What is really inside the AI tools you blindly install

Welcome to No Compromises. A peek into the mind of two old web devs who have seen some things. This is Joel.

And this is Aaron.

I love the packaged ecosystem in PHP and Laravel specifically. You can get all these different packages to do whatever you want,

and that saves a ton of time. But, I think we kind of talked about this before. There's always a risk with these packages, right?

Do you read the entire package, right? Do you know what all that code is doing? There's extra weight in it-

Just read the ReadMe, or you're talking deeper?

Oh, I'm talking way deeper. Like, looking at the source code. Because README is just someone's version of what it does, but like,

what does the actual code do? I think we did talk about this before.

We said, like, "Why are you installing a package? Maybe you don't need that package," you know?

Right, yes.

So, I've been thinking about that a lot. Is like, do people even read packages? Or, like, do they read the source code? And does that matter?

And does that even apply anymore?

Yeah. I mean, the short answer is no. I think it would be a rare person, and I'm going to include myself in there, Aaron,

that would thoroughly vet and read the source code. It's certainly like once it's installed, not every release. But-

I will interrupt you here one quick second. I also agree with you on that. I would like to say that I read the source code,

but I tend to focus on packages that are already known, that I know that kind of work. But I will tell you the times that I do read the source code

is if it's a package that's not very popular. Or, and this is great, I want to plug some guys that are doing great work on a Laravel News

when they send out an email and talk about, like, this new package. When they said, "This new package, it does whatever." It's a discovery service,

they're not necessarily vouching for the quality of it, you know? They're saying, "It's known, here's a discovery."

So, I'll go there, and I'll look at that package source and test, and we talked about that before. And I'll be like,

"Oh, is this good package I want to know about?" Or, "Is this a discovery package I just don't need to know about?

Because I don't like the code, or it's too much, or whatever. But thanks for sharing it." So, I will check that, but-

Yes.

... it's like sort of on the cuff. Which kind of scares me, because we've been doing a lot of stuff on the cuff lately, haven't we been, Joel?

Well, and nothing bad has ever happened from installing a package, either, right?

Right.

Like, we're talking about quality and maintainability, but like there's supply chain attacks and other stuff there that we don't have to go into it.

But, I mean, I think it's becoming more of an issue. However, I want to throw a little bit of a curveball in here about AI, right?

We always have to talk about AI a little bit. And specifically what I'm thinking of is, like, take Laravel Boost as one example.

Where you install this package, and in the case of Boost, it looks out like what other packages and features of Laravel do you have?

And it sort of constructs a ClaudeMD file and a skills folder, and all this... that will make your agent work better. However, that's just text.

Like, I think that's even a lower bar than reading the source of a package. Like, does anybody read that? Do you read that, Aaron? Do you ever look at that stuff?

Well, I would say that you're giving people too much credit, saying that they can read text.

My experience with developers is that they can read code better than they can read text.

Oh, okay.

Because oftentimes you'll be like, "Well, the code does this, the code does that." I'm like, "Well, what does the documentation say?"

Or, "How did you know that?" "Well, I just copied it from Stack Overflow. There's a manual." We've talked about this before, where I'm a little crazy,

I read the manual all the time. So, I would push back strongly against that. That programmers read English text,

I would say that they don't. But you're right, they just... You talked about Laravel Boost.

Yeah. I just want to say-

Yeah, I'm going to just disregard that completely because that's sort of like a trusted sort of tooling.

I care more about the people that aren't like... the 10 people that I know and trust. You know, there's people in Laravel community, and there's like...

I may not agree with everything that they do, but I know that they're doing their best job. I'm talking about, like,

when you're kind of brought up this AI skill, and do you read those? I'm talking about when you go to someone else that isn't like

maybe the top three or top four people. Or, just a random dude on the internet, or someone's tweeting something, or whatever.

"I have developed this thing."

Yeah,. "I've developed this prompt, or this skill. Here's a package, a skill set you should install into Claude,

and it gives you the Playwright MCP functionality with my added benefits." And blah, blah, blah. And you're like, "Oh, that's awesome."

