Welcome to AI for Life, Pedro. Glad to have you here. Quick intro for everyone: Based in Boston. Strong contributor in AIS, consistent presence in the weekly meetings. Builds AI automation for client work. Methodical, detail-driven, and not afraid to grind. Currently working on a non-profit project focused on feeding the underserved in the Boston area. Asks sharp questions, applies feedback fast, and shows up. @Pedro Gomez , this community is built for operators exactly like you. Jump into any thread, ask anything, share what you're building. The room is here for it.

Short version: a popular free add-on for Claude Code has been abandoned by its creator under bad circumstances. If you never installed it, you are fine and can stop reading. If you did, the simple steps are below. **The one lesson worth keeping** A free tool can be perfectly good and still become a risk later if the person behind it cannot be trusted. The fix is not fear, it is hygiene: know what you have installed, and remove things when the people behind them walk away. Questions? Drop them below. Happy to help anyone through the cleanup. 🧹 @Antonio Capunzo @Debbie Ai @Mike AI Consultant @Mike Thomson @Nick Mohler @Usman Mohammed @Diane McCracken @R S

The answer may be obvious, however I wanted to verify. What is your go to LLM when NOT using it for Claude Code? Mine is still ChatGPT.

A friend pinged me yesterday: "GitHub got hacked, what do I do?" Their account is fine. GitHub itself was breached on May 19. Hackers stole about 3,800 internal repositories from GitHub's own corporate systems. Customer accounts, customer repos, organizations, enterprises. All confirmed unaffected. But that's the wrong thing to be worried about. The interesting part is HOW GitHub got breached. A GitHub employee installed a poisoned 𝗩𝗶𝘀𝘂𝗮𝗹 𝗦𝘁𝘂𝗱𝗶𝗼 𝗖𝗼𝗱𝗲 𝗲𝘅𝘁𝗲𝗻𝘀𝗶𝗼𝗻 called Nx Console. The malicious version (18.95.0) was published May 18, 2026, sat in the marketplace, and anyone who installed or auto-updated to it during that window got compromised. The same group, TeamPCP, has now expanded the campaign into PyPI, the Python package registry. They backdoored legitimate releases of LiteLLM (a popular AI gateway library) and Telnyx's official SDK. So the real question isn't "was my GitHub account hacked." It's "did I touch any of the compromised software on my own machine?" If you installed Nx Console between May 18 and when it was pulled, your laptop may be compromised. If you have a Python project using LiteLLM or Telnyx and you ran a fresh install in that window, your laptop may be compromised. Your machine got hit, not GitHub's platform. This is the shape of modern attacks. Supply chain. They don't break in through the front door. They poison a dependency you trust and wait for you to install it. The breach at GitHub is downstream of that. Same attacker, same campaign, different victim. Here is how to check yourself in about five minutes without needing to be a security person. 🛡️ Copy the prompt below. Paste it into Claude, ChatGPT, or Gemini. It will ask what operating system you're on, then give you the exact commands to run. ----- PROMPT START ----- I want to check if my computer was affected by the May 2026 supply chain attack connected to the GitHub breach. The malicious artifacts I need to scan for are: 1. The VS Code extension "Nx Console" by nrwl (extension ID:

Switch your browser to Safari Private mode for Skool. Zero issues.