Latest editorial posts. https://blog.leeguoo.com/en/archives/ en-us Mon, 22 Jun 2026 10:02:01 GMT Let agents like Claude Code and Cursor generate images along the way when writing docs or READMEs, without an OPENAI_API_KEY, without paying extra, and using the ChatGPT subscription you already have. This article dissects the most interesting implementation path behind it: the web backend. Why you can’t just POST directly, why the real wall among the three layers of anti-scraping is the single-use Turnstile token, and the complete flow for driving your already-logged-in Chrome to generate images. https://blog.leeguoo.com/en/posts/chatgpt-imagegen-web-backend/ https://blog.leeguoo.com/en/posts/chatgpt-imagegen-web-backend/ Editorial Mon, 22 Jun 2026 06:52:38 GMT When an AI agent needs an image while working, the traditional path either requires an API key and money, or a human has to go to ChatGPT, generate the image, and paste it back—the agent can only get stuck waiting. chatgpt-imagegen lets the agent generate images itself using your existing ChatGPT subscription: no API key required, no Codex quota consumed by default, and support for image-to-image generation. This article explains its original intention, how its two backends work, and why it is designed for agents. https://blog.leeguoo.com/en/posts/chatgpt-imagegen/ https://blog.leeguoo.com/en/posts/chatgpt-imagegen/ Editorial Thu, 18 Jun 2026 03:33:06 GMT When connecting an AI agent to a browser, the hardest part isn’t opening pages. It’s the forms hidden inside cross-origin iframes: the agent can read them and fill them in, but it just can’t click “Save.” Here’s the story of how we tackled that hard problem. https://blog.leeguoo.com/en/posts/chrome-use-cross-origin-iframe/ https://blog.leeguoo.com/en/posts/chrome-use-cross-origin-iframe/ Editorial Wed, 17 Jun 2026 05:30:46 GMT With the same macOS IM client, each upgrade makes reverse engineering more costly. This is a record of the step up from a “hot update” to a “minor version,” and why the old path of purely scanning memory has collectively failed in newer versions: what can be reused across versions is never hardcoded coordinates, but structural invariants and dynamic observation. https://blog.leeguoo.com/en/posts/re-target-hardening-version-adaptation/ https://blog.leeguoo.com/en/posts/re-target-hardening-version-adaptation/ Editorial Tue, 16 Jun 2026 07:00:07 GMT Turning WeChat on macOS into a local interface for AI agents is not hardest the first time it works; the hard part is keeping it alive after WeChat updates again and again. This covers three generations of methods for obtaining the database key, how background message sending changed its routing approach, and why what truly carries across versions is the method for finding things, not any specific address. https://blog.leeguoo.com/en/posts/chasing-wechat-versions/ https://blog.leeguoo.com/en/posts/chasing-wechat-versions/ Editorial Fri, 12 Jun 2026 07:22:39 GMT An open-source agent control layer for a real iPhone: live browser remote + a see/act HTTP API for AI agents. Three input layers (Shortcut verbs / element tree / pixel fallback), clean CJK input, hardware-validated. https://blog.leeguoo.com/en/posts/iphone-use/ https://blog.leeguoo.com/en/posts/iphone-use/ Editorial Thu, 11 Jun 2026 14:10:55 GMT There’s a prompt-cache countdown line in the status bar I wrote for Claude Code. Where it anchors, how the formula works, and when it lies to you — let’s pull apart the source code alongside a real transcript. https://blog.leeguoo.com/en/posts/claude-statusbar-cache-countdown/ https://blog.leeguoo.com/en/posts/claude-statusbar-cache-countdown/ Editorial Fri, 29 May 2026 05:00:05 GMT Methodological notes from an 8-hour macOS binary reverse engineering session — why soft methods fail, when you have to switch to hex patching, how Ghidra/lldb/llvm-objdump work together, and how a “killer patch” mindset can be used in offensive and defensive drills. No specific target is disclosed; this only covers methods, tools, and troubleshooting techniques. https://blog.leeguoo.com/en/posts/macos-binary-rev-methodology/ https://blog.leeguoo.com/en/posts/macos-binary-rev-methodology/ Editorial Wed, 27 May 2026 09:57:55 GMT Examines a practical approach to handling decompilation projects by combining Claude Code and Gemini CLI, focusing on the challenge of ownership verification and resolving it through an automated sanitization