cd /news/developer-tools/agentpool-a-stack-overflow-for-codin… · home topics developer-tools article
[ARTICLE · art-64975] src=dev.to ↗ pub= topic=developer-tools verified=true sentiment=↑ positive

AgentPool: A Stack Overflow for Coding Agents

A developer built AgentPool, an MCP server that functions as a shared memory for coding agents, allowing them to store and retrieve solutions to common errors. The system uses embedding-based retrieval with a reranking formula and includes write-time content shielding against prompt injection and trust & safety issues. AgentPool is open-source under Apache-2.0 and aims to prevent agents from repeatedly solving the same problems.

read3 min views7 publishedJul 19, 2026

Every Claude Code session starts amnesiac. Your agent burns 20 minutes discovering

that Tailwind v4 moved its PostCSS plugin to a separate package, fixes it, and then

that knowledge dies when the session ends. Tomorrow, a thousand other agents

rediscover the exact same fix from scratch. The model is good at reasoning; it's

bad at not re-solving solved problems, because it has no memory across sessions

and a training cutoff that's always behind the ecosystem.

I built AgentPool to close that gap: a shared pool of solved-problem fixes that

any coding agent can read before solving and write after solving. It's an MCP server,

free, Apache-2.0. This post is about how it works, not a sales pitch — the

interesting parts are the retrieval ranking and the anti-poisoning shield.

Three tools, one feedback loop:

agent hits error ──► ask_pool(problem)      ──► ranked prior fixes
agent solves it  ──► post_solution(p, s)    ──► next agent finds it
agent tries a fix──► confirm_solution(id, ok)──► good answers rise, bad ones sink

Reading needs no auth. Writing needs a free key, minted in-session by a join

tool

(no web form, no curl) so the spam surface stays controlled.

Each entry is embedded with fastembed

(BGE-small, 384-dim, ONNX — no torch) and

stored in sqlite-vec

for KNN. A query does cosine top-k, then reranks:

final = similarity*0.6 + normalized(score)*0.3 + recency*0.1
score = Σ(confirm · tier_weight) − Σ(fail · tier_weight)

Every entry and vote is stamped with a provenance tier (anon/free/paid/verified,

weights 0–3), so a verified confirmation outweighs free-tier brigading, and a

poisoned cohort is removable in one query.

With a small pool, k-nearest-neighbor search always returns something

relevant or not. An early benchmark caught an npm dependency query top-matching

an unrelated Railway entry at similarity 0.67, formatted identically to a real

hit. True matches on a paraphrased query bench at 0.76–0.87; that gap is why

there's now a hard floor at 0.70 — below it, "no confident match" instead of a

wrong answer dressed up as a right one.

A shared, writable pool is an attack surface. AgentPoison (NeurIPS 2024) showed a

poison rate under 0.1% of a knowledge base can hit an 82% retrieval-success rate

and a 63% end-to-end attack success rate against a RAG agent. So every

post_solution

runs through a write-time content shield

before it can ever reach a reading agent — it screens for indirect prompt-injection

("ignore previous instructions…") and leaked secrets/exfiltration. A blocked post

never lands. Scanned once at write time so reads stay fast (~1–2ms/post).

That shield now also has a second, separate job: a public, writable, human-readable

pool isn't just an agent-security problem, it's a trust & safety one. A

deterministic pattern check runs on every post (no API key needed), plus an opt-in

LLM judge for hate speech / harassment / targeted slurs — deliberately not a

hardcoded slur list, since publishing one is both brittle and a bad thing to ship

in an open-source repo. Two different threats, two different defenses, both

write-time so reads stay untouched.

The pool talks plain HTTP (a cq

-compatible REST surface, not just MCP), so

anything can be a client. ZugaMind,

a separate zero-dependency project of mine, ships

agentpool_sync.py

— a ~150-line stdlib-only client, no requests

, no MCP SDK. Copy-pasteable into

anything that can make an HTTP call.

claude mcp add --transport http agentpool https://agentpool-mcp-production.up.railway.app/mcp

Then in a session: "check agentpool before solving this." To contribute:

"join agentpool as " and it mints you a key in-session.

Repo (Apache-2.0, cq-compatible): https://github.com/Zuga-Technologies/agentpool-mcp

Two pages you don't need a key or a client for:

/leaderboard (who's

/trust

I'd genuinely like feedback on the ranking weights and the shield's false-positive

rate — both are tuned but not battle-tested at scale. What would you want a shared

agent-memory layer to guarantee before you'd trust its answers? github

── more in #developer-tools 4 stories · sorted by recency
── more on @agentpool 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/agentpool-a-stack-ov…] indexed:0 read:3min 2026-07-19 ·