Reading

Writer’s Brief The Hook I clicked “Allow” on a macOS permission dialog without thinking. Then I asked what I’d actually just done. Main Points to Cover When you grant your terminal “Automation” permission to control Finder or System Events, you’re not granting it to one script. You’re granting it to EVERY script, npm package, and pip install that runs in that terminal. Forever. The fix was replacing 1 line of osascript with 10 lines of Swift that uses the proper macOS API (NSWorkspace). Zero permissions needed. The native API exists, people just reach for osascript because it’s easier to Google. The broader lesson: most “just click Allow” moments in macOS are trading long-term attack surface for short-term convenience. The permission system is good, but only if you understand what you’re actually granting. The Angle Personal discovery while building a small tool. Not preachy security advice - more “huh, I didn’t realize what that checkbox actually meant.” ...

Writer’s Brief The Hook I ran a code audit on my own personal task system and the reviewers all said the same thing: stop building. Main Points to Cover The meta loop problem - when your task system becomes the biggest consumer of its own output (32% of all tasks were about improving the task system) The “operating system” realization - capture, management, execution, output layers. You’re not building a to-do app. You’re building an OS. And that changes everything about when to stop. The freeze as the hardest feature - choosing to not build anything for a week when the system is exciting and growing fast The Angle Personal discovery. You build something, it works, it grows, and then the growth itself becomes the problem. The system that was supposed to help you ship things becomes the thing you ship. The audit catches it. The panel of imaginary experts all independently say “freeze it.” And you do. ...

Writer’s Brief The Hook What if you could be mid-conversation with Claude and just say “go start a new session over there with what we just learned” and it actually does it? Main Points to Cover The core problem: context is trapped in sessions. You learn something in one conversation that belongs in a different project. The bridge between sessions has always been manual (copy-paste, write a file, start over). The v1 failure is the interesting part: tried to fork the session (–resume –fork-session), bash quoting became a nightmare, it killed the original session instead of spawning alongside it. The fix was embarrassingly simple: write a shell script to /tmp. The pattern: when you can’t pass complex stuff between processes inline, write it to a file. The launcher script, the context brief, they’re both the same idea. Files are the universal interface. The Angle Building tools for yourself inside the tool you’re building them with. Meta-tooling. The “wait, can I just make this a command?” moment. ...

Writer’s Brief The Hook You can skip the Supabase dashboard entirely and run SQL straight from your terminal (or from Claude Code) using one curl command. Main Points to Cover The Supabase Management API accepts raw SQL, not just REST/CRUD Your access token is already sitting in your macOS Keychain if you’ve ever used the Supabase CLI This unlocks “give someone access” as a one-line command instead of a multi-step dashboard workflow The Angle Discovery through friction. Tried psql, it failed (IPv6 only). Tried the CLI, wrong version. Dug into the Keychain, found the token, hit the Management API. Now it’s a one-liner forever. ...