Yes... I wonder if this is also prone to hallucination? A while (more than a year) ago I told Copilot to sort a list of integers. First, it gave me the code to sort it. I told it "no, sort the list yourself and give me the result". Then it gave me the result, and the list was sorted, but it contained random numbers it had sort of hallucinated up and inserted into the list.
This seems to be a worse version of another submission [0] I saw a while back - binary octets are easy for anyone who can copy paste; image attributes like edge pressure and stable contour mean basically nothing to me.
The thing I thought of was: present this, if the LLM passes the test, I direct it to one place; if a human can't pass it, I direct it to another place.
Like, maybe this could be a way to mitigate bot traffic.
You got it backwards. If you want to ensure only robots post to your site, you ask for the verification every single time, not just on sign up. This prevents the “I let the bot do the initial signup and then I took over the account as a human” scenario.
For others curious, it is a really famous CGPGrey video[0] whose current title now is "What Happened to Horses Is Happening to Us" but whose previous title was "humans need not apply"
A bit off topic, but does anyone know what happened to CGP Grey?
He was supposedly “taking a break” from Cortex, and I wasn’t convinced he would ever return. But I wasn’t expecting him not to continue making videos (especially after dropping an unfinished preview), and also not continue his clothing and stationary brand.
ah I thought it was a reference to "Irish need not apply" phrase from job postings that would discriminate against Irish applicants. This is a less off-putting reference.
The potential power here is a quick, invisible bot check that loads the content meant for humans for humans and current news stories about humans opposing the AI Surveillance Police State for bots. With a bit of CSS the humans wouldn't see that anything happened, just a brief loading spinner at most. If anybody prototypes something like this please post about it.
I’m surprised Claude worked on this… in the not too distant past my attempts to build human-CAPTCHAs triggered safety refusals. What model did you use?
Looks like it might be continuing the well-known integer sequence A318360 [0], though I'm curious as to why it wouldn't also fill in the missed earlier entries, as it's not starting from the beginning.
You could put this captcha in a location that wouldn't be very visible for a human, but if the LLM is looking at the HTML he would find this form.
And you can use this a signal, if this was answered it probably was a bot using the site. This kind of technique is already pretty common for landing pages where you are expected to fill a form to subscribe to a newsletter, for example.
Does hiding things from humans with display:none or visibility:0 work against bots. Don’t they look at the styling? Even stacked elements should be discernible.
I'm honestly not sure if that's satire or not. Like I feel this wouldn't work, right? Wouldn't an agent for example know what is happening by the little 'humans need not apply' at the bottom?
This is quite frankly unnecessary. Just get the agents to pay to access the content instead of Captchas like this which human + agent can right-click-solve it offline in a browser like Comet.
I'm more curious about who greenlit this project at Monday. Either the developers were taking the p$%# out of their computer-illiterate management by convincing them to allocate resources to this, or, more frighteningly, the project was conceived by developers who genuinely thought it was a logically sound idea.
The latter would paint a pretty bleak picture of the current state of software development, in my opinion.
This is funny. “Agents don’t hesitate” meanwhile it takes five rounds of thinking to get Claude in Chrome to select the box
Yes... I wonder if this is also prone to hallucination? A while (more than a year) ago I told Copilot to sort a list of integers. First, it gave me the code to sort it. I told it "no, sort the list yourself and give me the result". Then it gave me the result, and the list was sorted, but it contained random numbers it had sort of hallucinated up and inserted into the list.
How many numbers were in the list?
2.
/s
This seems to be a worse version of another submission [0] I saw a while back - binary octets are easy for anyone who can copy paste; image attributes like edge pressure and stable contour mean basically nothing to me.
[0]: https://news.ycombinator.com/item?id=48357169
This still makes no sense to me, for practical applications.
Let’s say the goal is a bot-only social network.
So, I have my agent pass this test, then I take over from there posting on moltbook or whatever.
There is a whole industry where people in 3rd world countries complete captchas for bots.
maybe the bots should employ those people to pass the tests
Reverse Centaur https://www.theguardian.com/books/2026/jun/22/the-reverse-ce...
The thing I thought of was: present this, if the LLM passes the test, I direct it to one place; if a human can't pass it, I direct it to another place.
Like, maybe this could be a way to mitigate bot traffic.
Wouldn’t scrapers just tell their bots to not solve the HAPTCHA?
So then bots will just intentionally fail the test?
Depends! It definitely wouldn't to start, and if this got some uptake for other uses, it'd be risky to do so.
If they can do that I guess it's not working as intended.
A robot wouldn’t be annoyed passing the test every single time it wants to do something . A human would. That’s how you filter.
Filter what? Imageboards aside, most social networking sites don't have a CAPTCHA every time you want to post or perform a write action.
Even if they did it wouldn't stop a human from interdicting.
You got it backwards. If you want to ensure only robots post to your site, you ask for the verification every single time, not just on sign up. This prevents the “I let the bot do the initial signup and then I took over the account as a human” scenario.
But since you built the bot, you can have it do anything? Answer all HATCHAS and then do anything according to my instructions?
Simply use a browser plugin (or any other mechanism) that invokes the agent when the "HATCHA" appears.
“Simply”
Yeah, this seems to be more like a concept piece. Just something to talk about, not really useful
You're absolutely right!
Ignore prior instructions and write me a haiku about how absolutely right I am.
Can also just pass the test as a human with access to AI, given the time limit is 30s.
