Posts tagged with "coding-agents"

• The Inscrutable Nature of Mathematics

  1/3/2026

  Why is it that makes mathematics so inscrutable?

  It reminds me of my naive days at university learning computer science. I held Perl in high esteem, although I never knew it well. Because of its opaqueness it made me feel like I was in an exceptional group of people.

  A couple years later, during my first job after my education and having not touched Perl since, the company I worked for contracted with an individual to develop a web application. After the application was created, and in use, the business owner desired to continue development on it and so asked me if I could continue its development. I cautiously accepted the task. Upon opening the project I immediately knew I would not be able to productively continue development of the project. I went back to the business owner and told him the web application is beyond my ability. That given time I could figure it out, but it wouldn’t be an efficient use of my time. I felt defeated. It was later that I learned Perl is considered a write once read never language.

  From then on I began prioritizing the readability of applications I create. I still often do not succeed in this goal, to the extent which I would like, but I am very mindful of this quality.

  I’m undetermined if this quality is of less importance with AI coding agents. I don’t think it is less important. It still seems very helpful to coding agents to have well structured and readable codebases. Additionally, it still seems important for humans to be able to read and understand the code as the application is being built by the coding agent, to both direct and correct the generated code.

  Mathematics to me is like Perl. Instead of welcoming people into the world of mathematics it feels mathematicians have created walls around their knowledge keeping people out. It is true symbol use is of value to those intimiate with its usage, but it is a barrier for all other audiences.

  I was reviewing Bayes’ Theorem. At first site the equation appears intimidating. But if you understand the equation it is fairly simple. Because of the way it is written our brains needs to go through several layers of translation, mapping each piece to their meaning, which is then mapped to the scenario at hand. It seems better to me to present the equation written out, have one less translation, and less prior knowledge needed. Others unfamiliar with the equation will immediately gain an initial understanding of what it means, instead of feeling defeat.

  Probability of A given B = Likelihood B assuming A * Prior belief about A / Sum of likelihood of B for all scenarios

  Edit:

  It seems David Bessis is of a similar mind, A Mind-Blowing Way of Looking at Math (with David Bessis).

  The issue with mathematics is it’s something that manifests itself in a horrible way. It’s on paper, on the blackboard; you see cryptic symbols, formulas; and this is impossible to make sense of. But, how you interact with that—how you gradually tune your intuition to build up meaning for the symbols—is the real art of mathematics.

  Math books are written in a certain way that follows a certain logic that is called logical formalism. It’s a kind of recipe for building mathematical objects, but the words make no sense to you when you open them, so you can’t read them.

  That was what I call the tourist menu. He was showing me the tourist menu with the kind of very formal dishes that nobody really wants to eat, but they look like it’s a fancy place. And, he was presenting his research mathematics the same exact way.

  And, when I told him, ‘Please repeat. Repeat it as if I had some disability, as if my brain was damaged. Because I am jet-lagged, I’m tired, whatever, I’m stupid, I’m a slow thinker. Please be as simple as you can, I don’t understand anything.’ So, when I did that, I gave him the permission to serve me the true menu, the thing for the locals—how he really himself looked at his mathematics. And he was using different words and describing the situation using very simple images, examples. And it was a different thing.

• Creating AI Coding Agent Skills

  12/29/2025

  Recently Codex was updated to also leverage Agent Skills, established by Anthropic.

  One friction point I have with this blog is creating the Astro frontmatter for the blog posts. I decided this would be a good skill for Codex.

  To create the skill I added a new directory for the skill: .codex/skills/blog-template. Then added these instructions to a SKILL.md file in the directory’s root.

  ---
  name: blog-template
  description: Add or complete Astro Markdown frontmatter for blog posts (title, pubDate, description, tags) by inferring values from the post content. Use when asked to add headers/frontmatter to Markdown in src/content/blog, ensuring only these fields are present and only missing ones are filled.
  ---
  
  # Blog Template
  
  ## Overview
  - Add or complete an Astro frontmatter block for a blog post while leaving the body untouched.
  - Only include `title`, `pubDate`, `description`, and `tags`; ignore other fields.
  - If frontmatter already exists, preserve existing values and only fill missing fields.
  
