惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Simon Willison's Weblog
Simon Willison's Weblog
Google DeepMind News
Google DeepMind News
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
P
Proofpoint News Feed
Recent Announcements
Recent Announcements
MongoDB | Blog
MongoDB | Blog
U
Unit 42
云风的 BLOG
云风的 BLOG
Recorded Future
Recorded Future
G
Google Developers Blog
I
InfoQ
Blog — PlanetScale
Blog — PlanetScale
A
About on SuperTechFans
Jina AI
Jina AI
量子位
宝玉的分享
宝玉的分享
The Cloudflare Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
博客园 - 聂微东
Last Week in AI
Last Week in AI
WordPress大学
WordPress大学
美团技术团队
The Hacker News
The Hacker News
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
D
Darknet – Hacking Tools, Hacker News & Cyber Security
T
Tailwind CSS Blog
博客园 - 司徒正美
博客园 - 叶小钗
Hugging Face - Blog
Hugging Face - Blog
P
Palo Alto Networks Blog
博客园_首页
阮一峰的网络日志
阮一峰的网络日志
博客园 - 【当耐特】
Spread Privacy
Spread Privacy
The GitHub Blog
The GitHub Blog
Y
Y Combinator Blog
Vercel News
Vercel News
Martin Fowler
Martin Fowler
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Forbes - Security
Forbes - Security
Attack and Defense Labs
Attack and Defense Labs
Google DeepMind News
Google DeepMind News
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Microsoft Azure Blog
Microsoft Azure Blog
P
Privacy International News Feed
G
GRAHAM CLULEY
The Last Watchdog
The Last Watchdog
C
Cyber Attacks, Cyber Crime and Cyber Security
AI
AI
V2EX - 技术
V2EX - 技术

Hacker News - Newest: "AI"

