Cursor 3
59 by adamfeldman | 44 comments on Hacker News.
Thursday, April 2, 2026
Wednesday, April 1, 2026
Tuesday, March 31, 2026
New top story on Hacker News: Show HN: PhAIL – Real-robot benchmark for AI models. The gap to humans is 20x
Show HN: PhAIL – Real-robot benchmark for AI models. The gap to humans is 20x
6 by vertix | 7 comments on Hacker News.
I built this because I couldn't find honest numbers on how well VLA models actually work on commercial tasks. I come from search ranking at Google where you measure everything, and in robotics nobody seemed to know. PhAIL runs four models (OpenPI/pi0.5, GR00T, ACT, SmolVLA) on bin-to-bin order picking – one of the most common warehouse operations. Same robot (Franka FR3), same objects, hundreds of blind runs. The operator doesn't know which model is running. Best model: 64 UPH. Human teleoperating the same robot: 330. Human by hand: 1,300+. Everything is public – every run with synced video and telemetry, the fine-tuning dataset, training scripts. The leaderboard is open for submissions. Happy to answer questions about methodology, the models, or what we observed.
6 by vertix | 7 comments on Hacker News.
I built this because I couldn't find honest numbers on how well VLA models actually work on commercial tasks. I come from search ranking at Google where you measure everything, and in robotics nobody seemed to know. PhAIL runs four models (OpenPI/pi0.5, GR00T, ACT, SmolVLA) on bin-to-bin order picking – one of the most common warehouse operations. Same robot (Franka FR3), same objects, hundreds of blind runs. The operator doesn't know which model is running. Best model: 64 UPH. Human teleoperating the same robot: 330. Human by hand: 1,300+. Everything is public – every run with synced video and telemetry, the fine-tuning dataset, training scripts. The leaderboard is open for submissions. Happy to answer questions about methodology, the models, or what we observed.
Monday, March 30, 2026
Sunday, March 29, 2026
Saturday, March 28, 2026
Friday, March 27, 2026
New top story on Hacker News: Telnyx package compromised on PyPI
Telnyx package compromised on PyPI
9 by ramimac | 49 comments on Hacker News.
https://ift.tt/TKWqnr3 https://ift.tt/tpuQsVW...
9 by ramimac | 49 comments on Hacker News.
https://ift.tt/TKWqnr3 https://ift.tt/tpuQsVW...
Thursday, March 26, 2026
New top story on Hacker News: Show HN: Orloj – agent infrastructure as code (YAML and GitOps)
Show HN: Orloj – agent infrastructure as code (YAML and GitOps)
6 by An0n_Jon | 1 comments on Hacker News.
Hey HN, we're Jon and Kristiane, and we're building Orloj ( https://orloj.dev ), an open-source (Apache 2.0) orchestration runtime for multi-agent AI systems. You define agents, tools, policies, and workflows in declarative YAML manifests, and Orloj handles scheduling, execution, governance, and reliability. We built this because running AI agents in production today looks a lot like running containers before Kubernetes: ad-hoc scripts, no governance, no observability, no standard way to manage the lifecycle of an agent fleet. Everyone we talked to was writing the same messy glue code to wire agents together, and nobody had a good answer for "which agent called which tool, and was it supposed to?" Orloj treats agents the way infrastructure-as-code treats cloud resources. You write a manifest that declares an agent's model, tools, permissions, and execution limits. You compose agents into directed graphs — pipelines, hierarchies, or swarm loops. The part we're most excited about is governance. AgentPolicy, AgentRole, and ToolPermission are evaluated inline during execution, before every agent turn and tool call. Instead of prompt instructions that the model might ignore, these policies are a runtime gate. Unauthorized actions fail closed with structured errors and full audit trails. You can set token budgets per run, whitelist models, block specific tools, and scope policies to individual agent systems. For reliability, we built lease-based task ownership (so crashed workers don't leave orphan tasks), capped exponential retry with jitter, idempotent replay, and dead-letter handling. The scheduler supports cron triggers and webhook-driven task creation. The architecture is a server/worker split. orlojd hosts the API, resource store (in-memory for dev, Postgres for production), and task scheduler. orlojworker instances claim and execute tasks, route model requests through a gateway (OpenAI, Anthropic, Ollama, etc.), and run tools in configurable isolation — direct, sandboxed, container, or WASM. For local development, you can run everything in a single process with orlojd --embedded-worker --storage-backend=memory. Tool isolation was important to us. A web search tool probably doesn't need sandboxing, but a code execution tool should run in a container with no network, a read-only filesystem, and a memory cap. You configure this per tool based on risk level, and the runtime enforces it. We also added native MCP support. You register an MCP server (stdio or HTTP), Orloj auto-discovers its tools, and they become first-class resources with governance applied. So you can connect something like the GitHub MCP server and still have policy enforcement over what agents are allowed to do with it. Three starter blueprints are included (pipeline, hierarchical, swarm-loop). Docs: https://docs.orloj.dev We're also building out starter templates for operational workflows where governance really matters. First on the roadmap: 1. Incident response triage, 2. Compliance evidence collector, 3. CVE investigation pipeline, and 4. Secret rotation auditor. We have 20 templates in mind and community contributions are welcome. We're a small team and this is v0.1.0, so there's a lot still on the roadmap — hosted cloud, compliance packaging, and more. But the full runtime is open source today and we'd love feedback on what we've built so far. What would you use this for? What's missing?
6 by An0n_Jon | 1 comments on Hacker News.
Hey HN, we're Jon and Kristiane, and we're building Orloj ( https://orloj.dev ), an open-source (Apache 2.0) orchestration runtime for multi-agent AI systems. You define agents, tools, policies, and workflows in declarative YAML manifests, and Orloj handles scheduling, execution, governance, and reliability. We built this because running AI agents in production today looks a lot like running containers before Kubernetes: ad-hoc scripts, no governance, no observability, no standard way to manage the lifecycle of an agent fleet. Everyone we talked to was writing the same messy glue code to wire agents together, and nobody had a good answer for "which agent called which tool, and was it supposed to?" Orloj treats agents the way infrastructure-as-code treats cloud resources. You write a manifest that declares an agent's model, tools, permissions, and execution limits. You compose agents into directed graphs — pipelines, hierarchies, or swarm loops. The part we're most excited about is governance. AgentPolicy, AgentRole, and ToolPermission are evaluated inline during execution, before every agent turn and tool call. Instead of prompt instructions that the model might ignore, these policies are a runtime gate. Unauthorized actions fail closed with structured errors and full audit trails. You can set token budgets per run, whitelist models, block specific tools, and scope policies to individual agent systems. For reliability, we built lease-based task ownership (so crashed workers don't leave orphan tasks), capped exponential retry with jitter, idempotent replay, and dead-letter handling. The scheduler supports cron triggers and webhook-driven task creation. The architecture is a server/worker split. orlojd hosts the API, resource store (in-memory for dev, Postgres for production), and task scheduler. orlojworker instances claim and execute tasks, route model requests through a gateway (OpenAI, Anthropic, Ollama, etc.), and run tools in configurable isolation — direct, sandboxed, container, or WASM. For local development, you can run everything in a single process with orlojd --embedded-worker --storage-backend=memory. Tool isolation was important to us. A web search tool probably doesn't need sandboxing, but a code execution tool should run in a container with no network, a read-only filesystem, and a memory cap. You configure this per tool based on risk level, and the runtime enforces it. We also added native MCP support. You register an MCP server (stdio or HTTP), Orloj auto-discovers its tools, and they become first-class resources with governance applied. So you can connect something like the GitHub MCP server and still have policy enforcement over what agents are allowed to do with it. Three starter blueprints are included (pipeline, hierarchical, swarm-loop). Docs: https://docs.orloj.dev We're also building out starter templates for operational workflows where governance really matters. First on the roadmap: 1. Incident response triage, 2. Compliance evidence collector, 3. CVE investigation pipeline, and 4. Secret rotation auditor. We have 20 templates in mind and community contributions are welcome. We're a small team and this is v0.1.0, so there's a lot still on the roadmap — hosted cloud, compliance packaging, and more. But the full runtime is open source today and we'd love feedback on what we've built so far. What would you use this for? What's missing?