process. https://blog.leeguoo.com/en/posts/ai-assisted-sanitization-workflow/ https://blog.leeguoo.com/en/posts/ai-assisted-sanitization-workflow/ Editorial Tue, 26 May 2026 07:38:09 GMT Based on the Claude Code 2.1.139 headless source code, this breaks down how the /goal command drives the Agent to keep working until a condition is met through a session-level Stop hook. https://blog.leeguoo.com/en/posts/goal-command-implementation/ https://blog.leeguoo.com/en/posts/goal-command-implementation/ Editorial Tue, 12 May 2026 01:45:55 GMT Based on the Claude Code 2.1.139 source code, this article breaks down how claude agents, --bg, and /bg share the background job model, daemon, and FleetView TUI. https://blog.leeguoo.com/en/posts/claude-agents-bg-implementation/ https://blog.leeguoo.com/en/posts/claude-agents-bg-implementation/ Editorial Tue, 12 May 2026 01:41:01 GMT A retrospective on engineering-focused forensics conducted on my own device. By tracing static files, runtime open paths, and SQLCipher parameters in sequence, I ultimately confirmed that the local database unlock chain in WeChat macOS 4.0.1.52 is based on an account-level key distribution model. https://blog.leeguoo.com/en/posts/wechat-macos-db-runtime-analysis-20260323/ https://blog.leeguoo.com/en/posts/wechat-macos-db-runtime-analysis-20260323/ Editorial Mon, 23 Mar 2026 06:39:42 GMT If the goal is “automation for your own account,” what really needs to be separated first is not a feature checklist, but the listening layer, execution layer, and storage layer. https://blog.leeguoo.com/en/posts/wechat-personal-account-automation-strategy-20260319/ https://blog.leeguoo.com/en/posts/wechat-personal-account-automation-strategy-20260319/ Editorial Thu, 19 Mar 2026 08:26:56 GMT A Slidev-style Chinese presentation translated into English, explaining Agentic Coding, Skills and MCP, AGENTS.md and CLAUDE.md, sandboxing and permission controls, and how a team can truly operationalize AI programming with Plans, a YApi Skill, and docs-sync. https://blog.leeguoo.com/en/posts/ai-coding-agentic-coding-team-practice-ppt-20260318/ https://blog.leeguoo.com/en/posts/ai-coding-agentic-coding-team-practice-ppt-20260318/ Editorial Wed, 18 Mar 2026 08:25:35 GMT This article goes beyond the broad “control plane / execution plane” framing and instead walks through the current implementation piece by piece—covering the bridging layer, IPC, configuration fields, the WeChat flow, rollback mechanisms, and the evidence index—to explain how QClaw organizes OpenClaw into a deliverable desktop runtime. https://blog.leeguoo.com/en/posts/qclaw-implementation-principles-20260310/ https://blog.leeguoo.com/en/posts/qclaw-implementation-principles-20260310/ Editorial Wed, 11 Mar 2026 00:34:50 GMT Based on the official release notes, this article summarizes the key changes in OpenClaw v2026.3.8: backup commands arriving in the main workflow, macOS remote gateway onboarding, Talk silence timeout, Brave search integration, ACP receipts, and multi-platform routing fixes. https://blog.leeguoo.com/en/posts/openclaw-v2026-3-8-release-analysis-20260309/ https://blog.leeguoo.com/en/posts/openclaw-v2026-3-8-release-analysis-20260309/ Editorial Mon, 09 Mar 2026 08:33:07 GMT This article abstracts browser automation in highly adversarial environments into a multidimensional risk scoring system, and builds a layered control plane around three core dimensions: consistency, rarity, and temporal distribution. https://blog.leeguoo.com/en/posts/agent-browser-stealth-defense-playbook-v2/ https://blog.leeguoo.com/en/posts/agent-browser-stealth-defense-playbook-v2/ Editorial Thu, 05 Mar 2026 02:58:29 GMT Reframes the Turnstile risk model from a capability-token perspective, focusing on issuance/consumption semantics, scope binding, and execution integrity, and provides a defense prioritization for high-adversary environments. https://blog.leeguoo.com/en/posts/cloudflare-turnstile-stability-principles/ https://blog.leeguoo.com/en/posts/cloudflare-turnstile-stability-principles/ Editorial Thu, 05 Mar 2026 02:55:35 GMT For growth and promotion use cases: improve AI browser operability on high-risk-control sites like Amazon, and support reusing a user’s existing browser state. https://blog.leeguoo.com/en/posts/use-agent-browser-stealth-instead-of-agent-browser/ https://blog.leeguoo.com/en/posts/use-agent-browser-stealth-instead-of-agent-browser/ Editorial Tue, 03 Mar 2026 03:30:04 GMT