AI can't read an investor deck AI as an attorney? Student uses ChatGPT, Gemini to sue UW over alleged racial discrimination Hacking MCP Servers in AI Systems – The Rug Pull: Tool Changes After Approval GitHub - MeepCastana/KubeezCut: Free Web based video editor GitHub - GenAI-Gurus/awesome-eu-ai-act: Curated tools, official sources, OSS, templates, and guides for EU AI Act compliance. Can AI judge journalism? A Thiel-backed startup says yes, even if it risks chilling whistleblowers Coming soon: 10 Things That Matter in AI Right Now DARPA built an AI to fact-check enemy weapons claims What explains heterogeneity in AI adoption? When AI Meets Muscle: Context-Aware Electrical Stimulation Promises a New Way to Guide Human Movements - Department of Computer Science AI Changed How We Build. It Did Not Change What Matters. Linux rules on using AI-generated code - Copilot is OK, but humans must take 'full responsibility for the… Meta spins up AI version of Mark Zuckerberg to engage with employees Code Mode: Let Your AI Write Programs, Not Just Call Tools | TanStack Blog GitHub - Delavalom/graft: Go framework for building AI agents. Type-safe tools, multi-provider (OpenAI, Anthropic, Gemini, Bedrock), zero vendor SDKs. India's TCS tops estimates, says new AI models did not dent services demand Gen Z's fading AI hype Strong feeling: we are in a folded AI reality GitHub - machinarii/total-recall-catalog: A reference catalog of latest knowledge retrieval, memory & RAG systems GitHub - mensfeld/code-on-incus: Give each AI agent its own isolated machine with root, Docker, and systemd. Active defense detects and stops threats automatically.. Quantization, LoRA, and the 8% Problem: Benchmarking Local LLMs for Production AI Iran war: We spoke to the man making Lego-style AI videos that experts say are powerful propaganda Powell, Bessent discussed Anthropic's Mythos AI cyber threat with major U.S. banks GitHub - immartian/bellamem: Persistent belief-graph memory for AI agents. Retrieves decisive context by importance — not recency, not RAG, not /compact. recursive-mode: The Repo-Native Operating System for AI Engineering After the attack on Sam Altman's home, will AI CEO's go on the offensive? The biggest advance in AI since the LLM Opus 4.6 vs GPT 5.4 One Prompt Unity World Generation Test “AI polls” are fake polls Client Challenge Can AI be a 'child of God'? Inside Anthropic's meeting with Christian leaders How to Switch AI Chatbots and Why You Might Want To GitHub - MattMessinger1/agentic_refund_guardrail: Safe refund policy layer for AI agents — Python + TypeScript. Same behavior, shared tests. Adam/papers/emergent_values_whitepaper.md at master · strangeadvancedmarketing/Adam Ask HN: How do you stop playing 20 questions with your AI coding tools How far can automation and AI support psychotherapy? - @theU GitHub - stagas/rtdiff: realtime git diff gui and AI-assisted commits A Mac Studio for Local AI — 6 Months Later A History of the Early Years of AI at the University of Edinburgh Why AI Coding Tools Still Feel Stuck on Localhost MSN AI Datacenters Are Becoming Strategic Targets twitter.com Penn Researchers Use AI to Surface Unreported GLP-1 Side Effects in Reddit Posts Show HN: MoodSense AI (ML and FastAPI and Gradio, Deployed on Hugging Face) Moodsense Ai - a Hugging Face Space by aman179102 AI models are terrible at betting on soccer—especially xAI Grok GitHub - xialeistudio/echoic GitHub - HimashaHerath/github-dev-wrapped: AI-powered weekly GitHub activity reports deployed to GitHub Pages GitHub - alejandrobalderas/claude-code-from-source: Architecture, patterns & internals of Anthropic's AI coding agent — reverse-engineered from source maps AI and Tech brief: Ireland ascendant GitHub - Titovilal/context0: Context0 - Never Surrender Training for a Marathon with an AI Coach: What Worked and What Didn't Cyber Pulse: Agentic Intel - Apps on Google Play I Built an AI PR Reviewer That Catches Bugs by Not Looking for Bugs Gen Z workers are so fearful AI will take their job they’re intentionally sabotaging their company’s AI rollout | Fortune How AI Is Reimagining the Game of Golf–For Both Players and Courses GitHub - nattergabriel/reseed: A CLI tool for managing and distributing agent skills across projects Is SVG the final frontier? My AI workflow evolved from prompts to a near-autonomous workflow MLSharp Help - 3DGS Viewer & Generator I put my cognitive field based AI's runtime on GitHub Is Numble the first AI-proof game? A3: Kubernetes for autonomous AI agent fleets | Emergent Principles Deepali Vyas ("The Elite Recruiter") GitHub - msmarkgu/RelayFreeLLM: A restful API designed to route user prompts to various AI model providers. Unionized ProPublica staff are on strike over AI, layoffs, and wages Unleashing the Advantage of Quantum AI We're heading for an AI-fueled 'dementia crisis,' brain scientist warns The AI-Assisted Breach of Mexico's Government Infrastructure [pdf] GitHub - stef41/lmscan: 🔍 Detect AI-generated text and fingerprint which LLM wrote it. Open-source GPTZero alternative. Zero dependencies, works offline. MSN GitHub - visionscaper/collabmem: Enabling long-term collaboration with Agentic AI - building up episodic and world model memory over time with in-context awareness We gave an AI a 3 year retail lease in SF and asked it to make a profit | Andon Labs AI Code is Hollowing Out Open Source, and Maintainers are Looking the Other Way What leaked "SteamGPT" files could mean for the PC gaming platform's use of AI AI is the boss at this retail store. What could go wrong? GitHub - Wuzu11517/agentic-proxy: Local proxy meant to help reduce With Drones, Geophysics and ArtificiaI Intelligence, Researchers Prepare to Do Battle Against Land Mines A Single Operator, Two AI Platforms, Nine Government Agencies: The Full Technical Report 在 Steam 上购买 FriedrichAI: Offline AI 立省 10% GitHub - inevolin/resume-cli: Hit Claude usage limits? Resume any AI coding session elsewhere. Switch tools at zero friction. GitHub - atripati/ark: AI Runtime Kernel — a context operating system for AI agents. Eliminates tool bloat, loads only what’s needed, and gives LLMs their reasoning space back. How to Build a Secure AI PR Reviewer with Claude, GitHub Actions, and JavaScript This Startup Wants You to Pay Up to Talk With AI Versions of Human Experts Intel Arc Pro B70 Brings 32GB VRAM to Local AI for $949 WordPress 7.0: The Good, the AI, and the Still Missing AI on the couch: Anthropic gives Claude 20 hours of psychiatry IatroBench: Pre-Registered Evidence of Iatrogenic Harm from AI Safety Measures AI Agents Know About Supabase. They Don't Always Use It Right. The history and future of AI at Google, with Sundar Pichai Inside an AI‑enabled device code phishing campaign How Meta Used AI to Map Tribal Knowledge in Large-Scale Data Pipelines AI for Systems: Using LLMs to Optimize Database Query Execution Forecasting the Economic Effects of AI Introducing Tinker: Play with AI, bring your ideas to life AI sheds light on an ancient gaming mystery People really hate AI but not as much as Iran—or Democrats | Fortune What is an AI Product Engineer? Phoebe Gates wants her $185 million AI startup to succeed with 'no ties to my privilege or my last name': 'I have a chip on my shoulder' | Fortune
Aurra — Memory infrastructure for AI agents
akshayt2012 · 2026-05-04 · via Hacker News - Newest: "AI"

When your agent's facts go stale, who decides what to keep?