Wednesday, March 25, 2026
Tuesday, March 24, 2026
New top story on Hacker News: Tell HN: Litellm 1.82.7 and 1.82.8 on PyPI are compromised
Tell HN: Litellm 1.82.7 and 1.82.8 on PyPI are compromised
109 by dot_treo | 292 comments on Hacker News.
About an hour ago new versions have been deployed to PyPI. I was just setting up a new project, and things behaved weirdly. My laptop ran out of RAM, it looked like a forkbomb was running. I've investigated, and found that a base64 encoded blob has been added to proxy_server.py. It writes and decodes another file which it then runs. I'm in the process of reporting this upstream, but wanted to give everyone here a headsup. It is also reported in this issue: https://ift.tt/aU8hBTd
109 by dot_treo | 292 comments on Hacker News.
About an hour ago new versions have been deployed to PyPI. I was just setting up a new project, and things behaved weirdly. My laptop ran out of RAM, it looked like a forkbomb was running. I've investigated, and found that a base64 encoded blob has been added to proxy_server.py. It writes and decodes another file which it then runs. I'm in the process of reporting this upstream, but wanted to give everyone here a headsup. It is also reported in this issue: https://ift.tt/aU8hBTd
Monday, March 23, 2026
Sunday, March 22, 2026
Saturday, March 21, 2026
New top story on Hacker News: Show HN: Termcraft – terminal-first 2D sandbox survival in Rust
Show HN: Termcraft – terminal-first 2D sandbox survival in Rust
4 by sebosch | 0 comments on Hacker News.
I’ve been building termcraft, a terminal-first 2D sandbox survival game in Rust. The idea is to take the classic early survival progression and adapt it to a side-on terminal format instead of a tile or pixel-art engine. Current build includes: - procedural Overworld, Nether, and End generation - mining, placement, crafting, furnaces, brewing, and boats - hostile and passive mobs - villages, dungeons, strongholds, Nether fortresses, and dragon progression This is still early alpha, but it’s already playable. Project: https://ift.tt/tC5QqoM Docs: https://pagel-s.github.io/termcraft/ Demo: https://youtu.be/kR986Xqzj7E
4 by sebosch | 0 comments on Hacker News.
I’ve been building termcraft, a terminal-first 2D sandbox survival game in Rust. The idea is to take the classic early survival progression and adapt it to a side-on terminal format instead of a tile or pixel-art engine. Current build includes: - procedural Overworld, Nether, and End generation - mining, placement, crafting, furnaces, brewing, and boats - hostile and passive mobs - villages, dungeons, strongholds, Nether fortresses, and dragon progression This is still early alpha, but it’s already playable. Project: https://ift.tt/tC5QqoM Docs: https://pagel-s.github.io/termcraft/ Demo: https://youtu.be/kR986Xqzj7E
New top story on Hacker News: Show HN: Joonote – A note-taking app on your lock screen and notification panel
Show HN: Joonote – A note-taking app on your lock screen and notification panel
12 by kilgarenone | 3 comments on Hacker News.
I finally built this app after many years of being sick of unlocking my phone every goddamn time I need to take or view my notes. It particularly sucks when I'm doing my grocery and going down the list. I started building last year June. This is a native app written in Kotlin. And since I'm a 100% Web dev guy, I gotta say this wouldn't have been possible without this AI to assist me. So this isn't "vibe-coded". I simply used the chat interface in Gemini website, manually copy paste codes to build and integrate every single thing in the app! I used gemini to build it just because I was piggybacking on my last company's enterprise subscription. I personally didn't subscribe to any AI (and still don't cuz the free quota seems enough for me :) So I certainly have learnt alot about Android development, architecture patterns, Kotlin syntax, and obeying Google's whims. Can't say I love it all, but for the sake of this app, I will :) Anyway, I finally have the app I wish existed, and I'm using it everyday. It not only does the main thing I needed it to do, but there's also all this stuff: - Make your notes private if you don't want to show them on lock screen. - Create check/to-do lists. - Set one time or recurring reminders. - Full-text search your notes in the app. - Speech-to-text. - Organize your notes with custom or color labels. - Pin the app as a widget on your home screen. - You can auto backup and restore your notes on new install or Android device. - Works offline. - And no funny business happening in the background https://ift.tt/52LKWbM It's 30-day trial, then a one-time $9.99 to go Pro forever. I would love you all to check it out, FWIW. Ok thanks!
12 by kilgarenone | 3 comments on Hacker News.
I finally built this app after many years of being sick of unlocking my phone every goddamn time I need to take or view my notes. It particularly sucks when I'm doing my grocery and going down the list. I started building last year June. This is a native app written in Kotlin. And since I'm a 100% Web dev guy, I gotta say this wouldn't have been possible without this AI to assist me. So this isn't "vibe-coded". I simply used the chat interface in Gemini website, manually copy paste codes to build and integrate every single thing in the app! I used gemini to build it just because I was piggybacking on my last company's enterprise subscription. I personally didn't subscribe to any AI (and still don't cuz the free quota seems enough for me :) So I certainly have learnt alot about Android development, architecture patterns, Kotlin syntax, and obeying Google's whims. Can't say I love it all, but for the sake of this app, I will :) Anyway, I finally have the app I wish existed, and I'm using it everyday. It not only does the main thing I needed it to do, but there's also all this stuff: - Make your notes private if you don't want to show them on lock screen. - Create check/to-do lists. - Set one time or recurring reminders. - Full-text search your notes in the app. - Speech-to-text. - Organize your notes with custom or color labels. - Pin the app as a widget on your home screen. - You can auto backup and restore your notes on new install or Android device. - Works offline. - And no funny business happening in the background https://ift.tt/52LKWbM It's 30-day trial, then a one-time $9.99 to go Pro forever. I would love you all to check it out, FWIW. Ok thanks!
Friday, March 20, 2026
New top story on Hacker News: Show HN: I made an email app inspired by Arc browser
Show HN: I made an email app inspired by Arc browser
4 by johndamaia | 2 comments on Hacker News.
Email is one of those tools we check daily but its underlying experience didn’t evolve much. I use Gmail, as probably most of you reading this. The Arc browser brought joy and taste to browsing the web. Cursor created a new UX with agents ready to work for you in a handy right panel. I use these three tools every day. Since Arc was acquired by Atlassian, I’ve been wondering: what if I built a new interface that applied Arc’s UX to email rather than browser tabs, while making AI agents easily available to help manage emails, events, and files? I built a frontend PoC to showcase the idea. Try it: https://demo.define.app I’m not sure about it though... Is it worth continuing to explore this idea?
4 by johndamaia | 2 comments on Hacker News.
Email is one of those tools we check daily but its underlying experience didn’t evolve much. I use Gmail, as probably most of you reading this. The Arc browser brought joy and taste to browsing the web. Cursor created a new UX with agents ready to work for you in a handy right panel. I use these three tools every day. Since Arc was acquired by Atlassian, I’ve been wondering: what if I built a new interface that applied Arc’s UX to email rather than browser tabs, while making AI agents easily available to help manage emails, events, and files? I built a frontend PoC to showcase the idea. Try it: https://demo.define.app I’m not sure about it though... Is it worth continuing to explore this idea?
