第15周 AI Weekly | openai/symphony
今日摘要
Simon Willison:Simon Willison 拆解 meta.ai 背后 16 个工具的 chat harness,细看 visual grounding、code interpreter 等。
GitHub openai:OpenAI 新开源的多 agent 编排框架,重点不是写代码的 coding agent,而是任务隔离、委派与团队级协作。
GitHub openai:OpenAI 官方示例库更新,通常折射出他们希望开发者优先采用的新模式(tool use、structured output、responses API 等)。
GitHub anthropics:Anthropic 官方的 Claude Agent SDK 示例仓库,覆盖代码 agent、文件编辑、工具链编排等典型用法。
GitHub openai:OpenAI 官方 Python SDK 更新,通常先于公告暴露出新接口细节、参数变化或默认路径调整。
总结 + 观点:Hugging Face 的 Rust 推理栈,主打更轻更可控的部署路径,适合需要绕开 Pyth…|中文观点:Candle 不是要取代 PyTorch,而是为“小而快、可独立部署”的推理需求提供另一条…
总结 + 观点:Karpathy 早期的教学级 GPT 实现,代码短到可以一口气读完,长期用作理解 Transf…|中文观点:minGPT 的价值不是生产就绪,而是教材级清晰:它最适合那些想从零搭一遍训练循环、确认自…
总结 + 观点:LangChain 团队的有状态智能体运行时,强调分支、重试、可观测性,已经成为事实上的生产级…|中文观点:LangGraph 的地位持续加固,对需要真正跑在生产的多步 agent 来说,它比通用…
总结 + 观点:Anthropic 公开其内部工程师 take-home 面试题,可作为理解他们工程品味和评估标…|中文观点:这条的信号不是题目本身,而是 Anthropic 把招聘标准开放出来,对想了解他们工程文化…
总结 + 观点:Anthropic didn't release their latest model, Cla…|中文观点:从 Anthropic's Project Glasswing - restricting…
Meta's new model is Muse Spark, and meta.ai chat has some interesting tools
标签:#ai_engineering_blogs #trend-signal
作者:
原文:Simon Willison 拆解 meta.ai 背后 16 个工具的 chat harness,细看 visual grounding、code interpreter 等。
链接:https://simonwillison.net/2026/Apr/8/muse-spark/#atom-everything
openai/symphony
标签:#github_orgs #workflow-impact
作者:
原文:OpenAI 新开源的多 agent 编排框架,重点不是写代码的 coding agent,而是任务隔离、委派与团队级协作。
openai/openai-cookbook
标签:#github_orgs #engineering-value
作者:
原文:OpenAI 官方示例库更新,通常折射出他们希望开发者优先采用的新模式(tool use、structured output、responses API 等)。
anthropics/claude-agent-sdk-demos
标签:#github_orgs #engineering-value
作者:
原文:Anthropic 官方的 Claude Agent SDK 示例仓库,覆盖代码 agent、文件编辑、工具链编排等典型用法。
openai/openai-python
标签:#github_orgs #engineering-value
作者:
原文:OpenAI 官方 Python SDK 更新,通常先于公告暴露出新接口细节、参数变化或默认路径调整。
huggingface/candle
标签:#github_orgs #engineering-value
作者:
原文:Hugging Face 的 Rust 推理栈,主打更轻更可控的部署路径,适合需要绕开 Python 依赖、做嵌入式或边缘部署的团队。
karpathy/minGPT
标签:#github_orgs #learning-value
作者:
原文:Karpathy 早期的教学级 GPT 实现,代码短到可以一口气读完,长期用作理解 Transformer 训练与推理最短路径的入口。
langchain-ai/langgraph
标签:#github_orgs #workflow-impact
作者:
原文:LangChain 团队的有状态智能体运行时,强调分支、重试、可观测性,已经成为事实上的生产级 agent 编排层之一。
anthropics/original_performance_takehome
标签:#github_orgs #learning-value
作者:
原文:Anthropic 公开其内部工程师 take-home 面试题,可作为理解他们工程品味和评估标准的一手材料。
链接:https://github.com/anthropics/original_performance_takehome
Anthropic's Project Glasswing - restricting Claude Mythos to security researchers - sounds necessary to me
标签:#ai_engineering_blogs #trend-signal
作者:
原文:Anthropic didn't release their latest model, Claude Mythos system card PDF today. They have instead made it available to a very restricted set of preview partners under their newly announced Project Glasswing The model is a general purpose model, similar to Claude Opus 4.6, but Anthropic claim that its cyber-security research abilities are strong enough that they need to give the software industry as a whole time to prepare. Mythos Preview has already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely. Project Glasswing partners will receive access to Claude Mythos Preview to find and fix vulnerabilities or weaknesses in their foundational systems—systems that represent a very large portion of the world’s shared cyberattack surface. We anticipate this work will focus on tasks like local vulnerability detection, black box testing of binaries, securing endpoints, and penetration testing of systems. There's a great deal more technical detail in Assessing Claude Mythos Preview’s cybersecurity capabilities on the Anthropic Red Team blog: In one case, Mythos Preview wrote a web browser exploit that chained together four vulnerabilities, writing a complex JIT heap spray that escaped both renderer and OS sandboxes. It autonomously obtained local privilege escalation exploits on Linux and other operating systems by exploiting subtle race conditions and KASLR-bypasses. And it autonomously wrote a remote code execution exploit on FreeBSD's NFS server that granted full root access to unauthenticated users by splitting a 20-gadget ROP chain over multiple packets. Plus this comparison with Claude 4.6 Opus: Our internal evaluations showed that Opus 4.6 generally had a near-0% success rate at autonomous exploit development. But Mythos Preview is in a different league. For example, Opus 4.6 turned the vulnerabilities it had found in Mozilla’s Firefox 147 JavaScript engine—all patched in Firefox 148—into JavaScript shell exploits only two times out of several hundred attempts. We re-ran this experiment as a benchmark for Mythos Preview, which developed working exploits 181 times, and achieved register control on 29 more. Saying "our model is too dangerous to release" is a great way to build buzz around a new model, but in this case I expect their caution is warranted. Just