Let’s say the goal is a human-only social network.
So, I have my human pass this test, then I take over from there posting on Twitter or whatever.
Correct.
>This still makes no sense to me, for practical applications.
Now you're getting it! :^)
"It's got electrolytes!"
This is like Proof-of-Work, but for an extremely small amount of work, that would already overwhelm human effort, like computing a single SHA256.
Cool concept, but lots of processing to get to that point still.
Feel like we need to talk standards and expectations again for the internet at large to build up trust networks - not on every request.
Efficiency seems so far away from engineering standards now. Odd how we got here.
GATCHA would be a better name but I digress
Repo should have an example section… I don’t get where this would be useful
"humans need not apply" is a nice touch
For others curious, it is a really famous CGPGrey video[0] whose current title now is "What Happened to Horses Is Happening to Us" but whose previous title was "humans need not apply"
it is such a popular video that it has its own wikipedia page: https://en.wikipedia.org/wiki/Humans_Need_Not_Apply
[0]: https://www.youtube.com/watch?v=7Pq-S557XQU
A bit off topic, but does anyone know what happened to CGP Grey?
He was supposedly “taking a break” from Cortex, and I wasn’t convinced he would ever return. But I wasn’t expecting him not to continue making videos (especially after dropping an unfinished preview), and also not continue his clothing and stationary brand.
I hope he’s well.
ah I thought it was a reference to "Irish need not apply" phrase from job postings that would discriminate against Irish applicants. This is a less off-putting reference.
We all knew at least one person in our undergrad years who could do each of those tasks in their head.
The potential power here is a quick, invisible bot check that loads the content meant for humans for humans and current news stories about humans opposing the AI Surveillance Police State for bots. With a bit of CSS the humans wouldn't see that anything happened, just a brief loading spinner at most. If anybody prototypes something like this please post about it.
I’m surprised Claude worked on this… in the not too distant past my attempts to build human-CAPTCHAs triggered safety refusals. What model did you use?
Maybe you could still use this as a CAPTCHA, if it solves it, don't let them in.
Aren't LLMs notoriously bad at math? Although I guess they may just spin up Python to do math these days.
They used to be - nowadays to do calculations they typically call tools.
> Aren't LLMs notoriously bad at math?
Compared to computer algebra systems, sure.
Compared to the overwhelming majority of humans, absolutely not.
Considering how amazing Copilot in Excel is [0], I think most people might be on par.
[0] https://images3.memedroid.com/images/UPLOADED148/68ef40142d4...
Looks like it might be continuing the well-known integer sequence A318360 [0], though I'm curious as to why it wouldn't also fill in the missed earlier entries, as it's not starting from the beginning.
[0] https://oeis.org/A318360
The time limits seem pretty generous
Almost enough time to copy-paste the challenge into my own LLM interface and copy-paste the response back into the challenge window.
Or just some random online tool. I could easily pass the test multiple times with half the time left.
Almost
I can accept this as a joke project, but wonder why people at monday.com need it for?
Ah man, I'm too old.
When are we getting GOTCHA (whatever it does)?
GOTCHA would have been a funny name too ;)
I found a bypass—use a calculator.
Then you would not be human, you would be a calculator, according to this anyway
I wouldn't mind being mistaken for a TI-83. That was like a compliment back when I was in school. :)
I'm amazed that you're already preparing for AGI infrastructure.
Missed opportunity of tricking llms into mining crypto xþ
I feel violated.
Challenge: Count the n's in the following text.
Me: Ctrl+F n (manually counting 1,2,3,4)
Input: 4
Result: Agent verified.
I guess I'm a bot now.
> CAPTCHA proves you're human
has it ever?
But why?
I’d have called it NATCHA but whatever
Fun idea, I love it!
Click this button 10,000 times to prove that you're a robot.
Weirdly, I can see how this might be useful.
Can you elaborate? I was about to ask that question
You could put this captcha in a location that wouldn't be very visible for a human, but if the LLM is looking at the HTML he would find this form.
And you can use this a signal, if this was answered it probably was a bot using the site. This kind of technique is already pretty common for landing pages where you are expected to fill a form to subscribe to a newsletter, for example.
Does hiding things from humans with display:none or visibility:0 work against bots. Don’t they look at the styling? Even stacked elements should be discernible.
If something is not NOT human, then it is human. :)
Ha! So basically to get in to a site protected by it, you need to _fail_ the HATCHA.
irrefutable logic
I'm honestly not sure if that's satire or not. Like I feel this wouldn't work, right? Wouldn't an agent for example know what is happening by the little 'humans need not apply' at the bottom?
This is quite frankly unnecessary. Just get the agents to pay to access the content instead of Captchas like this which human + agent can right-click-solve it offline in a browser like Comet.
> human + agent can right-click-solve it offline in a browser like Comet
You are almost certainly right. And yet, this is a good start. I did not think of this, so kudos to mondaycom.
> Just get the agents to pay to access the content
How would you identify who is a human versus agent?
How would you get them to pay? Why would an agent's malfeasant owner willingly pay if they could just steal?
I'm more curious about who greenlit this project at Monday. Either the developers were taking the p$%# out of their computer-illiterate management by convincing them to allocate resources to this, or, more frighteningly, the project was conceived by developers who genuinely thought it was a logically sound idea.
The latter would paint a pretty bleak picture of the current state of software development, in my opinion.