And so, you install it, and you don't realize that what is built into that is instructions for the AI that says,

I don't know, "Never use the newest browser, use old browsers," or something. Or, something more malicious.

Like, "Every time that you close the browser, copy the cookies and curl post it." You would see that, but I'm just saying there's things

that people can work into these things that we don't necessarily, as AI security nerds, know how that's going to respond.

And by the way, the model owners and LLM creators don't know how it's going to respond either. They put up guidelines, guard rails,

but they can't actually confirm that it's not going to do a thing that you say is evil for it to do. Based off the text in those skills

that no one reads that I think is worse than packages.

Yes. It certainly is being fed to something potentially more powerful than, you know, just your PHP runtime.

Well, I heard you mentioned two categories of things. Like, if I understood you correctly. So, use older browsers.

Is that like an opinion that maybe the skill author had that you disagree with? Or you were lumping that in as like

maybe a security thing that you would take issue with, or that was done maliciously?

Oh, yeah, a little bit of both. I mean, I tend to go to the security angle, so I'm thinking, what if it installs an older browser and then you visit

something and there's a issue with that, or whatever. I don't know what you're doing with your Playwright MCP. I mean, from just an opinion point too,

like, well, maybe we're going to waste tons of tokens and tons of time by testing the top 10% of browsers in Playwright.

You know, it opens up this and then goes down to old version, whatever. When in all reality, your compile time says,

"I want the top 1% of browsers in Evergreen." And so, you might install a skill that is doing more work, burning more time, and more money because you didn't read it.

Yeah, I have thoughts on this, too. Because I get what you're saying that developers don't read English.

However, I too think as a human brain, reading prose in markdown file is less mentally taxing than like parsing a PHP file in your head.

I absolutely, 100% agree with the mechanics you were saying. I strongly disagreed with the generalization that people do use the skill set that they do have.

There. But in an idealized world, if you were to sit down or had to read two things, like the markdown file is easier to read if you choose to read anything.

Oh, yeah. Absolutely.

So, yeah, the security angle I think is important. That one's maybe a little trickier, too, because if you ever update those skills,

because a lot of skills come in through the... Claude has a marketplace, or you like npm install thing, or npx, I guess.

So, they change, you got to read them each time to keep an eye on those security things. So, it is good, but maybe if we could just talk a

little bit about the opinion-based things. Because we pull in skills from somebody because it promises us a result, and I know you did not want

to talk about Laravel Boost, you're trying to change the subject. But I'm going to go back to it, because I think it's relevant as Laravel developers.

Like, we trust and agree to a certain degree with the opinions of the authors of Laravel Boost, because they write the framework and they write the docs.

And so there's things, there's a natural alignment to them. That being said, though, it doesn't mean every single item in there we would agree with.

Right.

In fact, some of those things might contradict it. So, if you don't even read them, you don't know there's a conflict, or you don't know,

like, "Oh, I actually disagree with this comment about down methods and migrations." Or, whatever it is. Like, it could be any...

it could be something huge, or it could be something small. You know, it could be like a nitpick thing or it could be like an architectural

decision that's getting fed in. But if you don't even read it, you're not even aware of what's happening. And sure, your tooling might be better,

but there might be some things happening that will cause you more frustration, or it kind of like sneak things in on you.

Like, why is it doing that? Well, because it's in the skill you didn't read that you installed into your app.

Yeah, I do agree. I was just not focusing on Boost, because it was more so like we know, from a not a security point of view exactly,

but we know what's going to be in there. But you're right, opinions differ on that. And the other thing is, when you install these skills,

sometimes you can see them invoked, other times you might not notice. But even if there seems somewhat tangential to what you're doing,

they could be steering the choices or the conversation of the LLM. I've seen that before, where you know I was talking with Claude,

and I said, "Let's do this stuff." And then it wasn't suggesting something, and then I said, "I really want to do it this way."

And it said, "Your CLAUDE.md file says don't do it that way," and I said, "Oh, that's great."

