/AI

Drop-in OAuth For Your MCP servers

tl;dr: 4,639 MCP servers have already been launched — yet most still authenticate with static API keys, meaning they're not OAuth 2.1 compliant despite MCP mandating it. As AI agents and automated clients scale, that's no longer optional. But it doesn't have to be hard. Scalekit offers a drop-in OAuth layer that issues scoped, short-lived tokens to secure MCP servers without rearchitecting your stack.

featured in #624

How I Program With Agents

- David Crawshaw tl;dr: “This is the second part of my ongoing self-education in how to adapt my programming experience to a world with computers that talk. The first part, How I program with LLMs, covered ways LLMs can be adapted into our existing tools (basically, autocomplete) and how careful prompting can replace traditional web search. Now I want to talk about the harder, and more rewarding act of using agents to program.”

featured in #624

The Prompt Engineering Playbook For Programmers

- Addy Osmani tl;dr: “As many of us have learned, the quality of the AI’s output depends largely on the quality of the prompt you provide. In other words, prompt engineering has become an essential skill. A poorly phrased request can yield irrelevant or generic answers, while a well-crafted prompt can produce thoughtful, accurate, and even creative code solutions. This write-up takes a practical look at how to systematically craft effective prompts for common development tasks.”

featured in #624

The Prompt Engineering Playbook For Programmers

- Addy Osmani tl;dr: “As many of us have learned, the quality of the AI’s output depends largely on the quality of the prompt you provide. In other words, prompt engineering has become an essential skill. A poorly phrased request can yield irrelevant or generic answers, while a well-crafted prompt can produce thoughtful, accurate, and even creative code solutions. This write-up takes a practical look at how to systematically craft effective prompts for common development tasks.”

featured in #623

How AI Agents Become a Security Liability - And What to Do About It

- Maria Paktiti tl;dr: AI agents are gaining autonomy—but also privileged access to tools, APIs, and data. Without scoped permissions, auditability, and role-based controls, they quickly become a security risk. This post explores how engineering teams are securing agent workflows with the WorkOS platform, applying least-privilege access and modern security patterns by default.

featured in #622

Claude 4 Prompt Engineering Best Practices

tl;dr: “This guide provides specific prompt engineering techniques for Claude 4 models (Opus 4 and Sonnet 4) to help you achieve optimal results in your applications. These models have been trained for more precise instruction following than previous generations of Claude models.”

featured in #621

LLM Shibboleths Determine AI Effectiveness

- Brian Kihoon Lee tl;dr: “Coding assistants promise to revolutionize software development, but why do some developers sing praises while others find them useless? The answer lies between the keyboard and the chair, but it’s more than just simple user error. Your level of expertise silently shapes the way you interact with the AI, allowing two people to have completely different experiences despite interacting with the same AI on the same subject. In this essay I’ll discuss how this is possible and what you can do about it.”

featured in #620

Getting AI To Write Good SQL

- Per Jacobsson tl;dr: “We will cover state-of-the-art approaches to context building and table retrieval, how to do effective evaluation of text-to-SQL quality with LLM-as-a-judge techniques, the best approaches to LLM prompting and post-processing, and how we approach techniques that allows the system to offer virtually certified correct answers.”

featured in #620

The AI Engineering Stack

- Gergely Orosz Chip Huyen tl;dr: The authors discuss: (1) Three layers of the AI stack. Application development, model development, infrastructure. (2) AI engineering versus ML engineering. Similarities and differences. (3) Application development in AI engineering. The three main focus areas: evaluation, prompt engineering, and AI interfaces. (4) AI Engineering versus full-stack engineering.

featured in #619

Practical AI Techniques For Daily Engineering Work

- Sean Goedecke tl;dr: "Also unlike most popular advice, this post is for people who are already competent software engineers, not less-technical people looking to vibe code a working app. They’re techniques I use daily as a staff engineer at GitHub. I use Copilot for most of this stuff, but the techniques are tool-agnostic: you can use anything that exposes a chat interface."

featured in #618