惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

D
Docker
爱范儿
爱范儿
人人都是产品经理
人人都是产品经理
博客园 - 司徒正美
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
量子位
罗磊的独立博客
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
小众软件
小众软件
C
Cybersecurity and Infrastructure Security Agency CISA
Cyberwarzone
Cyberwarzone
大猫的无限游戏
大猫的无限游戏
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
雷峰网
雷峰网
Simon Willison's Weblog
Simon Willison's Weblog
The Cloudflare Blog
博客园 - 三生石上(FineUI控件)
D
Darknet – Hacking Tools, Hacker News & Cyber Security
C
Cyber Attacks, Cyber Crime and Cyber Security
博客园_首页
博客园 - 叶小钗
V
Vulnerabilities – Threatpost
T
The Exploit Database - CXSecurity.com
T
Tailwind CSS Blog
IT之家
IT之家
博客园 - 聂微东
Spread Privacy
Spread Privacy
V2EX - 技术
V2EX - 技术
S
Security Affairs
宝玉的分享
宝玉的分享
V
V2EX
C
Cisco Blogs
博客园 - Franky
美团技术团队
酷 壳 – CoolShell
酷 壳 – CoolShell
月光博客
月光博客
S
Securelist
J
Java Code Geeks
Webroot Blog
Webroot Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
P
Proofpoint News Feed
Last Week in AI
Last Week in AI
L
LINUX DO - 热门话题
NISL@THU
NISL@THU
WordPress大学
WordPress大学
W
WeLiveSecurity
T
Threatpost
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
腾讯CDC
阮一峰的网络日志
阮一峰的网络日志

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
When a memorized rule fits your bug too well: a meta-trap of agent workflows
Michel Faure · 2026-05-04 · via DEV Community

Comic strip — Michel sticks a fresh pink post-it on his wall of rules, oblivious to the neighbouring rules contradicting each other. Pauline observes and deadpans:

If you have 30 seconds. Versioned memory in a Claude Code workflow has a side effect nobody warns you about: a memorized rule that fits the symptom plausibly short-circuits verification, even when it doesn't apply to the specific counter you're staring at. I cost myself twenty minutes of SQL exploration last week because a rule shaped like the bug — without being the bug — let me skip reading the view that produced the number. Useful if you've started trusting your own feedback files.


A delta of 77

April 22nd, 2026, 11:14 AM. I'm in the /crm/eleves page reviewing tab counts before a sync with our admin assistant. The tab "Enrolled" reads 785. The tab "Alesia studio" reads 312, "Republic" reads 278, "Villiers" reads 272. I add the three: 862. Seventy-seven more enrolled in some studio than the Enrolled count claims. The numbers are sitting next to each other on the screen, the way numbers do when they're about to ruin your morning.

My first reflex isn't to open the SQL. It's to ask the agent. I paste the screenshot, I describe the discrepancy, I add — too quickly — "this is probably because of the one-enrollment-equals-N-seats rule, right? People in two studios get counted twice in the studio tabs." The agent agrees. The explanation is plausible. The rule exists. It even has a memory file describing it: feedback_modele_inscription_places.md. I open the SQL editor anyway, because that's the discipline, and I spend twenty minutes joining inscriptions to itself, looking for contacts present in two studios at once.

There are eleven of them. Eleven explains nothing. The delta is seventy-seven.

I close the SQL, I read the view that actually feeds the studio tabs — v_eleves — and I see, on line three, a DISTINCT contact_id clause and an ateliers_effectifs[] array column. The view deduplicates by contact. It counts people, not seats. The 1-enrollment-equals-N-seats rule, true in the table inscriptions, doesn't apply to this counter because this counter never sees inscriptions directly. It reads a view that has already collapsed seats to people.

The real bug is somewhere else: the "Enrolled" tab filters on statut = 'inscrit' while the studio tabs filter on statut IN ('inscrit', 'ancien_eleve'). Seventy-seven ancien_eleve showing up in the studio tabs and not in the Enrolled tab. A status filter discrepancy. Five minutes to find, once I'm in the right code path.

