Skip to content
Alvaro Inckot

Archives

All the articles I've archived.

2026 4
July 1
June 1
  • Agents Need Their Own Accounts

    Why AI agents fit neither human accounts nor service accounts: they execute work long after authorization was granted, alternating between delegated and independent authority. Makes the case for first-class agent identities that keep principal, actor, and delegation chain explicit.

May 1
  • Six Small Fixes That Make MCP Authorization Less Weird

    An identity practitioner's read of the six authorization SEPs in the MCP 2026-07-28 release candidate. Small, unglamorous fixes are exactly what mature protocol work looks like: by converging on proven OAuth and OIDC patterns, this release brings MCP authorization a big step closer to stability and enterprise readiness.

February 1
  • My Development Workflow 2026-Q1 Edition

    A tour of my agentic development workflow in five phases: brainstorm, design, plan, code, and review plus improve. Covers Cursor and Claude Code with Superpowers skills, AGENTS.md files, parallel worktrees, the MCP servers I rely on daily, and what a good day of mostly-autonomous software delivery actually looks like.

2025 9
November 1
  • Authorization in a Shifting Maze

    Why authorization tooling is straining in the AI era: OPA policies that grow slow and unexplainable past a few dozen rules, ReBAC systems like SpiceDB that trade flexibility for a queryable graph, and AI agents that sit inside the perimeter with no gateway in the loop, pushing us toward dynamic, function-level, context-aware authorization through protocols like MCP and A2A.

July 1
  • Next-Gen Languages, Compilers, and IRs for AI

    How MLIR, TVM, and SPIR-V are replacing hand-tuned CUDA kernels in the AI stack: MLIR's reusable compiler dialects, TVM's auto-tuned kernel search that beat handwritten code on Apple M1 at launch, and SPIR-V's vendor-neutral GPU bytecode, and how the three cooperate so one model can run fast on any accelerator, from PyTorch 2.0 to WebGPU.

June 2
  • O Dia em que Construí uma IA para Prever Preços de Personagens de Tibia

    A história completa do TCAQS, um modelo XGBoost que prevê preços de leilões de personagens de Tibia: raspando 650.000 páginas de leilão a três requisições por segundo, convertendo tudo em SQLite, e três rodadas de engenharia de features e limpeza de dados que levaram o modelo de um baseline de 0,89 até 0,935 de R² em teste, com demo ao vivo no Hugging Face Spaces.

  • The Day I Built an AI to Predict Tibia Character Prices

    The full story of TCAQS, an XGBoost model that predicts Tibia character auction prices: scraping 650,000 auction pages at three requests per second, parsing them into SQLite, and three rounds of feature engineering and label cleaning that took the model from a 0.89 baseline to 0.935 test R², plus a live demo on Hugging Face Spaces.

May 5
  • Skip the Puzzle, Review the Pull Request

    LeetCode-style interviews lost their signal the moment AI copilots could ace them on demand. This post argues code review should be the new hiring filter: hand candidates a realistic diff wrapped around a genuine business flaw and watch how they weigh tradeoffs, spot hidden risks, and deliver feedback a team could actually merge on week one.

  • Hacking Moleculer and Building Pylecular: A Journey into ML/AI Microservices

    How I ported Moleculer.js's broker, action, and event patterns to Python and built Pylecular: an open-source experiment for serving machine learning models as lightweight microservices that call each other by name (no HTTP, no Flask, no REST) while staying fully interoperable with the existing Node.js Moleculer ecosystem.

  • A Chip in a hand

    Reflections on six years living with an NFC implant: getting thirteen millimeters of bioglass installed between thumb and index finger in 2019, the tap-to-share-URL party trick, falling down the RFID and MIFARE security rabbit hole with an SDR, and why technology only feels magical when it crosses the skin boundary.

  • Observability: Balancing Its Benefits and Costs in Modern Software

    A data-backed look at weighing observability's benefits against its growing bill, drawing on Splunk's State of Observability and the 2024 DORA report: $400B a year lost to downtime, elite teams shipping 127× faster. Includes practical tactics for collecting telemetry deliberately and a back-of-the-envelope ROI framework for your observability spend.

  • OO Interfaces, Types & Contracts — Why They Still Matter in 2025

    Why object-oriented interfaces, static types, and design-by-contract still pay off in 2025: fewer undefined-method surprises, documentation that can't rot, cleaner module boundaries, and why explicit contracts make AI coding agents dramatically more reliable. Plus the cost spectrum from C to Rust, and when minimal typing is the smarter trade.

2022 1
May 1
  • Paridade de ambientes com Helmfile

    Como alcançar paridade entre desenvolvimento e produção rodando Kubernetes localmente: por que abandonar a dupla docker compose local + Kubernetes em produção, como Helm e Helmfile simplificam a orquestração de serviços com poucos YAMLs, e opções como Docker for Desktop, Rancher Desktop (K3S) e Minikube para manter um cluster local leve.