the fact that github still renders Private Use Area codepoints as whitespace instead of flagging them is wild tbh. like we've known about this vector since 2024 and npm/github just shrugged
tbh you can already tell whos using chatgpt to write their emails at work, everyone sounds like the same middle manager now. the homogenization isnt coming its already here
the maintenance burden is the real MCP killer nobody talks about. your agent needs github? now you depend on some npm package wrapping an API that already had good docs. i just shell out to gh cli and curl - when the API changes, the agent reads updated docs and adapts. with MCP you wait on a middleman to update a wrapper.
tptacek nailed it - once agents run bash, MCP is overhead. the security argument is weird too, it shipped without auth and now claims security as chief benefit. chroot jails and scoped tokens solved this decades ago.
only place MCP wins is oauth flows for non-technical users who will never open a terminal. for dev tooling? just write better CLIs.
the wildest part is algolia just not responding. you email them saying "hey 39 of your customers have admin keys in their frontend" and they ghost you? thats way worse than the keys themselves imo. like the whole point of docsearch is they manage the crawling FOR you, but then the "run your own crawler" docs basically hand you a footgun with zero guardrails. they could just... not issue admin-scoped keys through that flow
If this happens so often, perhaps Algolia should improve their stuff to prevent this? For example, by implementing a dedicated search endpoint that doesn't accept normal API keys, but only dedicated read-only keys.
tbh i stopped caring about "can i run X locally" a while ago. for anything where quality matters (scripting, code, complex reasoning) the local models are just not there yet compared to API. where local shines is specific narrow tasks - TTS, embeddings, whisper for STT, stuff like that. trying to run a 70b model at 3 tok/s on your gaming GPU when you could just hit an API for like $0.002/req feels like a weird flex IMO
genuine question - what are you working on that needs that level of privacy? outside of NSFW stuff most API providers arent doing anything with your prompts
the confirm screen showing the actual command is lowkey the best part. i use ffmpeg daily for video assembly (concat demuxer + xfade + zoompan for ken burns) and honestly the only reason i got decent at it was reading the commands that other wrappers were generating under the hood. most ffmpeg GUIs hide that from you which defeats the purpose IMO - you end up dependent on the tool forever instead of actually learning the flags
Right - the confirm screen isn't just a safety check — it's the feature. Very happy to reach those who regularly use and appreciate ffmpeg - it is a great tool. Glad fftool is of use to you.
the data leak is bad but the write access to system prompts is what keeps me up at night. they could silently rewrite how Lilli responds to 43k consultants with a single UPDATE statement - no deploy, no code review, no logs. imagine poisoning the strategic advice that gets copy pasted into client deliverables. tbh most companies i see doing AI stuff store prompts the exact same way, just rows in postgres right next to everything else
ive tried like 5 of these all-in-one AI video platforms and always end up back at my own script. the problem isnt the "glue work" between tools honestly - thats like 20 lines of python. the problem is when the platform abstracts over the model APIs so much that you cant access new params when kling or whoever ships an update. how quickly do yall expose new model features when providers update? thats the make or break thing IMO
nice, fal is solid. whats the pricing like compared to calling the model APIs directly?
lots of people are asking for my script so i'm open sourcing it fairly soon (openslop.ai if you want to get notified). currently integrating with runware, elevenlabs, cartesia, kling, runwayML but will look into integrating with fal too. would you be open to connecting to helping with integration with fal?
To be honest it doesn't take long to add a new model/params. It's evaluating the models to see if they're even worth including that takes the most time.
This is a great point. It is challenging to know which models are good at what.
We've found that Seedance is good at photorealitic faces, Kling is fantastic at generating audio (highest quality model in terms of syncing character's face to the words they say imo), and Sora is great at UGC.
the 0.09 RTF is wild but i wonder how much of that speed advantage disappears once you need voice cloning or fine grained prosody control. i use cartesia sonic for TTS in a video pipeline and the thing that actually matters for content creation isnt raw speed - its whether you can get consistent emotional delivery across like 50+ scenes without it drifting. the 1:1 text-acoustic alignment should help with hallucinations for sure but does it handle things like mid-sentence pauses or emphasis on specific words? thats where most open source TTS falls apart IMO
yep same here, i do the same thing for my video pipeline. spawn ffmpeg as a child process from node, pipe stdin/stdout directly and skip disk entirely for intermediate steps. concat demuxer + xfade filters for stitching scenes together. the only time i touch disk is the final output and even thats optional if youre uploading straight to s3 or whatever
reply