GLM-5.2 topples Claude on Semgrep's real cyber evals; DFlash lands in llama.cpp; OpenSpec standardizes agent specs.
Top Signal
Semgrep: GLM-5.2 Outperforms Claude on Production Cyber Benchmarks
research to practice
HN Front Page, r/LocalLLaMA
Semgrep ran their internal cybersecurity evaluation suite — real vulnerability detection tasks, not synthetic leaderboard entries — and GLM-5.2 beat Claude. This matters because it's practitioner evidence, not benchmark theater: Semgrep is a widely-used SAST tool and their eval reflects actual code review workloads. GLM-5.2 has been circulating for a week, but this is the first independent production-grade benchmark from a serious security team. r/LocalLLaMA amplified it alongside a WSJ piece framing it as China matching Anthropic on cybersecurity. If you're running LLM-assisted code review, vulnerability scanning, or security triage pipelines, GLM-5.2 is now a mandatory swap test against your current model. Pull it via GGUF on HuggingFace or through Ollama and run it against your own eval set before committing — but the signal here is strong enough to act on.
Read more →
Fast Signals
DFlash Attention Merges into llama.cpp Mainline
platform change
r/LocalLLaMA
DFlash — a new flash attention variant — landed in llama.cpp. If you're running local inference on longer context windows, pull the latest build now; flash attention variants consistently improve throughput where attention becomes the bottleneck. No config changes needed — it activates automatically.
Link →
OpenSpec: Formal Spec-Driven Development Standard for AI Coding Agents
workflow
GitHub Trending
Fission-AI/OpenSpec (GitHub Trending) proposes structured machine-readable specs as the authoritative input to AI coding assistants — encode intent before generation, not after. It's early, but if AI coding agents routinely misinterpret requirements, a formalized spec layer is the right intervention point. Worth watching as a potential standard.
Link →
Adrafinil: Mac Stays Awake Only While Agents Are Running
new tool
HN Show
Solves a real friction point: Mac sleeps when the lid closes, killing background agent runs. Unlike Amphetamine (always-on), Adrafinil activates only when a watched process is running — lid closed, agents continue, Mac sleeps automatically when done. Zero config, install from GitHub.
Link →
OpenAI Codex Has No Sensitive File Exclusion — 119-Comment Issue Still Open
platform change
HN Front Page
Codex has no mechanism to exclude .env files, credentials, or secrets from agent context. This is an active security exposure for any team running Codex on real repos, not a theoretical concern. Mitigate now: sandbox Codex in an isolated directory or ensure secrets are in paths explicitly outside the working tree until the issue closes.
Link →
OpenCode: Open-Source Coding Agent Hits GitHub Trending
new tool
GitHub Trending
anomalyco/opencode is an open-source coding agent gaining traction as a self-hostable alternative to Claude Code and Codex. For builders who want to extend or audit a coding agent's internals — or avoid API dependency — the open codebase is the differentiator worth evaluating.
Link →
Qwen3 Inference Engine: Pure C, Zero Dependencies, CPU-Only
new tool
r/LocalLLaMA
jakint0sh/qwen3-engine is a from-scratch Qwen3 inference engine in pure C — no llama.cpp, no Python, no external libs. Messy early code, but the right reference if you need LLM inference in air-gapped, embedded, or constrained environments where dependency chains are a hard blocker.
Link →
Radar
1.58-Bit Quantization Applied to Image Gen (Sana 1.6B)
clark-labs is shipping a 1.6B image generation model at 1.58-bit — BitNet-style extreme compression applied to image gen for the first time at this scale. If quality holds, it's a leading indicator of sub-2-bit image models running on pure CPU hardware within months.
Link →
NPC Engine Powered Entirely by Local LLMs
A local-model NPC engine is gaining community interest on r/LocalLLaMA. Game AI with persistent, private, locally-inferred character behavior is an underexplored niche — worth tracking for builders in simulation, interactive narrative, or synthetic training data generation.
Link →
PPT Master: Document → Native Editable PPTX via AI
GitHub Trending entry that produces genuinely editable PPTX (real shapes, animations, speaker notes voiced as audio) from any document, with custom template support. More useful than slide-image exports — bookmark for any product needing a document-to-presentation pipeline.
Link →
Convergence Watch
glm-5.2
TRENDING
3 mentions across HN Front Page, r/LocalLLaMA, Simon Willison (prior days)
Six consecutive days of cross-source coverage, now amplified by Semgrep's independent real-world benchmark and mainstream press (WSJ). The convergence pattern has shifted: early days were curiosity and benchmarks, today is practitioner validation. GLM-5.2 is solidifying as a genuine Claude alternative for security and code-review workloads — not just a leaderboard contender.
STALE: Latent Space newest item is >48h old