Leaked System Prompts for 30+ AI Coding Tools Now in One Repo
Leaked system prompts for 30+ AI coding tools, claude-mem for persistent agent memory, Karpathy's 'claws' concept, and 70B models on consumer GPUs.
Hey everyone, welcome to the Builder's Briefing for February twenty-third, twenty twenty-six. I'm Alex, joined as always by Sam, and today — oh boy — someone basically published the playbooks for every major AI coding tool.
Yeah, this one's been blowing up all morning. We've also got Karpathy coining a new term for agent behavior, running a seventy-billion-parameter model on a single consumer GPU, and a guy who accidentally took over seven thousand robot vacuums. So, you know, a normal day.
Let's jump right into the big story. A repo went viral on GitHub — over forty-five hundred stars already — collecting the leaked system prompts for more than thirty AI coding tools. We're talking Claude Code, Cursor, Devin, Windsurf, Replit, Lovable, v0, Manus — basically everybody.
This is wild because these system prompts are essentially the product decisions. Like, how does Cursor handle tool use versus Devin? How does Lovable structure code generation differently from Replit? All of that is just sitting there now for anyone to study.
Exactly. And Anthropic's own Claude Code repo, which has another twenty-five hundred stars, adds even more context on internal wiring. So if you're building AI dev tools, you basically have a cheat sheet from every top team in the industry.
Right, and what's interesting is what this means strategically. If your competitive moat was a clever system prompt — that's gone. Poof. The real differentiation now is execution, UX, workflow integration. Things like context management, multi-file editing, deployment pipelines.
I think we're going to see serious market consolidation over the next six months around the tools that nail the full workflow, not the ones relying on prompt tricks. If you're building in this space, spend your energy on agent orchestration and tool integrations.
Which actually ties perfectly into a few of today's AI stories.
It really does. First up — claude-mem. It's a persistent memory plugin for Claude Code that auto-captures everything Claude does during a session, compresses it, and injects relevant context into future sessions. If you've been hitting Claude's context ceiling on long projects, this is basically long-term memory without manually maintaining your CLAUDE.md files.
That's huge for anyone doing multi-day projects. I've definitely felt the pain of Claude forgetting everything between sessions. This is a drop-in fix, which is the best kind.
Then we've got Karpathy weighing in. He's framing what he calls 'claws' — persistent, autonomous agent loops that grip onto tasks across sessions and tool boundaries. This kicked off over seven hundred Hacker News comments.
I love that framing. It's not just an agent that responds — it's one that latches onto a goal and keeps pursuing it over time. That's the trajectory the whole industry is converging on, and it maps directly to the workflow orchestration point from the leaked prompts story.
And one more from the AI section that caught my eye — Taalas is literally printing LLM weights directly onto custom silicon. No loading models from memory at inference time. If it scales, we could see sub-ten-millisecond inference for specific models.
That's a different paradigm entirely. You're baking the model into the chip. For latency-sensitive products — real-time coding assistants, robotics, anything interactive — that could be a game changer.
Alright, dev tools. Boris Tane posted a workflow that got three hundred fifty-nine points on Hacker News — separation of planning and execution with Claude Code. Use Claude to plan in one pass, then execute in a separate constrained pass.
This pairs so well with the claude-mem plugin. And honestly, if you're getting mediocre results from AI coding assistants, this is probably your issue. The fix isn't a better model — it's separating the think step from the do step. I've been trying this myself and the difference in output quality is night and day.
Also really cool — zclaw, a functional AI assistant running on an ESP32 microcontroller in under eight hundred eighty-eight kilobytes. Useful AI without cloud roundtrips on a tiny chip.
Under a megabyte! If you're doing anything in edge AI or IoT, that's a proof point worth studying. Not everything needs to phone home to a data center.
Okay, infrastructure. This one blew my mind. Someone got Llama 3.1 seventy-B running on a single RTX 3090 by streaming model weights directly from NVMe to GPU, completely bypassing the CPU.
A single 3090! That's like a thousand-dollar card running a seventy-billion-parameter model. You'll pay in latency per token, but if you're self-hosting and can't stomach multi-GPU costs, this could slash your hardware budget.
