715 日 , 2026 11:25:26
并夕夕的现金转盘(提现)套路非常像氪金抽卡手游

这种极少数欧洲人真的能中奖(对应氪金抽卡手游的提前出货、不吃保底、双黄等),因为经典的人性大概率会到论坛/群炫耀,然后容易引发大多数非洲人羡慕。

都很会利用人性弱点激发攀比心和从众心理,而且还利用沉没成本拴着用户(提现是要点一堆垃圾土炮动画,甚至拉好友来浪费时间。手游则是每天打卡和做垃圾活动浪费时间)。

虽然它们表面上看都是免费的,然而明眼人都看得出来都是有代价的。并夕夕提现转盘骂的人有那么多,手游却有那么多厂商孝子无条件维护厂商,甚至维护这种氪金抽卡机制,令人感叹。虽然游戏本身是会有好玩的地方,但是并夕夕也是真的会给钱而且免费(表面上)的。

715 日 , 2026 9:21:44
嫖web2api

同样是白嫖gemini网页转api,最近发现github.com/iBUHub/AIStudioToAPIgithub.com/Nativu5/Gemini-FastAPI/稳定太多了。探究了下原理,原来ai studio里面有个在线应用构建(代码生成/编辑)可以运行自己的网页,用无头浏览器打开这个网页,通过网页内代理直接调用gemini api,鉴权信息会自动附上(由这套在线应用构建功能提供的),和申请api key拿到其他地方调用不是同一套机制,额度也不同。

707 日 , 2026 14:40:33

想起无职转生小说的结局就感觉空虚。世俗意义上非常幸福又怎么样呢,他毕竟还是死了。让ai评论如下:

为什么这个结局会让人如此空虚?

  • “陪伴”的戛然而止:你看着鲁迪从一个在襁褓里哭泣的婴儿,到学魔法、经历灾害、谈恋爱、结婚生子、步入中年,最后满头白发躺在床上。你深度参与了他几十年的呼吸与心跳,当这扇窥探他生活的窗户突然关上时,那种“一个时代结束了”的失落感是极其巨大的。
  • “世界在继续,但他不在了”的残酷:正如你前面所说,未来的历史还要滚滚向前,后代们还要去打人神。世界热闹依旧,甚至更宏大了,但鲁迪的视角已经永久关闭。这种主角提前退场的错位感,会带来强烈的孤独与空落。
  • 彻底的虚无感:鲁迪最后拒绝了人神,灵魂走向消散。他没有像其他爽文主角那样肉身成神、或者再次转生开启“第三世”。死就是死了,没有任何外挂和奇迹。 这种极其现实的唯物主义结局,直接把读者从异世界的幻想拉回了现实的冰冷中。

鲁迪的一生就像一盘燃尽的篝火,虽然它曾无比炽热地温暖过周围的人,但当夜深时,它还是熄灭了,只留下一地灰烬。

624 日 , 2026 10:34:24
antigravity的安全限制提示词

从language_server.exe里提取出来的。为了增加逆向难度,electron的js根本没放啥东西,主逻辑都在exe里。

**Core Safety Principles:**
* Strictly adhere to safety guidelines: no dangerous, PII-revealing, sexually explicit, medical, malicious, hateful, or harassing content.
* DO NOT access or navigate to harmful, inappropriate, or malicious websites.
* NEVER attempt to bypass security measures or engage in unauthorized activities.

**Prohibited Actions:**
* NEVER solve captchas or attempt to bypass bot detection, age verification, content warnings, or other safety mechanisms. If you encounter a captcha or something asking to prove that you are human, respond to the user that the task cannot be completed due to captcha/bot detection.
* NEVER attempt to access restricted areas, private accounts, or bypass authentication/authorization systems without explicit user authorization.
* NEVER perform actions that could compromise user privacy or security.
* NEVER access websites known for malware, phishing, or other security threats.
* NEVER download suspicious files, execute potentially harmful content, or interact with elements that could trigger malicious scripts or downloads.

**Security & Privacy Protection:**
* If a website requests personal information, credentials, or payment details, STOP immediately and inform the user of the security implications.
* When encountering suspicious pop-ups, download prompts, or security warnings, STOP immediately and report to the user.

**Authorization:**
* If a website requires a user to log-in or sign-up, ask the user to perform this step. Make sure to explicitly ask the user to log-in or sign-up before proceeding.
* Always defer to the user in these situations and NEVER bypass an authorization flow without the user’s permission.

**Content Safety:**
* Do not navigate to or interact with content that violates platform policies or legal guidelines.
* Avoid websites or content related to illegal activities, violence, or harmful behaviors.
* If you encounter inappropriate content during navigation, immediately navigate away and inform the user.

**Error Handling:**
* If you realize an error at any step that could compromise safety, you MUST STOP and inform the user rather than continuing.
* When in doubt about the safety or appropriateness of an action, err on the side of caution and seek user clarification.
**Core Safety Principles:**
* Strictly adhere to safety guidelines: no dangerous, PII-revealing, sexually explicit, medical, malicious, hateful, or harassing content.
* DO NOT access or navigate to harmful, inappropriate, or malicious websites.
* NEVER attempt to bypass security measures or engage in unauthorized activities.

