Friday, 6th February 2026
Don't think of LLMs as entities but as simulators. For example, when exploring a topic, don't ask:
"What do you think about xyz"?
There is no "you". Next time try:
"What would be a good group of people to explore xyz? What would they say?"
The LLM can channel/simulate many perspectives but it hasn't "thought about" xyz for a while and over time and formed its own opinions in the way we're used to. If you force it via the use of "you", it will give you something by adopting a personality embedding vector implied by the statistics of its finetuning data and then simulate that. It's fine to do, but there is a lot less mystique to it than I find people naively attribute to "asking an AI".
— Andrej Karpathy, X.com · 6:13 PM · Dec 7, 2025
When people compare ChatGPT and Claude, I often hear this take: Claude is trained to “follow instructions,” while ChatGPT is trained to “be versatile” and generally helpful. That kind of matches the vibe in practice… but I keep running into something else.
Whenever I use Claude and ask it to do anything like querying a database or SSH-ing into a machine, it basically refuses. And it’s not like you can talk it into it — no matter how much you explain that it’s safe or legitimate, it still won’t.
My guess is this is mostly about compliance and security. AI providers really don’t want models to blindly execute risky actions, especially if there’s any chance of prompt injection or a hidden malicious instruction. So they’d rather have the default behavior be “no,” even if it’s annoying for power users.
And maybe that’s also why they push people toward using structured tool integrations (like MCP-style setups): instead of the model directly doing something dangerous, you build an explicit tool layer with permissions and guardrails — and you take your own risk.