Thursday, March 19, 2026
New top story on Hacker News: Show HN: Dumped Wix for an AI Edge agent so I never have to hire junior staff
Show HN: Dumped Wix for an AI Edge agent so I never have to hire junior staff
8 by axotopia | 10 comments on Hacker News.
I run a building design consultancy. I got tired of paying Wix $40/month for a brochure that couldn’t answer simple service questions, and me wasting hours on the same FAQs. So I killed it all and spent 4 months building a 'talker': https://axoworks.com The stack is completely duct-taped: Netlify’s 10s serverless timeout forced me to split the agent into three pieces: Brain (Edge), Hands (Browser), and Voice (Edge). I haven’t coded in 30 years. This was 3 steps forward, 2 steps back, heavily guided by AI. The fight that proved it worked: 2 weeks ago, a licensed architect attacked the bot, trying to prove my business model harms the profession. The AI (DeepSeek-R3) completely dismantled his arguments. It was hilariously caustic. Log: https://ift.tt/CWQqdo6... A few battle scars: * Web Speech API works fine, right up until someone speaks Chinese without toggling the language mode. Then it forcefully spits out English phonetic gibberish. Still a headache. * Liability is the killer. Hallucinate a building code clause? We’re dead. Insurance won’t touch us. * We publish the audit logs to keep ourselves honest and make sure the system stays hardened. Audit: https://ift.tt/aEBm0k3 The hardest part was getting the intent right: making one LLM pivot seamlessly from a warm principal’s tone with a homeowner, to a defensive bulldog when attacked by a peer. That took 2.5 months of tuning. We burn through tokens with an 'Eager RAG' hack (pre-fetching guesses) just to improve responsiveness. I also ripped out the “essential” persistent DBs—less than 5% of visitors ever return, so why bother? If a client drops mid-query, their session vanishes. No server-side queues. The point: To let me operate with a network of seasoned pros, and trim the fat. Try to break it. I’ll be in the comments. Kee
8 by axotopia | 10 comments on Hacker News.
I run a building design consultancy. I got tired of paying Wix $40/month for a brochure that couldn’t answer simple service questions, and me wasting hours on the same FAQs. So I killed it all and spent 4 months building a 'talker': https://axoworks.com The stack is completely duct-taped: Netlify’s 10s serverless timeout forced me to split the agent into three pieces: Brain (Edge), Hands (Browser), and Voice (Edge). I haven’t coded in 30 years. This was 3 steps forward, 2 steps back, heavily guided by AI. The fight that proved it worked: 2 weeks ago, a licensed architect attacked the bot, trying to prove my business model harms the profession. The AI (DeepSeek-R3) completely dismantled his arguments. It was hilariously caustic. Log: https://ift.tt/CWQqdo6... A few battle scars: * Web Speech API works fine, right up until someone speaks Chinese without toggling the language mode. Then it forcefully spits out English phonetic gibberish. Still a headache. * Liability is the killer. Hallucinate a building code clause? We’re dead. Insurance won’t touch us. * We publish the audit logs to keep ourselves honest and make sure the system stays hardened. Audit: https://ift.tt/aEBm0k3 The hardest part was getting the intent right: making one LLM pivot seamlessly from a warm principal’s tone with a homeowner, to a defensive bulldog when attacked by a peer. That took 2.5 months of tuning. We burn through tokens with an 'Eager RAG' hack (pre-fetching guesses) just to improve responsiveness. I also ripped out the “essential” persistent DBs—less than 5% of visitors ever return, so why bother? If a client drops mid-query, their session vanishes. No server-side queues. The point: To let me operate with a network of seasoned pros, and trim the fat. Try to break it. I’ll be in the comments. Kee
Wednesday, March 18, 2026
Tuesday, March 17, 2026
Monday, March 16, 2026
Sunday, March 15, 2026
Saturday, March 14, 2026
Friday, March 13, 2026
Thursday, March 12, 2026
New top story on Hacker News: The Emotional Labor Behind AI Intimacy (2025) [pdf]
The Emotional Labor Behind AI Intimacy (2025) [pdf]
31 by beepbooptheory | 6 comments on Hacker News.
Related: https://ift.tt/zvM2Jnr... ( https://ift.tt/5bVkUTe )
31 by beepbooptheory | 6 comments on Hacker News.
Related: https://ift.tt/zvM2Jnr... ( https://ift.tt/5bVkUTe )
Wednesday, March 11, 2026
Tuesday, March 10, 2026
New top story on Hacker News: Yann LeCun raises $1B to build AI that understands the physical world
Yann LeCun raises $1B to build AI that understands the physical world
70 by helloplanets | 232 comments on Hacker News.
https://ift.tt/YFGu2Wr... https://ift.tt/DpIbrxZ... ( https://ift.tt/SW5F27q )
70 by helloplanets | 232 comments on Hacker News.
https://ift.tt/YFGu2Wr... https://ift.tt/DpIbrxZ... ( https://ift.tt/SW5F27q )
Monday, March 9, 2026
Sunday, March 8, 2026
New top story on Hacker News: Show HN: Skir – like Protocol Buffer but better
Show HN: Skir – like Protocol Buffer but better
12 by gepheum | 9 comments on Hacker News.
Why I built Skir: https://ift.tt/5fncDNp... Quick start: npx skir init All the config lives in one YML file. Website: https://skir.build GitHub: https://ift.tt/K6UlzrJ Would love feedback especially from teams running mixed-language stacks.
12 by gepheum | 9 comments on Hacker News.
Why I built Skir: https://ift.tt/5fncDNp... Quick start: npx skir init All the config lives in one YML file. Website: https://skir.build GitHub: https://ift.tt/K6UlzrJ Would love feedback especially from teams running mixed-language stacks.
Saturday, March 7, 2026
Friday, March 6, 2026
Thursday, March 5, 2026
Wednesday, March 4, 2026
Tuesday, March 3, 2026
Monday, March 2, 2026
Sunday, March 1, 2026
Saturday, February 28, 2026
Friday, February 27, 2026
New top story on Hacker News: Show HN: Unfudged – version every change between commits - local-first
Show HN: Unfudged – version every change between commits - local-first
12 by cyrusradfar | 8 comments on Hacker News.