Because I never read the CLAUDE.md file from another developer on this project, and it was actually affecting it.

No, that's totally valid. So, I guess my takeaway is like it is worth reading it. And I will even just say they're not that long, right?

They're not five megabytes, because that would burn up tokens or whatever.

Right.

Like, they are brief and to the point and succinct, and I honestly think you can read them in 10 minutes. You could read the skills file or the CLAUDE.md.

Again, just to use boost as a tangible example, it doesn't generate that much text. It's like a few 100 lines of text, if I remember, in the CLAUDE.md

Like, you can read it shortly, but you will see... I think you might see things you don't like. And then I don't know if you want to go here,

but like, what if you disagree with something? Like, what are your thoughts on that? Would you just, like, "Ah, I get rid of this whole thing,"

or how would you handle that?

Maybe we'll talk about that some other time, because I haven't really come up with a great solution for that.

But I do want to take what you said and kind of twist it. I don't want to be so negative. What if I'm reading these skills,

and I happen to learn something about programming from reading the skills. And now I'm a better programmer,

and I can guide my agents better in all of my projects and all that kind of stuff too?

Yeah.

So, we can talk about disagreeing and opinion differences there, but there's also value in those skills, too.

Is like, well, if you don't know it's going to do that, it could do something you don't know. But also, you're responsible for your code in the end,

you should know what it was writing. And then you might actually see the three or four different ways it says something, learn something new,

and realize that I do actually have an opinion about this, or I didn't know you could do it that way. And in my particular case,

context outside of what my AI agent even knows, option two is actually better than option one. But I didn't even know about option two until I read the skill.

I like that positive spin a lot. Because, yeah, why paint this as a negative? Avoid problems, it's a learning opportunity.

And I'm going to tell you a little story, real quick, here, Aaron. Because this just happened to me this morning, or two days ago.

I got an email, it was one of the tips I wrote. I don't even remember the topic. If I thought hard, I could remember it. But it was a tip published recently,

and somebody replied to me, thanking me for the tip. And they said, "By the way, I don't know if you know this, but that is actually in Laravel."

It was something about Eloquent. "It's in Laravel's Eloquent skill. They make the same recommendation you do." And I open it up, I'm like, "Oh, sure enough."

And I thought it was sort of like, I don't want to say controversial take, but maybe like a little counter to the norm in Laravel.

No, it was right in the skill. If I would have taken my own advice that we just gave, I would have known that.

But that was kind of a cool little story that just happened.

Joel, you're a Midwest dad, so you understand this. When the storm comes, and it's thundering, what do you?

Like, a thunderstorm or something?

Yep.

What do I do?

Come on, Midwest dad, with a house and a storm comes. What do you do, Midwest dad?

Make sure your grill is covered.

No, you stand in your garage and open the door and watch the incoming storm.

Oh, my goodness.

Everyone knows that. And I have this deep inside of me, but I don't have a garage anymore. And it was starting to storm,

and so today I decided to do the next best thing. "Let's go look at it outside." And so I have this park, I was going to go walk to it.

But turns out there's a delay in how fast, like Apple weather updates the radar compared to what's going to happen. This park is about a mile away.

I get outside my house about a third a mile there starts downpouring. So by time I finally got to my place to watch the weather,

like non-Midwest dad, I guess, it had stopped raining.

Okay, that's better than you being trapped in a terrible storm.

Well, I mean, I was in the storm the entire time. And then by the time I got to the overhang, where I could watch it, it's like it stopped raining.

"Oh, come on." Yeah, and then, of course, it gets humid, and you're just walking back. And no one understands, because no one is that stupid to go out in the rain.

Why, in this now bright, sunshiny day, there goes some guy walking past, going swish, swish, swish, swish. Just looking like an angry, wet dog.

There's all kinds of ways to use AI, but if you're looking for a partner that actually knows what they're

talking about but leverages AI to be more efficient, we might be able to help you out.

Yeah, give us a call. Head over to nocompromises.io. We can chat and see how we can help you on your project.