May 3, 2026 — The Aurra team


Yesterday we shipped bi-temporal versioning in Aurra. Every memory now carries valid_from, valid_to, and superseded_by. Your agent can query "what was true on April 1?" and walk a fact's full history.

That was Level 1: manual. Developer calls supersede() when they know a fact has been replaced. Clean primitive, no ambiguity, no LLM in the safety loop.

This morning we shipped Level 2: automatic. Pass auto_supersede=true on a write and Aurra runs an LLM classifier against the most semantically-similar existing memories. When it's confident the new fact replaces an old one, it supersedes automatically and writes an audit log entry.

Level 2 is in beta. The API and SDKs are live. Live classification is currently behind a server-side flag while we run final production validation. The flag flips on later this week.

Here's how it works, what it tested at, and the design tradeoffs.

The two failure modes that actually matter

When you're building a memory system that auto-detects supersession, there are two things that can go wrong:

  1. False positive: the LLM says "supersedes" when it shouldn't. The old memory gets marked superseded. The customer's agent loses a fact it needed. This is unrecoverable without an audit log review.

  2. False negative: the LLM says "independent" or "refines" when it should have said "supersedes." The new fact saves normally, the old fact stays. The customer can manually call supersede() later. Fully recoverable.

These are not symmetric. False positives corrupt customer data silently. False negatives are noise.

The implication: the right metric to optimize is precision on the "supersedes" verdict, not overall accuracy. A system that's 80% accurate but 100% precise on supersedes is safer than a system that's 95% accurate with 5% false positives.

That decision shaped everything else.

How the classifier actually decides

The flow on every write that opts in:

  1. New memory saves normally (gets ID, embedding generated)
  2. System checks: does the customer's API key allow auto-supersede? Is this category in their excluded list?
  3. If yes to both: semantic search finds the top 3 most similar existing memories, filtered by tenant
  4. For each candidate, the LLM classifier returns one of three verdicts:
    • supersedes — new fact replaces old fact
    • refines — new fact adds detail (don't supersede; both stay)
    • independent — new fact is unrelated (don't supersede; both stay)
  5. Each verdict comes with a confidence score (0.0–1.0) and a one-sentence reasoning string
  6. Only if verdict == "supersedes" AND confidence >= 0.85 does the system act
  7. When it acts, the old memory gets marked superseded and an entry is written to the audit log

Three verdicts not two, because "refines" handles the most common false-positive pattern. "User has a cat" → "User has a black cat named Whiskers" is refinement, not supersession. Both should stay.

Per-category opt-out: the safety architecture

The classifier never sees memories in customer-configured excluded categories. The default exclusion list is ["health_medical", "legal_status"] — categories where wrong supersession could cause real-world harm.

This is deliberately deterministic. The category gate runs in code, before the LLM call. If the system ever touches a medical fact via auto-supersede, it's not because the LLM decided to skip the safety check — it's because the customer explicitly removed health_medical from their excluded list. The LLM is never trusted to recognize what's safety-critical.

Customers can configure this per API key:

client.settings.update(
    excluded_categories=["health_medical", "legal_status", "financial"],
    min_confidence=0.92,  # raise the floor (0.85 is the minimum)
)

min_confidence has a server-side floor of 0.85. Customers can raise it to be more conservative; they cannot lower it. This is one of those decisions that costs nothing to ship and prevents a class of customer support tickets six months later.

The benchmark

Before shipping, we built a 121-case hand-labeled test set covering 25 categories:

  • Clear supersessions — preference flips, status changes, role updates
  • Subtle supersessions — location moves, schedule changes, account state
  • Refinements — added detail, specificity, naming
  • Independent facts — different entities, different time periods, additive
  • Reversion cases — "tried X then went back to Y"
  • Multi-entity ambiguity — "second pet," "second car," "second job"
  • Hedging — "thinking about," "may push," "considering"
  • Generalization — "allergic to one fruit" → "allergic to all pome fruits"
  • B2B agent state — seat counts, champion changes, competitor mentions
  • Temporal recency — historical vs current facts
  • Plus financial, dietary, hardware/OS, payment methods, subscription tiers, identity, workplace roles, project status, and the categories the system filters before the LLM ever runs (health/medical, legal status)

Acceptance criteria, set before any eval ran:

  • ≥95% precision on the "supersedes" verdict (at confidence ≥0.85)
  • ≥60% recall on the "supersedes" verdict
  • ≥80% overall accuracy across all three verdicts

Why precision-first: see the two failure modes section above. False positives are unrecoverable. False negatives are recoverable via the manual API we shipped yesterday.