I built unf after I pasted a prompt into the wrong agent terminal and it overwrote hours of hand-edits across a handful of files. Git couldn't help because I hadn't finished/committed my in progress work. I wanted something that recorded every save automatically so I could rewind to any point in time. I wanted to make it difficult for an agent to permanently screw anything up, even with an errant rm -rf unf is a background daemon that watches directories you choose (via CLI) and snapshots every text file on save. It stores file contents in an object store, tracks metadata in SQLite, and gives you a CLI to query and restore any version. The install includes a UI, as well to explore the history through time. The tool skips binaries and respects `.gitignore` if one exists. The interface borrows from git so it should feel familiar: unf log , unf diff , unf restore . I say "UN-EF" vs U.N.F, but that's for y'all to decide: I started by calling the project Unfucked and got unfucked.ai, which if you know me and the messes I get myself into, is a fitting purchase. The CLI command is `unf` and the Tauri desktop app is called "Unfudged". How it works: https://ift.tt/oyGs16w (summary below) The daemon uses FSEvents on macOS and inotify on Linux. When a file changes, `unf` hashes the content with BLAKE3 and checks whether that hash already exists in the object store — if it does, it just records a new metadata entry pointing to the existing blob. If not, it writes the blob and records the entry. Each snapshot is a row in SQLite. Restores read the blob back from the object store and overwrite the file, after taking a safety snapshot of the current state first (so restoring is itself reversible). There are two processes. The core daemon does the real work of managing FSEvents/inotify subscriptions across multiple watched directories and writing snapshots. A sentinel watchdog supervises it, kept alive and aligned by launchd on macOS and systemd on Linux. If the daemon crashes, the sentinel respawns it and reconciles any drift between what you asked to watch and what's actually being watched. It was hard to build the second daemon because it felt like conceding that the core wasn't solid enough, but I didn't want to ship a tool that demanded perfection to deliver on the product promise, so the sentinel is the safety net. Fingers crossed, I haven’t seen it crash in over a week of personal usage on my Mac. But, I don't want to trigger "works for me" trauma. The part I like most: On the UI, I enjoy viewing files through time. You can select a time section and filter your projects on a histogram of activity. That has been invaluable in seeing what the agent was doing. On the CLI, the commands are composable. Everything outputs to stdout so you can pipe it into whatever you want. I use these regularly and AI agents are better with the tool than I am: # What did my config look like before we broke it? unf cat nginx.conf --at 1h | nginx -t -c /dev/stdin # Grep through a deleted file unf cat old-routes.rs --at 2d | grep "pub fn" # Count how many lines changed in the last 10 minutes unf diff --at 10m | grep '^[+-]' | wc -l # Feed the last hour of changes to an AI for review unf diff --at 1h | pbcopy # Compare two points in time with your own diff tool diff <(unf cat app.tsx --at 1h) <(unf cat app.tsx --at 5m) # Restore just the .rs files that changed in the last 5 minutes unf diff --at 5m --json | jq -r '.changes[].file' | grep '\.rs$' | xargs -I{} unf restore {} --at 5m # Watch for changes in real time watch -n5 'unf diff --at 30s' What was new for me: I came to Rust in Nov. 2025 honestly because of HN enthusiasm and some FOMO. No regrets. I enjoy the language enough that I'm now working on custom clippy lints to enforce functional programming practices. This project was also my first Apple-notarized DMG, my first Homebrew tap, and my second Tauri app (first one I've shared). Install & Usage: > brew install cyrusradfar/unf/unfudged Then unf watch in a directory. unf help covers the details (or ask your agent to coach).
12 by cyrusradfar | 8 comments on Hacker News.
I built unf after I pasted a prompt into the wrong agent terminal and it overwrote hours of hand-edits across a handful of files. Git couldn't help because I hadn't finished/committed my in progress work. I wanted something that recorded every save automatically so I could rewind to any point in time. I wanted to make it difficult for an agent to permanently screw anything up, even with an errant rm -rf unf is a background daemon that watches directories you choose (via CLI) and snapshots every text file on save. It stores file contents in an object store, tracks metadata in SQLite, and gives you a CLI to query and restore any version. The install includes a UI, as well to explore the history through time. The tool skips binaries and respects `.gitignore` if one exists. The interface borrows from git so it should feel familiar: unf log , unf diff , unf restore . I say "UN-EF" vs U.N.F, but that's for y'all to decide: I started by calling the project Unfucked and got unfucked.ai, which if you know me and the messes I get myself into, is a fitting purchase. The CLI command is `unf` and the Tauri desktop app is called "Unfudged". How it works: https://ift.tt/oyGs16w (summary below) The daemon uses FSEvents on macOS and inotify on Linux. When a file changes, `unf` hashes the content with BLAKE3 and checks whether that hash already exists in the object store — if it does, it just records a new metadata entry pointing to the existing blob. If not, it writes the blob and records the entry. Each snapshot is a row in SQLite. Restores read the blob back from the object store and overwrite the file, after taking a safety snapshot of the current state first (so restoring is itself reversible). There are two processes. The core daemon does the real work of managing FSEvents/inotify subscriptions across multiple watched directories and writing snapshots. A sentinel watchdog supervises it, kept alive and aligned by launchd on macOS and systemd on Linux. If the daemon crashes, the sentinel respawns it and reconciles any drift between what you asked to watch and what's actually being watched. It was hard to build the second daemon because it felt like conceding that the core wasn't solid enough, but I didn't want to ship a tool that demanded perfection to deliver on the product promise, so the sentinel is the safety net. Fingers crossed, I haven’t seen it crash in over a week of personal usage on my Mac. But, I don't want to trigger "works for me" trauma. The part I like most: On the UI, I enjoy viewing files through time. You can select a time section and filter your projects on a histogram of activity. That has been invaluable in seeing what the agent was doing. On the CLI, the commands are composable. Everything outputs to stdout so you can pipe it into whatever you want. I use these regularly and AI agents are better with the tool than I am: # What did my config look like before we broke it? unf cat nginx.conf --at 1h | nginx -t -c /dev/stdin # Grep through a deleted file unf cat old-routes.rs --at 2d | grep "pub fn" # Count how many lines changed in the last 10 minutes unf diff --at 10m | grep '^[+-]' | wc -l # Feed the last hour of changes to an AI for review unf diff --at 1h | pbcopy # Compare two points in time with your own diff tool diff <(unf cat app.tsx --at 1h) <(unf cat app.tsx --at 5m) # Restore just the .rs files that changed in the last 5 minutes unf diff --at 5m --json | jq -r '.changes[].file' | grep '\.rs$' | xargs -I{} unf restore {} --at 5m # Watch for changes in real time watch -n5 'unf diff --at 30s' What was new for me: I came to Rust in Nov. 2025 honestly because of HN enthusiasm and some FOMO. No regrets. I enjoy the language enough that I'm now working on custom clippy lints to enforce functional programming practices. This project was also my first Apple-notarized DMG, my first Homebrew tap, and my second Tauri app (first one I've shared). Install & Usage: > brew install cyrusradfar/unf/unfudged Then unf watch in a directory. unf help covers the details (or ask your agent to coach).
Thursday, February 26, 2026
New top story on Hacker News: Show HN: Linex – A daily challenge: placing pieces on a board that fights back
Show HN: Linex – A daily challenge: placing pieces on a board that fights back
10 by Humanista75 | 8 comments on Hacker News.
Hi HN, I wanted to share a web game I’ve been building in HTML, JavaScript, MySQL, and PHP called LINEX. It is primarily designed and optimized to be played in the mobile browser. The idea is simple: you have an 8x8 board where you must place pieces (Tetris-style and some custom shapes) to clear horizontal and vertical lines. Yes, someone might think this has already been done, but let me explain. You choose where to place the piece and how to rotate it. The core interaction consists of "drawing" the piece tap-by-tap on the grid, which provides a very satisfying tactile sense of control and requires a much more thoughtful strategy. To avoid the flat difficulty curve typical of games in this genre, I’ve implemented a couple of twists: 1. Progressive difficulty (The board fights back): As you progress and clear lines, permanently blocked cells randomly appear on the board. This forces you to constantly adapt your spatial vision. 2. Tools to defend yourself: To counter frustration, you have a very limited number of aids (skip the piece, choose another one, or use a special 1x1 piece). These resources increase slightly as the board fills up with blocked cells, forcing you to decide the exact right moment to use them. The game features a daily challenge driven by a date-based random seed (PRNG). Everyone gets exactly the same sequence of pieces and blockers. Furthermore, the base difficulty scales throughout the week: on Mondays you start with a clean board (0 initial blocked cells, although several will appear as the game progresses), and the difficulty ramps up until Sunday, where you start the game with 3 obstacles already in place. In addition to the global medal leaderboard, you can add other users to your profile to create a private leaderboard and compete head-to-head just with your friends. Time is also an important factor, as in the event of a tie in cleared lines, the player who completed them faster will rank higher on the leaderboard. I would love for you to check it out. I'm especially looking for honest feedback on the difficulty curve, the piece-placement interaction (UI/UX), or the balancing of obstacles/tools, although any other ideas, critiques, or suggestions are welcome. https://ift.tt/VDxrKB2 Thanks!
