department of defense to department of war. That's that was got confused me reading up about this. I was like I'm sure it was department of defense but yeah department of war. Um a lot of people saying yes but I don't know I I have seen some backlash. I I I'm open to the fact that there's backlash. This is not my territory to understand uh like all of this sort of stuff and and why there might be counters. Obviously, as a citizen, not as a US citizen obviously, but like as as someone who can imagine a world where there's mass surveillance and all the rest of it, then I can obviously side with Claude's uh defense uh uh position here. However, I bet there's some real fully valid um criticisms over the other side. And what I was thinking as well is that I think I think Claude could potentially turn a new leaf on all of this if war starts to take place because um uh Ukraine are apparently using autonomous drones with AI and stuff. In fact, just to point there, Dario even said himself like this stuff isn't reliable enough. Like they don't want to they don't want to give them something that just is not like not that they would if they if it was reliable, but it is just another stance to say look this this stuff isn't there yet. And we we all know this like heck it still hallucinates and this and that and the and the other. Sorry. Um, but Ukraine are using these automatic drones and things like this and um I forgot where I was going with that because I got I got confused with the with the um the AI not being ready. But I don't know. Oh yes, that's where I was going with it. Um, if war starts to happen, if the department of war suddenly becomes a department of defense, let's say, then I think potentially Claude could anthropic could step forward and do this and and you know, comply and all the rest of it. Um, but right now it's just, you know, it it's just going to it it it's very an American um mindset, isn't it? And I don't want to get too much into guns and all that lot sort of I know a lot of our audience are from uh the US, but there's [snorts] something to be said where there are no gun where there guns aren't allowed that there's there's no gun crime. you know, you f it's fighting fire with fire, I think, is the is the mentality that um certainly Department of War might think. But I don't know. I don't know enough about it. And um I think that [snorts] on the offset, I I I I'm proud of Anthropic for standing firm. Th this this is bound to be millions and potentially even billions of dollars that they're throwing away because then they'll lose their current contracts with the Department of Defense or Department of War, wherever the hell they are. So, it's not only going to lose them a contract, it's going to lose them it's going to lose them existing contracts. So, yeah. Um, pretty hairy stuff. It'll be interesting to see how this develops. Maybe there's maybe there's going to be a response from the Department of War. [snorts] Um but Anthropic has stayed firm and you know, more power to them. Um that'll be it. I think we'll wrap up there. I've just gone on Twitter and we have a basically a week of a um Apple uh announcements next week which I'm really looking forward to. though they say don't buy the M5 Pro or Max, which is really annoying because I currently have two. I have a 16 inch and I have a 14inch and I just I want to get rid of them both and downgrade um I say downgrade, not downgrade at all, but like uh consolidate to a 14inch probably M5 Max. Like I'm curious about completely. I don't know because I dev work and editing work. Editing does probably need um graphics to be fair, but I don't think I need max max graphics. You know, I I get on pretty pretty well with my M1 Max and the update to Final Cut has made things a little bit smoother as well. So, I'm I'm pretty pretty good with an M1 Max. um which is something to be said but do are we going to enter a world with uh where um people are going to be using local models? I don't know. I don't know. I don't think local models will ever beat um these these AI labs who have 20 thou like millions of GPUs um at their disposal. Who knows? But anyway, [snorts] that'll uh that's all we have time for. So, make sure to follow us at Commandai Show. We've got the website now, commandiohow.com, which just takes you through to the YouTube, but you know, maybe one day it will be a website. Um, like, subscribe, and all that good stuff. Say happy birthday to Kabaza. He wasn't here today just because um is his birthday. [laughter] And uh yeah, I think that'll that'll do it. Nothing else going on before I wrap up now. I feel like I feel like there's there's uh been more announced, but yeah. Anyway, like, subscribe, and all the rest of it. Keep on vibing.