docs: update AI learning guide with current tools and research (2026)

[depalmar]

• Update tool tables: Claude Code (agentic, multi-platform), Cursor
  (credit-based), GitHub Copilot (free tier), Windsurf (formerly Codeium)
• Add dedicated Claude Code section with CLI, IDE, web, desktop interfaces
• Add agentic workflows section (MCP, Claude Agent SDK)
• Add CRTSE prompting framework for code generation alongside CLEAR
• Add "Agentic Pair Programming" learning strategy
• Add security hygiene don't (never paste secrets into AI chat)
• Update resources with current Anthropic/OpenAI docs, MCP, and
  2026 AI-assisted learning research

https://claude.ai/code/session_01GwttYsLAp3o66fFk83EKyD

---

Note

Low Risk
Low risk: documentation-only updates with no runtime or API behavior changes; main risk is outdated/incorrect tool pricing or links.

Overview
Updates the AI learning guide to reflect current (2026) tooling and workflows: refreshes the recommended tool tables (including Claude Code, updated Cursor/Copilot details, and Windsurf) and adds an agentic workflows section covering MCP and agent SDKs.

Expands practical guidance by adding a dedicated Claude Code editor section (interfaces, capabilities, prompt examples), introducing the CRTSE prompting framework alongside CLEAR, adding an "Agentic Pair Programming" learning strategy, and strengthening safety guidance with a new warning to not paste secrets into AI chats.

Refreshes the Resources section with updated Anthropic/OpenAI prompt engineering docs, tool documentation links, MCP references, and 2026 AI-assisted learning research links.

^{Reviewed by Cursor Bugbot for commit 4525079. Bugbot is set up for automated code reviews on this repo. Configure here.}

[github-actions]

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 4525079.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

Scanned Files

None

[cursor]

Security review completed for this PR.

No high-confidence vulnerabilities found in the diff.

What I checked:

• Injection vectors (SQL/command/template/path traversal) in newly added guidance/examples.
• Authn/authz boundary changes or bypass guidance.
• Secrets handling and leakage risk in examples.
• SSRF/XSS/request-forgery/unsafe deserialization patterns.
• Dependency/supply-chain risk introduced by code or install instructions.

Assessment:

• The PR is documentation-only (docs/guides/using-ai-for-learning.md) and does not add executable application code, dependency changes, or security-sensitive runtime logic.
• No concrete vulnerable pattern was introduced by the new examples.
• Positive note: the added guidance to avoid pasting secrets into AI chats is a security improvement.

Residual risk (low confidence):

• External links and pricing/tool capability statements may drift over time; this is content integrity risk, not a direct security vulnerability.

  

_{Sent by Cursor Automation: Find vulnerabilities}