10 by Humanista75 | 8 comments on Hacker News.
Hi HN, I wanted to share a web game I’ve been building in HTML, JavaScript, MySQL, and PHP called LINEX. It is primarily designed and optimized to be played in the mobile browser. The idea is simple: you have an 8x8 board where you must place pieces (Tetris-style and some custom shapes) to clear horizontal and vertical lines. Yes, someone might think this has already been done, but let me explain. You choose where to place the piece and how to rotate it. The core interaction consists of "drawing" the piece tap-by-tap on the grid, which provides a very satisfying tactile sense of control and requires a much more thoughtful strategy. To avoid the flat difficulty curve typical of games in this genre, I’ve implemented a couple of twists: 1. Progressive difficulty (The board fights back): As you progress and clear lines, permanently blocked cells randomly appear on the board. This forces you to constantly adapt your spatial vision. 2. Tools to defend yourself: To counter frustration, you have a very limited number of aids (skip the piece, choose another one, or use a special 1x1 piece). These resources increase slightly as the board fills up with blocked cells, forcing you to decide the exact right moment to use them. The game features a daily challenge driven by a date-based random seed (PRNG). Everyone gets exactly the same sequence of pieces and blockers. Furthermore, the base difficulty scales throughout the week: on Mondays you start with a clean board (0 initial blocked cells, although several will appear as the game progresses), and the difficulty ramps up until Sunday, where you start the game with 3 obstacles already in place. In addition to the global medal leaderboard, you can add other users to your profile to create a private leaderboard and compete head-to-head just with your friends. Time is also an important factor, as in the event of a tie in cleared lines, the player who completed them faster will rank higher on the leaderboard. I would love for you to check it out. I'm especially looking for honest feedback on the difficulty curve, the piece-placement interaction (UI/UX), or the balancing of obstacles/tools, although any other ideas, critiques, or suggestions are welcome. https://ift.tt/VDxrKB2 Thanks!
Wednesday, February 25, 2026
Tuesday, February 24, 2026
Monday, February 23, 2026
Sunday, February 22, 2026
Saturday, February 21, 2026
Friday, February 20, 2026
Thursday, February 19, 2026
Wednesday, February 18, 2026
Tuesday, February 17, 2026
Monday, February 16, 2026
Sunday, February 15, 2026
Saturday, February 14, 2026
Friday, February 13, 2026
New top story on Hacker News: Show HN: Moltis – AI assistant with memory, tools, and self-extending skills
Show HN: Moltis – AI assistant with memory, tools, and self-extending skills
4 by fabienpenso | 0 comments on Hacker News.
Hey HN. I'm Fabien, principal engineer, 25 years shipping production systems (Ruby, Swift, now Rust). I built Moltis because I wanted an AI assistant I could run myself, trust end to end, and make extensible in the Rust way using traits and the type system. It shares some ideas with OpenClaw (same memory approach, Pi-inspired self-extension) but is Rust-native from the ground up. The agent can create its own skills at runtime. Moltis is one Rust binary, 150k lines, ~60MB, web UI included. No Node, no Python, no runtime deps. Multi-provider LLM routing (OpenAI, local GGUF/MLX, Hugging Face), sandboxed execution (Docker/Podman/Apple Containers), hybrid vector + full-text memory, MCP tool servers with auto-restart, and multi-channel (web, Telegram, API) with shared context. MIT licensed. No telemetry phoning home, but full observability built in (OpenTelemetry, Prometheus). I've included 1-click deploys on DigitalOcean and Fly.io, but since a Docker image is provided you can easily run it on your own servers as well. I've written before about owning your content ( https://ift.tt/kvnmXwV ) and owning your email ( https://ift.tt/lJPQRmH ). Same logic here: if something touches your files, credentials, and daily workflow, you should be able to inspect it, audit it, and fork it if the project changes direction. It's alpha. I use it daily and I'm shipping because it's useful, not because it's done. Longer architecture deep-dive: https://ift.tt/qf08BLy... Happy to discuss the Rust architecture, security model, or local LLM setup. Would love feedback.
4 by fabienpenso | 0 comments on Hacker News.
Hey HN. I'm Fabien, principal engineer, 25 years shipping production systems (Ruby, Swift, now Rust). I built Moltis because I wanted an AI assistant I could run myself, trust end to end, and make extensible in the Rust way using traits and the type system. It shares some ideas with OpenClaw (same memory approach, Pi-inspired self-extension) but is Rust-native from the ground up. The agent can create its own skills at runtime. Moltis is one Rust binary, 150k lines, ~60MB, web UI included. No Node, no Python, no runtime deps. Multi-provider LLM routing (OpenAI, local GGUF/MLX, Hugging Face), sandboxed execution (Docker/Podman/Apple Containers), hybrid vector + full-text memory, MCP tool servers with auto-restart, and multi-channel (web, Telegram, API) with shared context. MIT licensed. No telemetry phoning home, but full observability built in (OpenTelemetry, Prometheus). I've included 1-click deploys on DigitalOcean and Fly.io, but since a Docker image is provided you can easily run it on your own servers as well. I've written before about owning your content ( https://ift.tt/kvnmXwV ) and owning your email ( https://ift.tt/lJPQRmH ). Same logic here: if something touches your files, credentials, and daily workflow, you should be able to inspect it, audit it, and fork it if the project changes direction. It's alpha. I use it daily and I'm shipping because it's useful, not because it's done. Longer architecture deep-dive: https://ift.tt/qf08BLy... Happy to discuss the Rust architecture, security model, or local LLM setup. Would love feedback.
Thursday, February 12, 2026
New top story on Hacker News: Show HN: Pgclaw – A "Clawdbot" in every row with 400 lines of Postgres SQL
Show HN: Pgclaw – A "Clawdbot" in every row with 400 lines of Postgres SQL
6 by calebhwin | 1 comments on Hacker News.
Hi HN, Been hacking on a simple way to run agents entirely inside of a Postgres database, "an agent per row". Things you could build with this: * Your own agent orchestrator * A personal assistant with time travel * (more things I can't think of yet) Not quite there yet but thought I'd share it in its current state.
6 by calebhwin | 1 comments on Hacker News.
Hi HN, Been hacking on a simple way to run agents entirely inside of a Postgres database, "an agent per row". Things you could build with this: * Your own agent orchestrator * A personal assistant with time travel * (more things I can't think of yet) Not quite there yet but thought I'd share it in its current state.
Wednesday, February 11, 2026
Tuesday, February 10, 2026
New top story on Hacker News: Show HN: HN Companion – web app that enhances the experience of reading HN
Show HN: HN Companion – web app that enhances the experience of reading HN
8 by georgeck | 2 comments on Hacker News.
