Thankfully Google has some basic protection for it. I accidentally commited my google api token, as part of some OTEL trace JSON file, and within a few minutes my key was automatically locked by google, and marked as leaked (with exact link pointing where it has happened).
"some basic protection" it wasn't always like this. A few years back you could easily get api keys for any web service by typing certain keywords on github and that included all google APIs, but since the Microsoft acquisition it's not as simple anymore....
I had a few useful examples of this. In order to make it work you need to define your quality gates, and rather complex spec. I personally use https://github.com/probelabs/visor for creating the gates. It can be a code-review gate, or how well implementation align with the spec and etc. And basically it makes agent loop until it pass it. One of the tips, especially when using Claude Code, is explictly ask to create a "tasks", and also use subagents. For example I want to validate and re-structure all my documentation - I would ask it to create a task to research state of my docs, then after create a task per specific detail, then create a task to re-validate quality after it has finished task. You can also play around with the gates with a more simple tooling, for example https://probelabs.com/vow/
> One of the tips, especially when using Claude Code, is explictly ask to create a "tasks", and also use subagents. For example I want to validate and re-structure all my documentation - I would ask it to create a task to research state of my docs, then after create a task per specific detail, then create a task to re-validate quality after it has finished task.
This is definitely a way to keep those who wear Program and Project manager hats busy.
That is interesting. Never considered trying to throw one or two into a loop together to try to keep it honest. Appreciate the Visor recommendation, I'll give it a look and see if I can make this all 'make sense'.
Nice one. Mermaid validation is a huge issue given how mermaid.js is architected.
I built a mermaid generation harness last year and even the best model at it (Claude Sonnet 3.7 at the time; 4o was okay, Gemini struggled) only produced valid mermaid ~95% of the time. That failure rate adds up quickly. Had to detect errors client-side and trigger retries to keep server load reasonable.
Having a lightweight parser with auto-fix like this back then would have simplified the flow quite a bit.
A2A is for communication between the agents.
MCP is how agent communicate with its tools.
Important aspect of A2A, is that it has a notion of tasks, task rediness, and etc. E.g. you can give it a task and expect completely in few days, and get notified via webhook or polling it.
For the end users for sure A2A will cause a big confusing, and can replace a lot of current MCP usage.
I'm building Probe https://probeai.dev/ for a while now, and this this docs-mcp project is showcase of its capable. Giving you a local semantic search over any codebase or docs without indexing.
I do maintain big OSS projects and and try to contribute as well.
However contribution experience can very bad, if you follow the path of picking the most famous objects. Good luck contributing to Node, Rust, Shadcn and etc - they do not need your contribution, their PR queue is overloaded and they can't handle it. Plus you need to get to their internal circles first, though quite complex process.
The world is much bigger. There are so many help required from the smaller but still active projects.
Just recently I raised 3 small PRs, and they reviewed the same day!
As a my respect to all the OSS community, I have build https://helpwanted.dev/ website, which in the nutshell shows latest "help wanted" and "good first issue" issues, from all over github in the last 24 hours.
You would be amazed how many cool projects out of there looking for the help!
reply