<div dir="ltr">Posit workbench? Damn.. I thought you were talking about Posit number system</div><br><div class="gmail_quote gmail_quote_container"><div dir="ltr" class="gmail_attr">On Tue, 19 May 2026 at 14:24, Chris Dag via Beowulf <<a href="mailto:beowulf@beowulf.org">beowulf@beowulf.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">I'm finding the agentic stuff (Claude Code <span style="border-style:none;background:none">within</span> VSCode IDE) surprisingly useful for HPC operations, support and troubleshooting- especially when paired with a RAG <span style="border-style:none;background:none">that I </span>stuffed full of HPC specific documentation on slurm, relion, cryosparc, schrodinger, posit workbench and AWS <span style="border-style:none;background:none">parallelcluster details -- basically</span> the RAG<span style="border-style:none;background:none"> is full of the stuff I need to do every day.</span> <div><br></div><div>My <span style="border-style:none;background:none">guardrails are usually:</span></div><div><br></div><div> - The <a href="https://hpc-mcp.apps.bioteam.cloud/" target="_blank">https://hpc-mcp.apps.bioteam.cloud/</a> custom RAG; I force my agent to challenge itself against the RAG for every determination, config suggestion or parameter setting</div><div><br></div><div> - A read-only mode for running slurm commands or otherwise <span style="border-style:none;background:none">poking at</span> the filesystem and logs; <span style="border-style:none;background:none">sudo acts</span> require manual human review before proceeding</div><div><br></div><div> - A limited write-allowed mode so it can submit <span style="border-style:none;background:none">slurm</span> jobs as me, <span style="border-style:none;background:none">run a schrodinger</span> job with a license request or <span style="border-style:none;background:none">pull a schrodinger</span> job failure postmortem file<span style="border-style:none;background:none"> out of</span> the cluster</div><div><br></div><div> - When I want the agent to actually "do stuff" on an HPC system I'll have it write out a local ansible playbook or <span style="border-style:none;background:none">bash script or .</span>md file containing instructions. I'll run local linters and static security scanners against bash, terraform and ansible files and then have the agent stage them to git or the HPC filesystem <span style="border-style:none;background:none">where I can manually review and run them.</span> For more complex deployments involving <span style="border-style:none;background:none">lots of</span> playbooks or <span style="border-style:none;background:none">terraform</span> I'll invoke a 5-agent "review committee" to audit the files before they <span style="border-style:none;background:none">go anywhere.</span></div><div><br></div><div> <span style="border-style:none;background:none">- </span>In all cases I manually run the terraform, bash script or ansible playbook</div><div><br></div><div> - In all cases, my instructions force the LLM to query my custom hpc-docs MCP to challenge and verify all commands. 90% of the time, it finds a mistake or hallucination involving parallelcluster, slurm, or schrodinger specific settings or commands that the RAG will catch and force the agent to fix. </div><div><br></div><div> - I use Claude Teams so that Anthropic does not train on our data. I've <span style="border-style:none;background:none">got a</span> M4 Pro mac mini connected to tailscale running a local LLM that I'll sometimes offload jobs to but it's nowhere near as good as the frontier models <span style="border-style:none;background:none">and</span> super slow</div><div><br></div><div>My hpc-docs rag is online here with lots of technical documentation on sources, ingest and architecture -- <a href="https://hpc-mcp.apps.bioteam.cloud/" target="_blank">https://hpc-mcp.apps.bioteam.cloud/</a> </div><div><br></div><div>the actual RAG content itself is gated behind our Okta SSO server because I've stuffed the rag with content that is not actually public (some consulting notes, some vendor stuff that is not public) so it's not actually useful by anyone else but I'd love to learn what others are doing in this space. </div><div> </div><div>I admit I'm kinda <span style="border-style:none;background:none">terrified</span> what user-space people would do if <span style="border-style:none;background:none">not</span> paranoid and careful. I <span style="border-style:none;background:none">think main risk is</span> data loss or <span style="border-style:none;background:none">mangling</span> on the local <span style="border-style:none;background:none">HPC but also</span> the data leakage risk of end-users <span style="border-style:none;background:none">talking to remote LLMs and sending info there they should not.</span> </div><div><br></div><div><span style="border-style:none;background:none">my</span> $.02 only</div><div><br></div><div><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, May 19, 2026 at 8:14 AM Peter Clapham <<a href="mailto:pc7@sanger.ac.uk" target="_blank">pc7@sanger.ac.uk</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<div style="direction:ltr;font-family:Aptos,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">
OK, so sticking my neck out a little here</div>
<div style="direction:ltr;font-family:Aptos,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">
<br>
</div>
<div style="direction:ltr;font-family:Aptos,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">
How are people covering the risks from AI agentic tools across their HPC platforms</div>
<div style="direction:ltr;font-family:Aptos,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">
<br>
</div>
<div style="direction:ltr;font-family:Aptos,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">
Ducks and listens…</div>
<div style="direction:ltr;font-family:Aptos,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">
<br>
</div>
<div style="direction:ltr;font-family:Aptos,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">
Pete</div>
<div style="direction:ltr;font-family:Aptos,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">
<br>
</div>
<div id="m_-2282280861162242890m_9026170129445274241ms-outlook-mobile-signature">
<div class="MsoNormal" style="direction:ltr">Sent from Outlook for Mac </div>
</div>
<hr>The Wellcome Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is Wellcome Sanger Institute, Wellcome Genome Campus, Hinxton, CB10 1SA.<br>
</div>
_______________________________________________<br>
Beowulf mailing list, <a href="mailto:Beowulf@beowulf.org" target="_blank">Beowulf@beowulf.org</a> sponsored by Penguin Computing<br>
To change your subscription (digest mode or unsubscribe) visit <a href="https://beowulf.org/cgi-bin/mailman/listinfo/beowulf" rel="noreferrer" target="_blank">https://beowulf.org/cgi-bin/mailman/listinfo/beowulf</a><br>
</blockquote></div>
_______________________________________________<br>
Beowulf mailing list, <a href="mailto:Beowulf@beowulf.org" target="_blank">Beowulf@beowulf.org</a> sponsored by Penguin Computing<br>
To change your subscription (digest mode or unsubscribe) visit <a href="https://beowulf.org/cgi-bin/mailman/listinfo/beowulf" rel="noreferrer" target="_blank">https://beowulf.org/cgi-bin/mailman/listinfo/beowulf</a><br>
</blockquote></div>