HN is all about the rich discussions. We wanted to take the HN experience one step further - to bring the familiar keyboard-first navigation, find interesting viewpoints in the threads and get a gist of long threads so that we can decide which rabbit holes to explore. So we built HN Companion a year ago, and have been refining it ever since. Try it: https://ift.tt/7xB3P2L or available as an extension for Firefox / Chrome: [0]. Most AI summarization strips the voices from conversations by flattening threads into a wall of text. This kills the joy of reading HN discussions. Instead, HN Companion works differently - it understands the thread hierarchy, the voting patterns and contrasting viewpoints - everything that makes HN interesting. Think of it like clustering related discussions across multiple hierarchies into a group and surfacing the comments that represent each cluster. It keeps the verbatim text with backlinks so that you never lose context and can continue the conversation from that point. Here is how the summarization works under the hood [1]. We first built this as an open source browser extension. But soon we learned that people hesitate to install it. So we built the same experience as a web app with all the features. This helped people see how it works, and use it on mobile too (in the browser or as PWA). This is now a playground to try new features before taking them to the browser extension. We did a Show HN a year ago [2] and we have added these features based on user feedback: * cached summaries - summaries are generated and cached on our servers. This improved the speed significantly. You still have the option to use your own API key or use local models through Ollama. * our system prompt is available in the Settings page of the extension. You can customize it as you wish. * sort the posts in the feed pages (/home, /show etc.) based on points, comments, time or the default sorting order. * We tried fine tuning an open weights model to summarize, but learned that with a good system prompt and user prompt, the frontier models deliver results of similar quality. So we didn’t use the fine-tuned model, but you can run them locally. The browser extension does not track any usage or analytics. The code is open source[3]. We want to continue to improve HN Companion, specifically add features like following an author, notes about an author, draft posts etc. See it in action for a post here https://ift.tt/KGCVPBY We would love to get your feedback on what would make this more useful for your HN reading. [0] https://ift.tt/m0OquCD [1] https://ift.tt/2Y3QJ6g [2] https://ift.tt/FnO65tv [3] https://ift.tt/ngmokd1
8 by georgeck | 2 comments on Hacker News.
HN is all about the rich discussions. We wanted to take the HN experience one step further - to bring the familiar keyboard-first navigation, find interesting viewpoints in the threads and get a gist of long threads so that we can decide which rabbit holes to explore. So we built HN Companion a year ago, and have been refining it ever since. Try it: https://ift.tt/7xB3P2L or available as an extension for Firefox / Chrome: [0]. Most AI summarization strips the voices from conversations by flattening threads into a wall of text. This kills the joy of reading HN discussions. Instead, HN Companion works differently - it understands the thread hierarchy, the voting patterns and contrasting viewpoints - everything that makes HN interesting. Think of it like clustering related discussions across multiple hierarchies into a group and surfacing the comments that represent each cluster. It keeps the verbatim text with backlinks so that you never lose context and can continue the conversation from that point. Here is how the summarization works under the hood [1]. We first built this as an open source browser extension. But soon we learned that people hesitate to install it. So we built the same experience as a web app with all the features. This helped people see how it works, and use it on mobile too (in the browser or as PWA). This is now a playground to try new features before taking them to the browser extension. We did a Show HN a year ago [2] and we have added these features based on user feedback: * cached summaries - summaries are generated and cached on our servers. This improved the speed significantly. You still have the option to use your own API key or use local models through Ollama. * our system prompt is available in the Settings page of the extension. You can customize it as you wish. * sort the posts in the feed pages (/home, /show etc.) based on points, comments, time or the default sorting order. * We tried fine tuning an open weights model to summarize, but learned that with a good system prompt and user prompt, the frontier models deliver results of similar quality. So we didn’t use the fine-tuned model, but you can run them locally. The browser extension does not track any usage or analytics. The code is open source[3]. We want to continue to improve HN Companion, specifically add features like following an author, notes about an author, draft posts etc. See it in action for a post here https://ift.tt/KGCVPBY We would love to get your feedback on what would make this more useful for your HN reading. [0] https://ift.tt/m0OquCD [1] https://ift.tt/2Y3QJ6g [2] https://ift.tt/FnO65tv [3] https://ift.tt/ngmokd1
Monday, February 9, 2026
Sunday, February 8, 2026
Saturday, February 7, 2026
Friday, February 6, 2026
New top story on Hacker News: Show HN: Daily-updated database of malicious browser extensions
Show HN: Daily-updated database of malicious browser extensions
7 by toborrm9 | 3 comments on Hacker News.
Hey HN, I built an automated system that tracks malicious Chrome/Edge extensions daily. The database updates automatically by monitoring chrome-stats for removed extensions and scanning security blogs. Currently tracking 1000+ known malicious extensions with extension IDs, names, and dates. I'm working on detection tools (GUI + CLI) to scan locally installed extensions against this database, but wanted to share the raw data first since maintained threat intelligence lists like this are hard to find. The automation runs 24/7 and pushes updates to GitHub. Free to use for research, integration into security tools, or whatever you need. Happy to answer questions about the scraping approach or data collection methods.
7 by toborrm9 | 3 comments on Hacker News.
Hey HN, I built an automated system that tracks malicious Chrome/Edge extensions daily. The database updates automatically by monitoring chrome-stats for removed extensions and scanning security blogs. Currently tracking 1000+ known malicious extensions with extension IDs, names, and dates. I'm working on detection tools (GUI + CLI) to scan locally installed extensions against this database, but wanted to share the raw data first since maintained threat intelligence lists like this are hard to find. The automation runs 24/7 and pushes updates to GitHub. Free to use for research, integration into security tools, or whatever you need. Happy to answer questions about the scraping approach or data collection methods.
Thursday, February 5, 2026
Wednesday, February 4, 2026
Tuesday, February 3, 2026
New top story on Hacker News: Show HN: PII-Shield – Log Sanitization Sidecar with JSON Integrity (Go, Entropy)
Show HN: PII-Shield – Log Sanitization Sidecar with JSON Integrity (Go, Entropy)
5 by aragoss | 0 comments on Hacker News.
What PII-Shield does: It's a K8s sidecar (or CLI tool) that pipes application logs, detects secrets using Shannon entropy (catching unknown keys like "sk-live-..." without predefined patterns), and redacts them deterministically using HMAC. Why deterministic? So that "pass123" always hashes to the same "[HIDDEN:a1b2c]", allowing QA/Devs to correlate errors without seeing the raw data. Key features: 1. JSON Integrity: It parses JSON, sanitizes values, and rebuilds it. It guarantees valid JSON output for your SIEM (ELK/Datadog). 2. Entropy Detection: Uses context-aware entropy analysis to catch high-randomness strings. 3. Fail-Open: Designed as a transparent pipe wrapper to preserve app uptime. The project is open-source (Apache 2.0). Repo: https://ift.tt/xkCsIvZ Docs: https://pii-shield.gitbook.io/docs/ I'd love your feedback on the entropy/threshold logic!
5 by aragoss | 0 comments on Hacker News.
What PII-Shield does: It's a K8s sidecar (or CLI tool) that pipes application logs, detects secrets using Shannon entropy (catching unknown keys like "sk-live-..." without predefined patterns), and redacts them deterministically using HMAC. Why deterministic? So that "pass123" always hashes to the same "[HIDDEN:a1b2c]", allowing QA/Devs to correlate errors without seeing the raw data. Key features: 1. JSON Integrity: It parses JSON, sanitizes values, and rebuilds it. It guarantees valid JSON output for your SIEM (ELK/Datadog). 2. Entropy Detection: Uses context-aware entropy analysis to catch high-randomness strings. 3. Fail-Open: Designed as a transparent pipe wrapper to preserve app uptime. The project is open-source (Apache 2.0). Repo: https://ift.tt/xkCsIvZ Docs: https://pii-shield.gitbook.io/docs/ I'd love your feedback on the entropy/threshold logic!
Monday, February 2, 2026
Sunday, February 1, 2026
Saturday, January 31, 2026
Friday, January 30, 2026
Thursday, January 29, 2026
Wednesday, January 28, 2026
Tuesday, January 27, 2026
New top story on Hacker News: A few random notes from Claude coding quite a bit last few weeks
A few random notes from Claude coding quite a bit last few weeks
49 by bigwheels | 63 comments on Hacker News.
https://ift.tt/3uaHNmz
49 by bigwheels | 63 comments on Hacker News.
https://ift.tt/3uaHNmz
Monday, January 26, 2026
Sunday, January 25, 2026
Saturday, January 24, 2026
New top story on Hacker News: Ask HN: Gmail spam filtering suddenly marking everything as spam?
