Blog

What AI gets wrong

Deep dives into the bugs AI assistants introduce and how to catch them before they reach production.

Developer Tools2026-04-085 min

Monitor Every Claude Code Session From One Terminal

A free live dashboard and native macOS notifications for Claude Code. See what every instance is doing, jump to any session instantly, never miss a permission prompt again.

Infrastructure2026-03-186 min

Your Cron Jobs Are Failing and Nobody Knows

Token rotation stopped three weeks ago. The nightly sync hasn't run since Tuesday. The cleanup job is throwing errors into the void. You have no visibility, no alerts, no history. Here's how to fix that.

Infrastructure2026-03-176 min

Your Production Database Is on Fire and You Don't Know It

A runaway query is eating your connection pool. Cache hit ratio dropped to 40%. Three users are locked out. You have no dashboard, no health checks, no visibility. Here's how to fix that in one command.

Infrastructure2026-03-176 min

You Shipped OAuth. Then All Your Users' Tokens Expired.

You integrated OAuth, launched, and celebrated. Three months later, users started getting logged out randomly. Here's what went wrong and how to prevent it.

PerformancePERF0022026-03-175 min

See Where Every Millisecond Goes in Your LLM Calls

A free timing waterfall for LLM operations. One command installs ChatTimer — wrap your prompt building, API calls, and response parsing, then visualize exactly where time goes.

InfrastructureRATE0022026-03-174 min

Stop AI From Writing Naive Rate Limiters

AI assistants write in-memory rate limiters that reset on deploy and break across instances. Here's why that's dangerous and how to fix it with one command.

SecuritySEC0042026-02-104 min

Why AI Generates Insecure Random Tokens

Every AI assistant we tested uses random.randint() or Math.random() for security tokens. Here's why that's dangerous and what SEC004 catches.

DeterminismDET0012026-02-075 min

The Silent Bug: Dictionary Iteration Order

Your code works in dev, passes tests, then produces different results in production. DET001 catches the nondeterministic iteration that causes it.

AsyncASYNC0012026-02-044 min

Forgot Await: The Most Common Async Bug

Calling an async function without await doesn't throw an error — it silently returns a Promise that nobody checks. ASYNC001 finds every instance.

QualityQUAL0042026-01-303 min

Mutable Default Arguments: Python's Classic Trap

def process(items=[]): looks innocent. It shares state between calls. AI assistants write this pattern constantly — QUAL004 catches it every time.

SecuritySEC0022026-01-275 min

SQL Injection Is Still Happening in AI-Generated Code

We found f-string SQL queries in 40% of AI-generated database code. SEC002 catches string concatenation in SQL before it reaches production.

FrontendFRONT0022026-01-234 min

window is not defined: The Next.js SSR Problem

AI writes browser code that crashes on the server. FRONT002 finds every window, document, and localStorage access that needs an SSR guard.

ConcurrencyCONC0012026-01-205 min

Check-Then-Act: Race Conditions Hiding in Plain Sight

if file_exists then write_file looks safe. It isn't. CONC001 catches time-of-check-to-time-of-use bugs across Python and JavaScript.

TypesTYPE0092026-01-163 min

process.env.VAR! Will Crash Your Production Server

TypeScript's non-null assertion on environment variables compiles fine and crashes at runtime. TYPE009 catches this before deployment.