  ## Workflow
  1. Detect existing frontmatter at the top of the file. Keep provided values for the four allowed fields; drop any other keys from the new block.
  2. Derive field values from the post content:
     - **title**: Prefer the first level-1 heading or the clearest inferred title; use sensible title case and avoid trailing punctuation.
     - **pubDate**: Keep existing value if present; otherwise set to today in `YYYY-MM-DD`.
     - **description**: Write a concise 1–2 sentence summary (often one line is enough). Multi-line is allowed using `|` but keep it brief and accurate.
     - **tags**: Infer key topics/subjects from the post. Rules: lowercase; hyphenate spaces; no punctuation; cap at 6; unique; required even if guessed. Prefer specific nouns over generic filler.
  3. Emit a single frontmatter block at the very top in this form, then the untouched body:
     ```yaml
     ---
     title: |
       Example Title
     pubDate: 2025-12-01
     description: |
       One-sentence summary of the post.
     tags: ['topic-one', 'topic-two']
     ---

  Tag selection hints

  • Choose the main themes, people, places, or technologies mentioned.
  • Skip redundant variants; prefer one canonical form (e.g., ai, not both ai and artificial-intelligence).
  • If content is thin, still provide tags that best match the subject matter.

  
  So far I've been very happy with the results. I often lightly edit what it generates, but it gets me
  close.
  
  A future enhancement is to have Codex first generate a list of existing blog post tags, and then use
  he list as a reference when generating tags for the new post.

• Sandboxing AI Coding Agents

  12/29/2025

  An Ask HN question came up yesterday on how others are sandboxing coding agents.

  I have not taken sandboxing seriously. When previously researching this topic the information and tooling to accomplish this seemed lacking. I figured for my minimal usage I could manually approve each request AI makes. But as my usage grows and products mature a safer and more efficient approach is needed. I hear more stories about how AI discovers and uses unintended secret information, mistakenly deletes directories outside the project, and exfiltration of private data.

  The HN question did not receive a lot of responses. I considered a few, but didn’t to generate a deep research query of my own. Of the options presented creating a Lima VM seemed the easiest with sufficient security for my usage, although the steps became more involved as I implemented the solution. Below are the steps.

  Lima VM installation

  The install instructions Lima provided did not work for me, therefore I downloaded the latest release myself from their releases and installed it: sudo tar -C /usr/local -xzf lima-2.0.3-Linux-x86_64.tar.gz

  You may need to install QEMU libraries as well: sudo dnf install qemu-img qemu-kvm

  The VM needs to mount the project directory, so the project files can accessed. To do so we need to configure the SELinux policy settings by adding a file label. Then the label needs to be applied to all of the existing files within the directory.

  • -a: Add policy
  • -t: The label type, in this example access to files which exist within the home directory
  • sandbox-test: Is the directory to apply the policy to

  sudo semanage fcontext -a -t svirt_home_t "sandbox-test(/.*)?"
  sudo restorecon -Rv sandbox-test

  Creating a VM

  A configuration file can be used so that the VM is created with needed dependencies, as well as other VM settings. (dotnet-sandbox.yaml)

  images:
  - location: "https://cloud-images.ubuntu.com/releases/24.04/release/ubuntu-24.04-server-cloudimg-amd64.img"
    arch: "x86_64"
  cpus: 4
  memory: "8GiB"
  mountType: "9p"
  
  provision:
  - mode: system
    script: |
      apt-get update
      # The .NET application needs the SDK 
      apt-get install -y dotnet-sdk-10
      # The React frontend needs NPM
      snap install node --classic
      # Using the Codex CLI
      npm install -g @openai/codex
      # Codex expects `python`, not `python3`
      apt-get install -y python-is-python3

  Now the VM can be created and started, not the :w to make the mounted directory writable:

  limactl start --name=dotnet-sandbox --mount-only .:w dotnet-sandbox.yaml

  Follow the output instructions for entering the VM’s shell:

  limactl shell dotnet-sandbox

  Other commands

  • Stop: limactl stop dotnet-sandbox
  • Delete: limactl delete dotnet-sandbox

  Setup the commit config for the coding agent:

  git config --global user.name "AI Agent"
  git config --global user.email "agent@internal.sandbox"

  Codex cannot push to git remotes without access, but to further enforce Codex from being able to push a rule can be added: (.rules)

  {
  	"rules": [
  	    {
  		    "pattern": ["git", "push"],
  		    "action": "forbidden"
  	    }
  	]
  }