Hacker News new | ask | show | jobs
by dlahoda 2 days ago
I run orchestrated agents(context warm up, fork-join, file based communication, set of trailofbits skills, some dba skill, some sourcegraphindex, and few mine, API skill). None of skills are specific to out codebase(even my), some are explicitly for Claude.

Finds 90% bugs using Codex and Gemini 200usd subs.

You do not need service for auditing or review.

Just overlay you ci with ai.

I do not even sast (because we use rust typestates and invariants; and effect ts; and failfast).

Have seen death of 5 services for audit and review killed by "just overlay ci with ai in max sub on latest model".
1 comments
basedrum 1 day ago
So you have a write up on how to do this?
link
dlahoda 10 hours ago
Not full text, but:

- config you cli to allow run agents in parallel

- ask to use tmp dir for all files, and git worktree copy

- ask to export all to files, progress, errors, reports, as it goes.

Now setup for each agent run (process with own context):

- planning-with-files, caveman, ask-questions-if-underspecified(if not in CI)

- these skills must be loaded into each subagent.

After, run assembling context: - audit-context-building, trailmark-structural

At this point all only operator runs. No other agents.

Now ask for forks(parallel), each loads context built before:

- dba-review

- supply-chain-risk-auditor (ask to trigger only on lock files changes

- spec-to-code-compliance

- openai-gh-fix-ci (if audit of PR)

- graph-evolution, differential-review

- dimensional-analysis

- mutation-testing, property-based-testing (ask to mutate and proptest around changes).

So not of these skills are load into shared context. They have own to avoid pollution and loss of focus.

So all forks run done. Ask for join.

- fp-check, second-opinion

Ask for final report.

All skills above from github and public (not my, easy to find).

I have private skills like:

- github-context-aggregation (links, comments, descriptions)

- structural-transformation-review (thing topology, category theory, duals)

- layered-context-chunking (2 layers at a time - like db+backend, backend+fe to more focus)

- product-feature-interactions (product line eng combinations)

Good mental model for what you are doing is

- https://github.com/microsoft/conductor/blob/main/examples/pa...

- https://github.com/features/actions

link