# scan-for-secrets 0.1 Summary Simon Willison released **scan-for-secrets**, a Python tool that scans directories for accidentally-exposed API keys and secrets before sharing files publicly. The tool goes beyond literal string matching by also detecting common encodings (JSON, backslash escaping, etc.) and can be configured with a `.scan-for-secrets.conf.sh` file to automatically extract secrets from various sources like environment variables and AWS credentials.
Release: research-llm-apis 2026-04-04 Simon Willison’s Weblog Subscribe Sponsored by: Teleport — Connect agents to your infra in seconds with Teleport Beams. Built-in identity. Zero secrets. Get early access 5th April 2026 Release research-llm-apis 2026-04-04 — Research into the HTTP APIs from various LLM providers. I'm working on a major change to my LLM Python library and CLI tool. LLM provides an abstraction layer over hundreds of different LLMs from dozens of different vendors thanks to its plugin system, and some of those vendors have grown new features over the past year which LLM's abstraction layer can't handle, such as server-side tool execution. To help design that new abstraction layer I had Claude Code read through the Python client libraries for Anthropic, OpenAI, Gemini and M
A quote from Kyle Daigle Simon Willison’s Weblog Subscribe Sponsored by: Teleport — Connect agents to your infra in seconds with Teleport Beams. Built-in identity. Zero secrets. Get early access 4th April 2026 [GitHub] platform activity is surging. There were 1 billion commits in 2025. Now, it's 275 million per week, on pace for 14 billion this year if growth remains linear (spoiler: it won't.) GitHub Actions has grown from 500M minutes/week in 2023 to 1B minutes/week in 2025, and now 2.1B minutes so far this week. — Kyle Daigle , COO, GitHub Posted 4th April 2026 at 2:20 am Recent articles Meta's new model is Muse Spark, and meta.ai chat has some interesting tools - 8th April 2026 Anthropic's Project Glasswing - restricting Claude Mythos to security researchers - sounds necessary to me -
# Summary Frontier AI models are fundamentally transforming vulnerability research and exploit development. Within months, coding agents will be able to automatically discover zero-day vulnerabilities by analyzing source code, since LLMs excel at the pattern-matching and constraint-solving tasks that exploitation research requires—they already encode vast knowledge of bug classes, code correlations, and exploitation techniques in their weights. This represents a step-function improvement rather than gradual change, meaning substantial vulnerability research will soon happen through simple prompting of agents rather than manual analyst work.
The cognitive impact of coding agents Simon Willison’s Weblog Subscribe Sponsored by: Teleport — Connect agents to your infra in seconds with Teleport Beams. Built-in identity. Zero secrets. Get early access 3rd April 2026 A fun thing about recording a podcast with a professional like Lenny Rachitsky is that his team know how to slice the resulting video up into TikTok-sized short form vertical videos. Here's one he shared on Twitter today which ended up attracting over 1.1m views! That was 48 seconds. Our full conversation lasted 1 hour 40 minutes. Posted 3rd April 2026 at 11:57 pm Recent articles Meta's new model is Muse Spark, and meta.ai chat has some interesting tools - 8th April 2026 Anthropic's Project Glasswing - restricting Claude Mythos to security researchers - sounds necessary