The bug took five minutes. Getting to the bug took twenty-five — and twenty of those were spent confirming a memorized rule that didn't apply.

What just happened

I keep coming back to the trap. The agent didn't lie; it confirmed a hypothesis I supplied. The memory file isn't wrong; it describes a real invariant of the data model. The mistake was earlier — at the moment I framed the problem with a rule before reading the code that produced the number.

Memorized rules carry a specific risk in agent workflows: they offer a plausible explanation that costs nothing to invoke. The rule is right there, it has a name, it has been validated, and it loosely matches the shape of the symptom. The cognitive friction of opening the SQL view is non-zero; the cognitive friction of "the rule says X, so the bug must be a manifestation of X" is zero. You take the cheaper path. The rule sells itself.

This is a different failure mode from the one I described in the previous article on memory. There, the failure was the agent confabulating about facts that had drifted in the code. Here, the failure is me using a stable, correct rule as a substitute for verification, because the rule fits the silhouette of the bug. The trace device is the same. The discipline that makes it useful is different.

I had to write a feedback for myself, not for the agent.

The rule I now apply

The feedback I added that afternoon, in ~/.claude/agent-memory/feedback_memoire_court_circuite_verification_code.md, is short:

Why: A memorized rule applies to a precise location in the model. It does not automatically apply to every counter that displays related data. Skipping verification because the rule "looks like the bug" cost me 20 minutes of SQL exploration on April 22nd.

How to apply: when a UI number looks inconsistent and a memorized rule seems to explain the delta, open the code that produces the number before invoking the rule. Read the SQL query or the view used. If the view does a DISTINCT or routes through a deduplicated source, the rule "N seats per person" doesn't apply to that specific counter. Read first, invoke second.

It's a rule about rules. The kind of feedback that doesn't reduce errors directly — it reduces errors of the second type, the ones where a correct rule is misapplied because the symptom is plausibly shaped.

What you can copy

Three concrete elements I now hold as discipline:

  1. Read the producer before invoking the rule. Whatever counter, balance, or aggregate you're investigating, open the SQL view, the API handler, or the React selector that produces it. If you don't, you're not verifying — you're matching a silhouette to a silhouette.
  2. Audit your own questions to the agent. When you frame an investigation by saying "this is probably because of X", watch how the agent agrees. If your hypothesis names a rule the agent has in memory, the agreement is cheap. The hypothesis is doing the work; the agent is rubber-stamping. That's not collaboration, that's confirmation bias laundering through a friendly interface.
  3. Write the meta-feedback. When you discover that you skipped verification because a rule was approximately the right shape, that's a feedback worth writing. It applies more broadly than the specific case. Mine has caught me at least twice since — once on a duplicate detection that looked like the couple-versus-doublon rule but wasn't, once on a count that looked like a tarif-applique-snapshot drift but came from a stale REFRESH.

The deeper discipline is that a memorized rule is a hypothesis, not a verdict. It earns its rank only when the producing code confirms it. Treat it like a stack trace from a colleague — useful pointer, requires reproduction.

Coda

What I notice, looking back at the four weeks of building Rembrandt with Claude Code, is that the rules accumulate faster than the discipline of verifying their application. My memory directory is at fifty-seven feedback files now. Each is opposable. Each is dated. Each is correct somewhere. None of them are correct everywhere, and the field where they are correct is more constrained than the symptom-space they look like they cover.

That asymmetry is the meta-trap. It scales with the number of rules. The richer the memory, the more often a rule will fit the shape of a bug it doesn't actually explain. The cure isn't fewer rules — fewer rules means more drift. The cure is a habit of reading the producer before quoting the law.

The five minutes I spent finding the real bug, that morning, were calm. The twenty-five before were a detective novel I'd been writing alone, with the agent supplying the alibi. I have no animosity for the agent. I have the slightly cold awareness that any tool that talks back will tell you what you brought it, and that the thing that protects you from yourself is the file the tool didn't write.


Companion code: rembrandt-samples/claude-md/feedback-template.md — the structure of feedback_* files with the meta-feedback from this article as a worked example, MIT, copy-pastable.