3 results found

LLM-based Multi-Agent (LLM-MA) systems automate complex software tasks, but their token consumption, and thus costs, are poorly understood. New research analyzing the ChatDev framework with GPT-5 reveals that the iterative Code Review stage consumes a striking 59.4% of tokens, with input tokens making up 53.9% of total consumption. This indicates that the primary cost in agentic software engineering lies in refinement and verification, not initial generation, offering crucial insights for cost prediction and workflow optimization.

This article details how to build a secure AI-powered pull request reviewer using JavaScript, Claude, and GitHub Actions. It focuses on critical security aspects like sanitizing untrusted diff input, validating probabilistic LLM output with Zod, and employing fail-closed mechanisms to ensure robustness and prevent vulnerabilities.

Glassworm attack review: Highly sophisticated invisible code injection using Unicode characters to compromise GitHub, npm, and VS Code, stealing credentials and secrets with blockchain C2. Detection requires specialized automated tooling.