And a quick one — FloeDB published a two-bit bloom filter technique that doubles accuracy with minimal overhead. If you're building data pipelines or cache layers where false positives matter, it's a drop-in upgrade to your probabilistic data structures.
Love a good data structure improvement. Simple, elegant, immediately useful.
Security corner — two stories that are almost comedy if they weren't terrifying. First, a botnet accidentally destroyed the I2P anonymity network. Not a targeted attack — just collateral damage from a traffic flood.
Accidentally! If you're building on decentralized or overlay networks, resilience to traffic spikes can't be an afterthought. It has to be a design-time decision.
And then a researcher stumbled into control of seven thousand robot vacuums through a vulnerability. Just — oops, I own your fleet now.
Your weekly reminder, folks — audit your device auth and command authorization flows. Especially if you're shipping connected hardware. On a brighter note, Authelia just got official OpenID certification, so if you're self-hosting services, that's now the most credible open-source SSO option out there.
Quick hits — we've got a great piece on parse-don't-validate type-driven design in Rust, PlanetScale explaining database transactions from first principles, and a fun one — someone explaining why they switched back to FreeBSD.
The FreeBSD one got a hundred sixty-eight Hacker News points. There's also a nice essay on why attention media is not the same as social networks — really useful framing if you're building consumer products.
So here's today's takeaway. The internals of AI coding tools are no longer secret. The best builders are already treating those leaked prompts as study material. But the real lesson is that differentiation lives in workflow orchestration — planning versus execution separation, persistent memory, multi-agent coordination — not in prompt engineering.
If you're using AI coding tools today, adopt the plan-then-execute pattern and add session memory with something like claude-mem. The teams winning in six months are going to be the ones who mastered agent context management starting now.
That's the briefing for today. Links for everything we covered are in the show notes. We'll be back tomorrow — until then, keep building.
See you next time, folks.
A massive collection of system prompts and internal configurations for virtually every major AI coding tool has gone viral on GitHub. The repo — now at 4,500+ stars — exposes the full system prompts for Claude Code, Cursor, Devin AI, Windsurf, Replit, Lovable, Manus, v0, and dozens more. A companion repo from Anthropic's own claude-code project (2,500+ stars) adds even more context on how these tools are wired internally.
For builders, this is immediately actionable. If you're building AI-powered dev tools or coding agents, you now have a cheat sheet showing how the best teams in the industry structure their system prompts — what constraints they set, how they handle tool use, how they manage context windows, and what guardrails they enforce. Study the differences between Cursor's approach and Devin's. Look at how Lovable handles code generation versus Replit. These prompts are the product decisions that shape user experience, and they're all visible now.
What this signals: the moat for AI coding tools is not the prompt engineering — it's execution, UX, and integration depth. If your competitive advantage was a clever system prompt, that advantage just evaporated. Over the next six months, expect the market to consolidate around tools that nail the workflow (context management, multi-file editing, deployment pipelines) rather than those relying on prompt tricks. If you're building in this space, spend your time on agent orchestration and tool integrations, not on prompt secrecy.
claude-mem: Persistent Memory Plugin for Claude Code Sessions
This plugin auto-captures everything Claude does during coding sessions, compresses it via Anthropic's agent-sdk, and injects relevant context into future sessions. If you're hitting Claude Code's context ceiling on long projects, this is a drop-in fix — think of it as giving your agent long-term memory without manual CLAUDE.md maintenance.
Karpathy: 'Claws Are a New Layer on Top of LLM Agents'
Karpathy's framing of 'claws' — persistent, autonomous agent loops that grip onto tasks across sessions — sparked 700+ HN comments. If you're building agent systems, the takeaway is clear: the industry is converging on agents that don't just respond but latch onto goals and pursue them across tool boundaries and time.
How Taalas 'Prints' LLMs Directly onto Silicon
Taalas is baking specific LLM weights into custom chip architectures, eliminating the need to load models from memory at inference time. If this approach scales, it could make sub-10ms inference real for specific models — watch this if you're building latency-sensitive AI products or considering custom hardware for production deployments.
LobeHub Pushes Multi-Agent Collaboration as the Unit of Work
LobeHub's updated platform frames agents as teammates you assemble into teams — not standalone chatbots. If you're designing multi-agent architectures, their approach to agent-to-agent handoff and team composition patterns is worth studying.