Ask HN: Gmail spam filtering suddenly marking everything as spam?
22 by goopthink | 40 comments on Hacker News.
Almost all transactional emails are being marked as suspicious even when their SPF/DKIM records are fine and they’ve been whitelisted before. Did Google break something in gmail/spam filtering?
22 by goopthink | 40 comments on Hacker News.
Almost all transactional emails are being marked as suspicious even when their SPF/DKIM records are fine and they’ve been whitelisted before. Did Google break something in gmail/spam filtering?
Friday, January 23, 2026
New top story on Hacker News: Show HN: Teemux – Zero-config log multiplexer with built-in MCP server
Show HN: Teemux – Zero-config log multiplexer with built-in MCP server
4 by gajus | 0 comments on Hacker News.
I started to use AI agents for coding and quickly ran into a frustrating limitation – there is no easy way to share my development environment logs with AI agents. So that's what is Teemux. A simple CLI program that aggregates logs, makes them available to you as a developer (in a pretty UI), and makes them available to your AI coding agents using MCP. There is one implementation detail that I geek out about: It is zero config and has built-in leader nomination for running the web server and MCP server. When you start one `teemux` instance, it starts web server, .. when you start second and third instances, they join the first server and start merging logs. If you were to kill the first instance, a new leader is nominated. This design allows to seamless add/remove nodes that share logs (a process that historically would have taken a central log aggregator). A super quick demo: npx teemux -- curl -N https://ift.tt/WkSsVga
4 by gajus | 0 comments on Hacker News.
I started to use AI agents for coding and quickly ran into a frustrating limitation – there is no easy way to share my development environment logs with AI agents. So that's what is Teemux. A simple CLI program that aggregates logs, makes them available to you as a developer (in a pretty UI), and makes them available to your AI coding agents using MCP. There is one implementation detail that I geek out about: It is zero config and has built-in leader nomination for running the web server and MCP server. When you start one `teemux` instance, it starts web server, .. when you start second and third instances, they join the first server and start merging logs. If you were to kill the first instance, a new leader is nominated. This design allows to seamless add/remove nodes that share logs (a process that historically would have taken a central log aggregator). A super quick demo: npx teemux -- curl -N https://ift.tt/WkSsVga
Thursday, January 22, 2026
New top story on Hacker News: Show HN: Synesthesia, make noise music with a colorpicker
Show HN: Synesthesia, make noise music with a colorpicker
6 by tevans3 | 2 comments on Hacker News.
This is a (silly, little) app which lets you make noise music using a color picker as an instrument. When you click on a specific point in the color picker, a bit of JavaScript maps the binary representation of the clicked-on color's hex-code to a "chord" in the 24 tone-equal-temperament scale. That chord is then played back using a throttled audio generation method which was implemented via Tone.js. NOTE! Turn the volume way down before using the site. It is noise music. :)
6 by tevans3 | 2 comments on Hacker News.
This is a (silly, little) app which lets you make noise music using a color picker as an instrument. When you click on a specific point in the color picker, a bit of JavaScript maps the binary representation of the clicked-on color's hex-code to a "chord" in the 24 tone-equal-temperament scale. That chord is then played back using a throttled audio generation method which was implemented via Tone.js. NOTE! Turn the volume way down before using the site. It is noise music. :)
New top story on Hacker News: Show HN: Bible translated using LLMs from source Greek and Hebrew
Show HN: Bible translated using LLMs from source Greek and Hebrew
15 by epsteingpt | 15 comments on Hacker News.
Built an auditable AI (Bible) translation pipeline: Hebrew/Greek source packets -> verse JSON with notes rolling up to chapters, books, and testaments. Final texts compiled with metrics (TTR, n-grams). This is the first full-text example as far as I know (Gen Z bible doesn't count). There are hallucinations and issues, but the overall quality surprised me. LLMs have a lot of promise translating and rendering 'accessible' more ancient texts. The technology has a lot of benefit for the faithful, that I think is only beginning to be explored.
15 by epsteingpt | 15 comments on Hacker News.
Built an auditable AI (Bible) translation pipeline: Hebrew/Greek source packets -> verse JSON with notes rolling up to chapters, books, and testaments. Final texts compiled with metrics (TTR, n-grams). This is the first full-text example as far as I know (Gen Z bible doesn't count). There are hallucinations and issues, but the overall quality surprised me. LLMs have a lot of promise translating and rendering 'accessible' more ancient texts. The technology has a lot of benefit for the faithful, that I think is only beginning to be explored.
Wednesday, January 21, 2026
Tuesday, January 20, 2026
Monday, January 19, 2026
Sunday, January 18, 2026
Saturday, January 17, 2026
Friday, January 16, 2026
New top story on Hacker News: The Alignment Game
The Alignment Game
7 by dmvaldman | 0 comments on Hacker News.
https://docs.google.com/spreadsheets/d/1BYh9ZtEv4k7xoSXmtf1q...
7 by dmvaldman | 0 comments on Hacker News.
https://docs.google.com/spreadsheets/d/1BYh9ZtEv4k7xoSXmtf1q...
Thursday, January 15, 2026
New top story on Hacker News: Show HN: ContextFort – Visibility and controls for browser agents
Show HN: ContextFort – Visibility and controls for browser agents
8 by ashwinr2002 | 1 comments on Hacker News.
Hey HN! I’m Ashwin, co-founder of ContextFort ( https://contextfort.ai/ ). We provide visibility and controls for AI browser agents like Claude in Chrome through an open-source browser extension. Browser agents are AI copilots that can autonomously navigate and take actions in your browser. They show up as standalone browsers (Comet, Atlas) or Chrome extensions (Claude). They’re especially useful in sites where search/API connectors don’t work well, like searching through Google Groups threads for a bug fix or pulling invoices from BILL.com. Anthropic released Claude CoWork yesterday, and in their launch video, they showcased their browser-use chromium extension: https://www.youtube.com/watch?v=UAmKyyZ-b9E But enterprise adoption is slow because of indirect prompt injection risks, about which Simon Willison has written in great detail in his blogs: https://ift.tt/3Mg8dtE... . And before security teams can decide on guardrails, they need to know how employees are using browser agents to understand where the risks are. So, we reverse-engineered how the Claude in Chrome extension works and built a visibility layer that tracks agent sessions end-to-end. It detects when an AI agent takes control of the browser and records which pages it visited during a session and what it does on each page (what was clicked and where text was input). On top of that, we’ve also added simple controls for security teams to act on based on what the visibility layer captures: (1) Block specific actions on specific pages (e.g., prevent the agent from clicking “Submit” on email) (2) Block risky cross-site flows in a single session (e.g., block navigation to Atlassian after interacting with StackOverflow), or apply a stricter policy and block bringing any external context to Atlassian entirely. We demo all the above features here in this 2-minute YouTube video: https://www.youtube.com/watch?v=1YtEGVZKMeo You can try our browser extension here: https://ift.tt/R5whPbZ Thrilled to share this with you and hear your comments!
8 by ashwinr2002 | 1 comments on Hacker News.