The numbers

Tested two models, prompt v1, on all 121 cases:

Metricclaude-haiku-4-5claude-sonnet-4-6
Overall accuracy93.4% (113/121)94.2% (114/121)
Gated supersedes precision (conf ≥ 0.85)100% (55/55)98.3% (57/58)
Supersedes recall91.7%96.7%
Cost per classification~$0.0005~$0.0015
Latency P50~500ms~1500ms

Haiku at 100% gated precision is the production winner. Every time the classifier was confident enough to act on its supersession judgment, it acted correctly. The 8 cases haiku got "wrong" were all false negatives — situations where the system kept both memories instead of superseding. Recoverable.

Sonnet had one false positive (a medical-related case that would normally be categorized as health_medical in production, which means the per-category gate would have blocked it before the LLM ever saw it). For 3x the cost and 3x the latency, sonnet doesn't pay back.

What's in the prompt

The system prompt is 4,771 characters and includes five few-shot examples covering the three verdicts. A few specific design choices:

Calibration scaffolding. LLMs are notoriously poor at calibrated confidence out of the box. The prompt includes explicit guidance for what 0.95-1.00 versus 0.85-0.94 versus below 0.85 should mean. Without this, the model would default to 0.95 for everything and the confidence threshold would be meaningless.

Linguistic signal hints. The prompt enumerates strong supersession markers ("switched," "moved," "cancelled"), strong independence markers ("also," "additionally," "second"), and strong refinement markers ("specifically," "named after," "tried X but went back"). This isn't telling the model how to think — it's telling it which features are usually load-bearing for this specific task.

Tiebreaker rules. Six explicit rules that override every other signal. Two of them:

  • "When in doubt between 'supersedes' and 'refines', choose 'refines'. Default to NOT supersede. False positives corrupt user memory permanently. False negatives are recoverable."
  • "Hedged language ('thinking about', 'may', 'considering') is NOT a firm change. Treat hedged plan revisions as refines or independent, never supersedes — until the user actually commits."

These are the rules that turn an okay classifier into a safe one.

Beta status, honestly

The API surface and SDK methods ship today. Both aurra==0.3.1 (Python) and aurra@0.2.1 (npm) are on their respective registries.

Live classification is gated by an environment variable on the production server. Right now, calls with auto_supersede=true get back:

{
  "ran": false,
  "skipped_reason": "level_2_disabled_by_env",
  "candidates_examined": 0,
  "supersession": null
}

The memory still saves normally. The classifier just doesn't fire yet.

This is deliberate. We want to run the classifier against real production traffic — write patterns, embedding distributions, similarity distributions we haven't tested in isolation — before flipping the flag for everyone. That validation happens this week.

When the flag flips, customers who've already enabled auto_supersede=true will start getting classifications. Customers who haven't will see no change. The default at every level is off:

  1. Server env var: off until we flip it
  2. Per API key default: false
  3. Per request flag: defaults to None (use API key default)

You opt in three times before anything happens to your data. Even after the flag flips on the server.

Try it

Install the SDK:

pip install aurra==0.3.1
# or
npm install aurra@0.2.1

Read your settings:

from aurra import Aurra
client = Aurra(api_key="aurra_...")

s = client.settings.get()
print(s)
# SettingsResult(auto_supersede_default=False,
#                excluded_categories=['health_medical', 'legal_status'],
#                min_confidence=0.85,
#                classifier_model='claude-haiku-4-5-20251001')

Enable it for one write:

result = client.memories.add(
    content="User has been using Emacs as their daily editor, having moved away from Vim",
    topic="preferences",
    auto_supersede=True,
)

print(result.auto_supersede)
# AutoSupersedeResult(ran=False, skipped_reason='level_2_disabled_by_env')
# (until the server flag flips)

Or set it as your default:

client.settings.update(auto_supersede_default=True)

What's next

Tomorrow we run validation against live production traffic with the flag flipped. If it stays clean for 24 hours, the flag stays on.

This week we're also shipping Level 3: full bi-temporal with transaction time in addition to valid time. Right now we have one time axis (when was a fact true?). Level 3 adds the second (when did we know it?). That's what enables true point-in-time auditing — not just "what did we believe was true on April 1," but "what did we know on April 1 about what was true on March 15."

The launch post for that lands later this week.

If you're building agents that need to remember things across sessions and you've been chasing your tail with stale facts — Aurra has a free tier and the bi-temporal stack works today. Try it. Tell us what breaks.

aurra.us · docs · PyPI · npm