『What is really inside the AI tools you blindly install』のカバーアート

What is really inside the AI tools you blindly install

What is really inside the AI tools you blindly install

無料で聴く

ポッドキャストの詳細を見る

When you install a package, you probably skip the source code. But what about the AI skills and CLAUDE.md files you are feeding directly into your agent?

In the latest episode of the No Compromises podcast, we discuss whether developers are reading the AI skills they install and why it actually matters.

We make the case that unread skills are riskier than unread packages because they quietly shape how your agent thinks and can introduce security vulnerabilities or opinions you would never have agreed to if you had just taken 10 minutes to read them.

We also look at the flip side, where reading those skills can make you a better developer, expose you to approaches you did not know existed, and help you guide your agents more intentionally across every project.

  • (00:00) - Do developers actually read package source code
  • (02:19) - Why AI skills are riskier than packages
  • (05:07) - Security risks hiding in unread skill files
  • (09:30) - Reading skills as a learning opportunity
  • (11:49) - Silly bit

Want a second set of eyes on the tools and packages your team is trusting? Find out how our code review service can help
adbl_web_anon_alc_button_suppression_t1
まだレビューはありません