Hey HN! I’m Ashwin, co-founder of ContextFort ( https://contextfort.ai/ ). We provide visibility and controls for AI browser agents like Claude in Chrome through an open-source browser extension. Browser agents are AI copilots that can autonomously navigate and take actions in your browser. They show up as standalone browsers (Comet, Atlas) or Chrome extensions (Claude). They’re especially useful in sites where search/API connectors don’t work well, like searching through Google Groups threads for a bug fix or pulling invoices from BILL.com. Anthropic released Claude CoWork yesterday, and in their launch video, they showcased their browser-use chromium extension: https://www.youtube.com/watch?v=UAmKyyZ-b9E But enterprise adoption is slow because of indirect prompt injection risks, about which Simon Willison has written in great detail in his blogs: https://ift.tt/3Mg8dtE... . And before security teams can decide on guardrails, they need to know how employees are using browser agents to understand where the risks are. So, we reverse-engineered how the Claude in Chrome extension works and built a visibility layer that tracks agent sessions end-to-end. It detects when an AI agent takes control of the browser and records which pages it visited during a session and what it does on each page (what was clicked and where text was input). On top of that, we’ve also added simple controls for security teams to act on based on what the visibility layer captures: (1) Block specific actions on specific pages (e.g., prevent the agent from clicking “Submit” on email) (2) Block risky cross-site flows in a single session (e.g., block navigation to Atlassian after interacting with StackOverflow), or apply a stricter policy and block bringing any external context to Atlassian entirely. We demo all the above features here in this 2-minute YouTube video: https://www.youtube.com/watch?v=1YtEGVZKMeo You can try our browser extension here: https://ift.tt/R5whPbZ Thrilled to share this with you and hear your comments!
Wednesday, January 14, 2026
Tuesday, January 13, 2026
Monday, January 12, 2026
New top story on Hacker News: Unauthenticated remote code execution in OpenCode
Unauthenticated remote code execution in OpenCode
24 by CyberShadow | 1 comments on Hacker News.
Previous versions of OpenCode started a server which allowed any website visited in a web browser to execute arbitrary commands on the local machine. Make sure you are using v1.1.10 or newer; see link for more details.
24 by CyberShadow | 1 comments on Hacker News.
Previous versions of OpenCode started a server which allowed any website visited in a web browser to execute arbitrary commands on the local machine. Make sure you are using v1.1.10 or newer; see link for more details.
Sunday, January 11, 2026
New top story on Hacker News: Ask HN: What Are You Working On? (January 2026)
Ask HN: What Are You Working On? (January 2026)
46 by david927 | 138 comments on Hacker News.
What are you working on? Any new ideas that you're thinking about?
46 by david927 | 138 comments on Hacker News.
What are you working on? Any new ideas that you're thinking about?
Saturday, January 10, 2026
New top story on Hacker News: Drones that recharge directly on transmission lines
Drones that recharge directly on transmission lines
17 by alphabetatango | 7 comments on Hacker News.
17 by alphabetatango | 7 comments on Hacker News.
Friday, January 9, 2026
New top story on Hacker News: Scientists discover oldest poison, on 60k-year-old arrows
Scientists discover oldest poison, on 60k-year-old arrows
4 by noleary | 0 comments on Hacker News.
https://ift.tt/QBzcxFK
4 by noleary | 0 comments on Hacker News.
https://ift.tt/QBzcxFK
Thursday, January 8, 2026
Wednesday, January 7, 2026
New top story on Hacker News: Polymarket refuses to pay bets that US would 'invade' Venezuela
Polymarket refuses to pay bets that US would 'invade' Venezuela
60 by petethomas | 22 comments on Hacker News.
https://ift.tt/QLJ8MAI
60 by petethomas | 22 comments on Hacker News.
https://ift.tt/QLJ8MAI
Tuesday, January 6, 2026
Monday, January 5, 2026
Sunday, January 4, 2026
New top story on Hacker News: Show HN: Hover – IDE style hover documentation on any webpage
Show HN: Hover – IDE style hover documentation on any webpage
5 by sampsonj | 0 comments on Hacker News.
I thought it would be interesting to have ID style hover docs outside the IDE. Hover is a Chrome extension that gives you IDE style hover tooltips on any webpage: documentation sites, ChatGPT, Claude, etc. How it works: - When a code block comes into view, the extension detects tokens and sends the code to an LLM (via OpenRouter or custom endpoint) - The LLM generates documentation for tokens worth documenting, which gets cached - On hover, the cached documentation is displayed instantly A few things I wanted to get right: - Website permissions are granular and use Chrome's permission system, so the extension only runs where you allow it - Custom endpoints let you skip OpenRouter entirely – if you're at a company with its own infra, you can point it at AWS Bedrock, Google AI Studio, or whatever you have Built with TypeScript, Vite, and the Chrome extension APIs. Coming to the Chrome Web Store soon. Would love feedback on the onboarding experience and general UX – there were a lot of design decisions I wasn't sure about. Happy to answer questions about the implementation.
5 by sampsonj | 0 comments on Hacker News.
I thought it would be interesting to have ID style hover docs outside the IDE. Hover is a Chrome extension that gives you IDE style hover tooltips on any webpage: documentation sites, ChatGPT, Claude, etc. How it works: - When a code block comes into view, the extension detects tokens and sends the code to an LLM (via OpenRouter or custom endpoint) - The LLM generates documentation for tokens worth documenting, which gets cached - On hover, the cached documentation is displayed instantly A few things I wanted to get right: - Website permissions are granular and use Chrome's permission system, so the extension only runs where you allow it - Custom endpoints let you skip OpenRouter entirely – if you're at a company with its own infra, you can point it at AWS Bedrock, Google AI Studio, or whatever you have Built with TypeScript, Vite, and the Chrome extension APIs. Coming to the Chrome Web Store soon. Would love feedback on the onboarding experience and general UX – there were a lot of design decisions I wasn't sure about. Happy to answer questions about the implementation.
Saturday, January 3, 2026
Friday, January 2, 2026
Thursday, January 1, 2026
New top story on Hacker News: Show HN: Feature detection exploration in Lidar DEMs via differential decomp
Show HN: Feature detection exploration in Lidar DEMs via differential decomp
3 by DarkForestery | 0 comments on Hacker News.
I'm not a geospatial expert — I work in AI/ML. This started when I was exploring LiDAR data with agentic assitince and noticed that different signal decomposition methods revealed different terrain features. The core idea: if you systematically combine decomposition methods (Gaussian, bilateral, wavelet, morphological, etc.) with different upsampling techniques, each combination has characteristic "failure modes" that selectively preserve or eliminate certain features. The differences between outputs become feature-specific filters. The framework tests 25 decomposition × 19 upsampling methods across parameter ranges — about 40,000 combinations total. The visualization grid makes it easy to compare which methods work for what. Built in Cursor with Opus 4.5, NumPy, SciPy, scikit-image, PyWavelets, and OpenCV. Apache 2.0 licensed. I'd appreciate feedback from anyone who actually works with elevation data. What am I missing? What's obvious to practitioners that I wouldn't know?
3 by DarkForestery | 0 comments on Hacker News.
I'm not a geospatial expert — I work in AI/ML. This started when I was exploring LiDAR data with agentic assitince and noticed that different signal decomposition methods revealed different terrain features. The core idea: if you systematically combine decomposition methods (Gaussian, bilateral, wavelet, morphological, etc.) with different upsampling techniques, each combination has characteristic "failure modes" that selectively preserve or eliminate certain features. The differences between outputs become feature-specific filters. The framework tests 25 decomposition × 19 upsampling methods across parameter ranges — about 40,000 combinations total. The visualization grid makes it easy to compare which methods work for what. Built in Cursor with Opus 4.5, NumPy, SciPy, scikit-image, PyWavelets, and OpenCV. Apache 2.0 licensed. I'd appreciate feedback from anyone who actually works with elevation data. What am I missing? What's obvious to practitioners that I wouldn't know?
Subscribe to:
Comments (Atom)