Blog
Notes from building Stoicsoft. Tools, processes, and the occasional rant about software that wastes your time.
Showing 21–30 of 44 · Page 3 of 5
engineering· May 14, 2026· 8 min readPreflight policy checks: stopping AI agents from running the dangerous command
AI coding agents that touch a shell will eventually try something destructive. Cost caps and task boundaries don't help once the rm -rf is already typed. The missing layer is a preflight policy check: classify the command before it runs, gate the dangerous classes behind a typed confirmation, and log everything for audit.
engineering· May 10, 2026· 12 min readSecure browser terminal sharing: what gotty does not give you
Default gotty publishes a writable shell at a public URL with no auth, no audit, no expiry. Five concerns — auth, scope, audit, lifecycle, exposure — and a 50-line wrapper that closes the gap without replacing the tool.
engineering· May 10, 2026· 10 min readTmux session discoverability: the onboarding wall the keybinding tutorials skip
New engineers don't trip over tmux keybindings — they trip over which session to attach to. A naming convention, an honest listing wrapper, and a read-only-first attach rule turn tmux from a maze into a collaboration substrate.
engineering· May 10, 2026· 9 min readThe unified SSH-plus-AI workflow gap that nobody has shipped yet
Engineers debugging production hold three windows open: SSH, an AI assistant, and a notes file. They are the slow human bridge between tools that should be one. Why the unified product doesn't exist yet, and what to build today.
engineering· May 10, 2026· 9 min readReceipts and invoices: the local prep pipeline that beats cloud OCR
OCR accuracy is set before the engine runs. Deskew, crop, normalize, grayscale — done locally, in batch — turns 60% accuracy into 99% and keeps client material off third-party storage.
engineering· May 10, 2026· 9 min readThe four-line task boundary that stops AI agent overreach
A six-line scope contract at the top of every agent prompt cuts review time in half. Diffs stay inside the lane you asked for. What goes in those lines matters more than the model.
engineering· May 10, 2026· 9 min readPre-delivery photo prep: the local batch pipeline cloud uploaders skip
Wedding and event photographers move 1,000+ files per delivery. The cloud route burns 90+ minutes and leaks GPS. A local batch pipeline does it in 8 minutes and never touches a server.
engineering· May 9, 2026· 9 min readSearch-scope is the first knob: stop your AI agent from grepping the whole repo
Token blowups in Claude Code, Cursor, and Codex are usually a tool-call-scope problem, not a model problem. Four tactics to make the agent's search return 4 files instead of 47.
engineering· May 7, 2026· 8 min readParallel agent worktrees need a context contract, not just isolation
Running coding agents in parallel worktrees fails at the merge boundary, not in the agents themselves. A short written contract — scope, interface, shared state, merge order — turns isolated work into coherent diffs.
engineering· May 6, 2026· 8 min readContext-Window Management Is a Workflow Problem, Not a Model Problem
Long AI coding sessions degrade because the workflow around the model fails to manage context as a finite, allocable resource. Treat the window as a budget you plan, chunk, hand off, and reset on schedule.