TIL

June 10, 2026

A prompt for proof-first implementation

First, do an assessment, then you post a list of assumptions spliced on multiple criteria: task-related assumptions, logic assumptions, codebase assumptions. For every assumption, you will sustain it with proof. After this, we will set a clear /goal with a list of criteria that will pass, and we will set a /loop to make sure all criteria are met before claiming the project is done and before human QA.

As goals, you will define how you will test this with automated tools and how you will present the proof it works.

June 3, 2026

Triggers that shape how Claude answers

Dropping one of these keywords into a prompt nudges Claude into a specific reasoning mode. Useful as a quick lens swap without rewriting the whole prompt.

Trigger	What it does
ELI5	Explain like I'm five — strip jargon, use analogies, assume zero background.
Devil's Advocate	Argue against the position on purpose, surface the strongest counter-case.
Socratic	Don't answer directly — ask questions that lead me to the answer.
Steel Man	Build the strongest version of the opposing argument before responding.
First Principles	Break the problem down to fundamentals, rebuild from the ground up.
PHD	Go deep — academic level, technical precision, cite mechanisms.
No AI	Write without the usual AI tells (hedging, bullet-stuffing, throat-clearing intros).
Red Team	Adversarial review — attack the idea, find failure modes, assume hostile users.
Artifacts	Produce the deliverable directly (doc, table, code, plan) rather than discussion.
OODA	Frame the response as Observe → Orient → Decide → Act.

Best used at the start of a prompt: Red Team: review this auth flow… or First Principles: why do we need a queue here?

May 28, 2026

Build the truth layer before you write the code

Stop treating the generated file as the first thing you make. Make the truth layer first: an inventory of your sources, a map of which claim rests on which source, a log of every assumption, and a verification pass that tries to break the result before anyone else can. Build that, and the model gets far more useful, because now it is working on top of something real instead of guessing inside a costume that looks like work. Skip it, and you are shipping confidence you have not earned.

May 22, 2026

Prompt: Defensive Security Reviewer

A reusable prompt for a defensive-only review of any workflow, system, or automation. Drop in a description and it surfaces places where trust is granted too early — without ever giving exploit steps.

The prompt

Act as a defensive security reviewer.
Review this workflow, system, or automation:
[PASTE DESCRIPTION]

Look for places where the system assumes trust too early.
Focus on:
1. User accounts and permissions
2. Third-party packages or integrations
3. API keys, tokens, and credentials
4. Automated actions that could cause damage
5. Data that should stay private
6. Approval steps before anything public or irreversible
7. Monitoring logs I should check regularly

For each risk, explain:
- What could go wrong
- Why a normal check might miss it
- The safest practical fix
- Whether this needs an expert review

Keep this defensive only. Do not provide exploit steps.

When to use

Before flipping on a new automation
Auditing a third-party integration
Pre-launch checks on anything public or irreversible
Periodic review of credentials, webhooks, and admin-level scripts

April 3, 2026

Hardware Hacking with Claude

Asked Claude to make my USB-C wireless microphone adapter do something it wasn't designed for. It built a macOS app that listens for the button press on the wireless mic and toggles Wispr Flow dictation. Now I just press the mic button and start dictating — no reaching for the keyboard.

March 7, 2026

Wispr Flow on iPhone Action Button

Wispr Flow now lets you map the iPhone Action Button to start dictating. One press and you're talking — no keyboard switching. The catch: it copies the transcribed text to your clipboard instead of typing it directly, so you have to paste it where you need it. Minor trade-off for skipping the whole keyboard dance.

March 6, 2026

Wispr Flow Mouse Shortcuts

Wispr Flow just added mouse shortcut support. It detected my Logitech MX3S and let me bind one of its buttons to toggle dictation on/off. No more keyboard shortcuts — just press a mouse button and start talking.

February 25, 2026

Claude Code as a home lab sysadmin

Set up IMMICH on my home lab for family photos and installed Claude Code to help manage the infrastructure. Currently extending storage to my NAS for backups while I wait for a new HDD to arrive for a RAID 1 setup. The interesting part: my NAS is only accessible via SSH with key auth on the local network, and Claude handled the full security config — IP whitelisting, firewall rules, the works. Even got it to evaluate the disk health. Turns out it's very proficient at sysadmin tasks when you give it shell access to the right machine.

Pencil.dev

Used pencil.dev for some app design work. Genuinely surprised by the speed and how good the default design taste is. Worth trying if you're prototyping screens.

Performant MySQL dump and import for large databases

Two commands I used a while back to migrate a huge database without killing the server.

Step 1: Export — dump and compress in one shot:

nice -n 19 mysqldump -u user -p -h hostname --single-transaction --quick --lock-tables=false dbname | nice -n 19 gzip > dbname.sql.gz

nice -n 19 runs at lowest CPU priority so it doesn't starve other processes. --single-transaction takes a consistent snapshot without locking the whole database (InnoDB only). --quick streams rows one at a time instead of buffering the entire table in memory — critical for large tables. --lock-tables=false avoids table-level locks so reads keep working. Piping straight to gzip saves disk space and is usually faster than writing the raw SQL first.

Step 2: Transfer and decompress — move the file to the target server and unzip it:

gunzip dbname.sql.gz

This gives you the raw dbname.sql file. If you're transferring between machines, scp or rsync the .gz file first — much faster over the wire.

Step 3: Import — log into MySQL and disable autocommit before sourcing:

mysql -u user -p

Then inside the MySQL shell:

USE dbname;
SET autocommit=0;
SOURCE /path/to/dbname.sql;
COMMIT;

By default MySQL commits after every single INSERT, which is painfully slow on large dumps. SET autocommit=0 batches all the writes and COMMIT flushes them once at the end. On a multi-gigabyte dump this can be the difference between hours and minutes.

Use at your own risk.

February 18, 2026

Project-specific skills in Claude Code

The superpowers /using-superpowers skill is basically a table of contents of related skills you can use together. Good pattern to steal for your own project.

Skills in .claude/skills/ are already auto-detected — Claude picks them up and uses them when relevant. So bvdr-write, add-stack-entry, bvdr-add-til all live there and Claude will reach for them when it thinks they match the task. That's the passive mode — it works, but Claude decides when to use what.

A master command like /using-bvdr-skills flips that. Instead of waiting for Claude to recognize the context, you enforce it upfront. Load the table of contents at the start of a session and Claude knows exactly which skills are available, how they relate to each other, and when to use them. Passive availability vs active enforcement.

Two ways to think about it: reference them in CLAUDE.md if you want them always loaded for the project, or use the master command when you want granular control — load the full context for a deep session, skip it for a quick fix.

February 17, 2026

Using Claude Code superpowers

Go to Claude Code /plugins , search for superpowers and install it. Once installed restart and start a new session with /using-superpowers