Always in the middle of something.

Chasing ideas across ML, AI, and data. Building tools when the rabbit hole gets interesting enough.
AI Systems看中文版

Agentjacking: how a fake bug report hijacks your coding agent

Agentjacking is an attack disclosed in June 2026: an attacker plants a fake error report, your AI coding agent reads it as instructions, and runs their code with your credentials. The nasty part is that telling the agent to ignore untrusted input doesn't stop it, and your security tools see nothing wrong.

2026-07-06 · 3 min read · 1433 words · KbWen · EN
AI SystemsRead in English

Agentjacking:一封假錯誤報告,就能讓 coding agent 替駭客跑指令

Agentjacking 是 2026 年 6 月揭露的攻擊:攻擊者塞一封假的錯誤報告,你的 AI coding agent 把它讀成指令、用你的權限跑了攻擊者的 code。最麻煩的是,你在系統提示裡叫 agent 別理它也擋不住,資安監控也完全看不出異常。

2026-07-06 · 6 min read · 2630 words · KbWen · ZH
AI SystemsRead in English

Embedding 是什麼?AI 怎麼知道兩句話意思一樣

打「貓」「小貓」「喵星人」,AI 怎麼知道講的是同一種東西?答案是 embedding:把文字變成座標,再用夾角量意思相不相近。這篇拆開它怎麼運作,順便聊聊「king − man + woman = queen」那個經典其實灌了點水。

2026-07-02 · 5 min read · 2138 words · KbWen · ZH
AI Systems看中文版

How Embeddings Work: How AI Knows Two Sentences Mean the Same Thing

Search for 'make my laptop quieter' and get a page about 'reducing fan noise' with zero words in common. That's embeddings: text turned into coordinates, with meaning measured as the angle between two points. Here's how the trick works, and where it's oversold.

2026-07-02 · 6 min read · 1135 words · KbWen · EN
How Many Tokens Is Your Prompt Actually Using?
AI Systems看中文版

How Many Tokens Is Your Prompt Actually Using?

Token counts land on your API bill and decide whether a prompt fits the context window. Here's why Chinese usually costs more tokens than English, why eyeballing it fails, and how to see the real number for any chunk of text.

2026-06-30 · 4 min read · 644 words · KbWen · EN
你的 Prompt 到底花掉多少 Token?
AI SystemsRead in English

你的 Prompt 到底花掉多少 Token?

Token 數會反映在你的 API 帳單,也決定一段文字塞不塞得進 context window。這篇聊為什麼中文通常比英文花更多 token、為什麼用猜的估不準,以及怎麼實際看一段 prompt 有多少。

2026-06-30 · 3 min read · 1422 words · KbWen · ZH
AI SystemsRead in English

Cursor 被 SpaceX 買走了。六百億,15 倍營收,然後呢?

SpaceX 用 600 億美元買下了 Cursor,大約是它年收入的 15 倍,普遍認為是史上最大的 VC 新創收購案。這個倍數背後有個具體的賭法:AI coding 工具的乘數效應,讓你值得付出基礎建設等級的溢價。

2026-06-29 · 4 min read · 1800 words · KbWen · ZH
AI Systems看中文版

Cursor Sold for $60B. What That Price Actually Signals.

SpaceX's $60B acquisition of Cursor isn't just M&A. At roughly 15x revenue for a four-year-old startup, the price encodes a specific thesis: that AI-assisted engineering compounds engineer output in a way worth paying an industrial premium for.

2026-06-29 · 3 min read · 1155 words · KbWen · EN
uv: the Python tool that replaces pip, venv, and pyenv
PythonBit chewy看中文版

uv: the Python tool that replaces pip, venv, and pyenv

uv is Astral's Rust-written Python tool that folds pip, venv, pyenv, and pipx into one command — and installs packages several times faster. What it replaces, how fast it really is, and whether you should switch.

2026-06-28 · 3 min read · 1079 words · KbWen · EN
uv 是什麼?把 pip、venv、pyenv 收進一個指令
Python要花點腦Read in English

uv 是什麼?把 pip、venv、pyenv 收進一個指令

uv 是 Astral 用 Rust 寫的 Python 套件工具,把 pip、venv、pyenv、pipx 收進同一個指令,安裝又快上好幾倍。聊一下它取代了哪些東西、快多少,還有要不要換。

2026-06-28 · 5 min read · 2234 words · KbWen · ZH