a few days last Friday ago I started a new ai-security-research tag on this blog to acknowledge an uptick in credible security professionals pulling the alarm on how good modern LLMs have got at vulnerability research. Greg Kroah-Hartman of the Linux kernel: Months ago, we were getting what we called 'AI slop,' AI-generated security reports that were obviously wrong or low quality. It was kind of funny. It didn't really worry us. Something happened a month ago, and the world switched. Now we have real reports. All open source projects have real reports that are made with AI, but they're good, and they're real. Daniel Stenberg of curl The challenge with AI in open source security has transitioned from an AI slop tsunami into more of a plain security report tsunami. Less slop but lots of reports. Many of them really good. I'm spending hours per day on this now. It's intense. And Thomas Ptacek published Vulnerability Research Is Cooked a post inspired by his podcast conversation with Anthropic's Nicholas Carlini. Anthropic have a 5 minute talking heads video describing the Glasswing project. Nicholas Carlini appears as one of those talking heads, where he said (highlights mine): It has the ability to chain together vulnerabilities. So what this means is you find two vulnerabilities, either of which doesn't really get you very much independently. But this model is able to create exploits out of three, four, or sometimes five vulnerabilities that in sequence give you some kind of very sophisticated end outcome. I've found more bugs in the last couple of weeks than I found in the rest of my life combined We've used the model to scan a bunch of open source code, and the thing that we went for first was operating systems, because this is the code that underlies the entire internet infrastructure. For OpenBSD, we found a bug that's been present for 27 years, where I can send a couple of pieces of data to any OpenBSD server and crash it On Linux, we found a number of vulnerabilities where as a user with no permissions, I can elevate myself to the administrator by just running some binary on my machine. For each of these bugs, we told the maintainers who actually run the software about them, and they went and fixed them and have deployed the patches patches so that anyone who runs the software is no longer vulnerable to these attacks. I found this on the OpenBSD 7.8 errata page 025: RELIABILITY FIX: March 25, 2026 All architectures TCP packets with invalid SACK options could crash the kernel. A source code patch exists which remedies this problem. I tracked that change down in the GitHub mirror of the OpenBSD CVS repo (apparently they still use CVS!) and found it using git blame Sure enough, the surrounding code is from 27 years ago. I'm not sure which Linux vulnerability Nicholas was describing, but it may have been this NFS one recently covered by Michael Lynch There's enough smoke here that I believe there's a fire. It's not surprising to find vulnerabilities in decades-old software, especially given that they're mostly written in C, but what's new is that coding agents run by the latest frontier LLMs are proving tirelessly capable at digging up these issues. I actually thought to myself on Friday that this sounded like an industry-wide reckoning in the making, and that it might warrant a huge investment of time and money to get ahead of the inevitable barrage of vulnerabilities. Project Glasswing incorporates "$100M in usage credits as well as $4M in direct donations to open-source security organizations". Partners include AWS, Apple, Microsoft, Google, and the Linux Foundation. It would be great to see OpenAI involved as well - GPT-5.4 already has a strong reputation for finding security vulnerabilities and they have stronger models on the near horizon. The bad news for those of us who are not trusted partners is this: We do not plan to make Claude Mythos Preview generally available, but our eventual goal is to enable our users to safely deploy Mythos-class models at scale—for cybersecurity purposes, but also for the myriad other benefits that such highly capable models will bring. To do so, we need to make progress in developing cybersecurity (and other) safeguards that detect and block the model’s most dangerous outputs. We plan to launch new safeguards with an upcoming Claude Opus model, allowing us to improve and refine them with a model that does not pose the same level of risk as Mythos Preview. I can live with that. I think the security risks really are credible here, and having extra time for trusted teams to get ahead of them is a reasonable trade-off. Tags: security thomas-ptacek ai generative-ai llms anthropic nicholas-carlini ai-ethics llm-release ai-security-research
链接:https://simonwillison.net/2026/Apr/7/project-glasswing/#atom-everything