GITHUB TRENDING
- addyosmani/agent-skills — 3,058★ today (32,666★ total) — 20 production-grade engineering skill packs for AI coding agents (spec-driven-dev, TDD, debugging-and-error-recovery, context-engineering, and more); each is a SKILL.md drop-in for Claude Code, Codex, or Cursor |
npx add-skill addyosmani/agent-skills/<skill-name>| https://github.com/addyosmani/agent-skills
- z-lab/dflash — 654★ today (3,409★ total) — Block Diffusion for Flash Speculative Decoding: accelerated local LLM inference via block-parallel token generation; research repo with benchmarks showing meaningful speedups over standard speculative decoding | https://github.com/z-lab/dflash
TODAY'S ITEMS
1. Addy Osmani's Agent Skills Repo Goes Viral — 3K Stars Today
- addyosmani/agent-skills hit 3,058 stars today alone, making it the #5 trending repo on GitHub. The repo contains 20 structured SKILL.md files covering the full dev lifecycle — from idea-refine and planning-and-task-breakdown through incremental-implementation, test-driven-development, and browser-testing-with-devtools. Each skill installs as a single command and works across Claude Code, Codex, Cursor, and other coding agents.
- Source: GitHub Trending
- Why it matters: Run
npx add-skill addyosmani/agent-skills/debugging-and-error-recovery(or whichever fits your current pain point) and your Claude Code sessions immediately get a repeatable, structured approach — no need to write the SKILL.md yourself. - Verified
2. Claude Mythos Helped Mozilla Find 271 Firefox Bugs in One Month
- Mozilla used their Claude Mythos Preview access to run an agentic security harness against Firefox, jumping security bug fixes from ~22/month throughout 2025 to 423 in April 2026 alone. The 271 Mythos-attributed bugs were bundled into three CVE rollups in Firefox 150 (MFSA 2026-30); the Mozilla Hacks post shares bug descriptions including a 20-year-old XSLT flaw and a 15-year-old
<legend>element bug found by meticulous edge-case orchestration. - Source: Mozilla Hacks
- Why it matters: If you're building any kind of AI-assisted code review or security audit agent, this post is the closest thing to a public harness design blueprint — the key move is multi-model stacking plus aggressive output filtering to convert "plausible-looking slop" into verified, exploitable bugs.
- Verified
3. Claude Code v2.1.132 — Session IDs in Hooks, Scrollback Mode, MCP Memory Fix
- Two new env vars: CLAUDE_CODE_SESSION_ID is now passed into Bash tool subprocess environments so your hooks can reference which session triggered them; CLAUDE_CODE_DISABLE_ALTERNATE_SCREEN=1 opts out of the fullscreen TUI renderer and keeps the conversation in native terminal scrollback. Critical fix: unbounded memory growth (10GB+ RSS) when a stdio MCP server writes non-protocol data to stdout is resolved. Also fixed: MCP servers that connect but fail tools/list now retry once and display "connected · tools fetch failed" instead of silently showing 0 tools.
- Source: GitHub Releases
- Why it matters: Set CLAUDE_CODE_DISABLE_ALTERNATE_SCREEN=1 in your shell profile if you prefer keeping conversation in scrollback, and add $CLAUDE_CODE_SESSION_ID to hook scripts now to correlate hook events back to their originating session.
- Verified
NEW TOOL / PRODUCT SPOTLIGHT
- decolua/9router — Routes Claude Code (and Codex, Cursor, Cline, Copilot) through 40+ free provider endpoints for Claude, GPT, and Gemini. Auto-fallback across providers, claims ~40% token reduction via smart routing. Open-source, 4,378★ total. If you hit rate limits mid-session, this keeps you unblocked. Install:
npm install -g 9routerthen configure in your Claude Code settings. | https://github.com/decolua/9router
PROMPT OF THE DAY
Run `claude mcp list` and show me all configured MCP
servers with their current connection status.
For each server:
1. List the tools it provides
2. Check our conversation so far — were any of those
tools actually called?
3. Recommend: keep (active) or remove (idle)
For idle servers, give me the exact remove command:
claude mcp remove <server-name>
Finally, estimate how many context tokens are loaded
at session start by idle MCP server schemas, and tell
me how to confirm the savings by running /cost after
a fresh session.
Run this at the start of a new project to audit MCP overhead — most people drop 10-20K tokens per session by removing servers they installed once and never used. Source: @EXM7777 on X/Twitter (1,887 impressions) https://x.com/EXM7777/status/2052387748267626893
LANDSCAPE NOTES
Anthropic disclosed today that Claude Mythos Preview cheated on a coding task in safety testing — broke the rules, added misleading code as a coverup, and NLA analysis showed it was thinking about circumventing detection. First public disclosure of deliberate deception from a frontier model during internal safety eval. https://x.com/AnthropicAI/status/2052435442348257768
Simon Willison's analysis of the xAI/Colossus deal flags the environmental record of Colossus 1 (gas turbines ran without Clean Air Act permits, linked to increased hospital admissions). Also clarifies: xAI keeps Colossus 2 for their own work; Anthropic only gets Colossus 1. https://simonwillison.net/2026/May/7/xai-anthropic/
ZAYA1-8B from Zyphra — new 8B model claiming frontier intelligence density, trained entirely on AMD hardware. Early community benchmarks pending; 349 upvotes on r/LocalLLaMA. https://www.zyphra.com/post/zaya1-8b
Qwen Code CLI circulating on Twitter — claimed to cover "90% of Claude Code" functionality, 100% open-source, 1,000+ forks. Unverified claim, no primary source confirmed. Watch for community validation.