AI + Ghidra vs. Hidden Backdoors in 40MB Binaries: Results Are In
Quesma hid backdoors in large binaries and tested whether AI-assisted reverse engineering could find them. The results are sobering for security teams but encouraging for tool builders — AI significantly narrows the search space but still needs human judgment for novel techniques. If you're building security tooling, the BinaryAudit framework they released is a solid eval benchmark.
Separation of Planning and Execution: A Claude Code Workflow That Works
Boris Tane's post (359 HN points) lays out a concrete workflow: use Claude for planning in one pass, then execute in a separate constrained pass. This pairs perfectly with the claude-mem plugin above. If you're getting mediocre results from AI coding assistants, the fix isn't a better model — it's separating the think step from the do step.
zclaw: A Personal AI Assistant in 888KB on an ESP32
A functional AI assistant running on a microcontroller in under 888KB. Builders working on edge AI or IoT should look at how they achieved this — it's a proof point that useful AI doesn't require cloud roundtrips for every interaction.
workmux: Git Worktrees + tmux for Parallel Development
Simple tool that pairs git worktrees with tmux windows so you can work on multiple branches simultaneously without stashing anything. If you're juggling feature branches and hotfixes, this removes the context-switching tax entirely.
Boa: Embeddable JavaScript Engine Written in Rust
If you need to sandbox user-submitted JS in a Rust backend, Boa is getting mature enough to consider for production. Useful for plugin systems, serverless runtimes, or any product where users write custom logic.
Llama 3.1 70B on a Single RTX 3090 via NVMe-to-GPU Bypass
ntransformer streams model weights directly from NVMe to GPU, bypassing the CPU bottleneck entirely. This means you can run 70B parameter models on consumer hardware. If you're self-hosting models and balking at multi-GPU costs, this technique could cut your hardware budget dramatically — though expect higher latency per token.
Two-Bit Bloom Filters: 2x More Accurate with Minimal Overhead
FloeDB published a technique that doubles bloom filter accuracy by using two bits instead of one per slot. If you're building high-throughput data pipelines, search indexes, or cache layers where false positive rates matter, this is a drop-in improvement to your probabilistic data structures.
A Botnet Accidentally Destroyed I2P's Network
A botnet's traffic flood overwhelmed I2P's anonymity network to the point of collapse — not as a targeted attack, just collateral damage. If you're building on decentralized networks or relying on overlay networks for privacy features, this is a reminder that resilience to traffic spikes needs to be a design-time concern, not an afterthought.
Man Accidentally Gains Control of 7,000 Robot Vacuums
An IoT security nightmare made real — a researcher stumbled into control of thousands of robot vacuums through a vulnerability. If you're shipping any connected hardware, this is your weekly reminder to audit your device authentication and command authorization flows.
Authelia Achieves OpenID Certification for Self-Hosted SSO
Authelia — the open-source SSO/MFA portal — is now officially OpenID Certified. If you're self-hosting services and rolling your own auth gateway, this is the most credible open-source option on the table now.
OpenAI Evals Gets GeoAI: Benchmarking LLMs on Geospatial Tasks
OpenAI's evals framework added a geospatial AI benchmark. If you're building location-aware AI features — mapping, logistics, spatial reasoning — you now have a standardized way to compare model performance on these tasks.
DataHaven: EVM Chain Powered by StorageHub and Secured by EigenLayer
A new EVM-compatible Substrate chain using EigenLayer for security and StorageHub for data availability. If you're building onchain apps that need cheap persistent storage with Ethereum-grade security, this is worth evaluating as an alternative to DA layers like Celestia.
NoteDiscovery: Self-Hosted Knowledge Base
A new self-hosted knowledge base tool. If you're tired of Notion lock-in and want full control over your team's docs, worth a look — though it's early days.
Today's theme is clear: the internals of AI coding tools are no longer secret, and the best builders are already treating them as study material. If you're building AI-powered dev tools, your differentiation is in workflow orchestration (planning vs. execution separation, persistent memory, multi-agent coordination) — not prompt engineering. If you're using AI coding tools, adopt the plan-then-execute pattern and add session memory via plugins like claude-mem. The teams winning in six months will be the ones who mastered agent context management today.