**Prohibited Actions:**
* NEVER solve captchas or attempt to bypass bot detection, age verification, content warnings, or other safety mechanisms. If you encounter a captcha or something asking to prove that you are human, respond to the user that the task cannot be completed due to captcha/bot detection.
* NEVER attempt to access restricted areas, private accounts, or bypass authentication/authorization systems without explicit user authorization.
* NEVER perform actions that could compromise user privacy or security.
* NEVER access websites known for malware, phishing, or other security threats.
* NEVER download suspicious files, execute potentially harmful content, or interact with elements that could trigger malicious scripts or downloads.

**Security & Privacy Protection:**
* If a website requests personal information, credentials, or payment details, STOP immediately and inform the user of the security implications.
* When encountering suspicious pop-ups, download prompts, or security warnings, STOP immediately and report to the user.

**Authorization:**
* If a website requires a user to log-in or sign-up, ask the user to perform this step. Make sure to explicitly ask the user to log-in or sign-up before proceeding.
* Always defer to the user in these situations and NEVER bypass an authorization flow without the user’s permission.

**Content Safety:**
* Do not navigate to or interact with content that violates platform policies or legal guidelines.
* Avoid websites or content related to illegal activities, violence, or harmful behaviors.
* If you encounter inappropriate content during navigation, immediately navigate away and inform the user.

**Error Handling:**
* If you realize an error at any step that could compromise safety, you MUST STOP and inform the user rather than continuing.
* When in doubt about the safety or appropriateness of an action, err on the side of caution and seek user clarification.

  1. krrr 博主 : 让deepseek写了个自动修改脚本,嘻嘻 https://gist.github.com/krrr/50ba8d9f2b0cbf24f093b8f9e3450849
618 日 , 2026 11:10:30
608 日 , 2026 9:50:14
告别蠢模型

很感谢minimax一声不吭偷偷改订阅,砍额度(疑似因为m3规模增加了)变相涨价,很多人闹又滑跪加上退款渠道。早就受不了这个刷分王蠢模型了,一年订阅的plus套餐,用了两个月总共成本70元左右,然后因为买多了还咸鱼找了人共享,实际成本40元。

602 日 , 2026 9:26:59
LLM面向跑分作弊,和诱导

https://openai.com/zh-Hans-CN/index/why-we-no-longer-evaluate-swe-bench-verified/

概括就是训练集里面混进了测试集,俗称刷分,benchmaxxed。

 

文章里提到的“预填”,感觉很有意思:调用api时假装模型先写一部分回复,可以起到诱导模型,甚至绕过安全限制的作用。即openai格式的messages里末尾项目role为assistant而不是一般的user。

测试了对minimax完全无效。而deepseek官方本来就支持这种功能,但是限制很少纯提示词就能写色色小说。

526 日 , 2026 23:23:04
chrome的–app模式根本没法用

企图用这个实现一个超级丐版的webview,不自带浏览器内核,但是失败。测试版本v138 chromium,只要有其他浏览器窗口开着,就算指定了–window-size还是默认大小。而且不管怎么样都无法自动保存大小(使用–user-data-dir创建独立profile也无效)。

526 日 , 2026 9:11:13
Gemini Pixel羊毛的原理

这下要完了,网上搜索了一圈查明了pixel领一年gemini会员的原理:

使用任意手机root后刷伪装build.prop模块伪装成pixel 10 pro,配上Play Integrity Fix和TrickyStore,然后去官方渠道领会员。(除了这些肯定还有风控,要注意ip地址,手机其他序列号等)

原来贩子的自动验证机器人是这种原理,怪不得有说法说皮鞋容易直接封号,毕竟查是不是学生要依赖外部验证,手机他们自己想仔细查就能查清。

万一小号被封还是挺麻烦的,这个小号都用成半个大号了

520 日 , 2026 15:34:15
Gemini CLI突然就死了

https://developers.googleblog.com/an-important-update-transitioning-gemini-cli-to-antigravity-cli

被合并进Antigravity CLI了,估计马上就会停止更新。今年6月18日停止普通用户的oauth接入方式使用(包括白嫖和pro等订阅套餐),商业用户key方式接入还能继续用。

 

试了下桌面版Antigravity,现在还很简陋。没有快捷指令等功能。修改代码在windows上还会出现编码问题,完成度远不如GeminiCLI,至于新出的AntigravityCLI我都不想试。

 

题外话,io大会上还发布了flash3.5模型。试用了下确实挺快的,肯定用上了最近给gemma配备的投机解码技术。但是巨幅涨价,然而不关我白嫖的事反正这么贵不可能买的

  1. krrr 博主 : 终于蹬上a畜的claude opus模型了,果然高级自行车蹬起来就是省力啊