frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Run your own self-hosted LLMs with Docker Compose

https://totaldebug.uk/posts/self-hosted-llms-ollama-open-webui-docker-compose/
1•marksie1988•1m ago•0 comments

WannaCry cluster from 2017 still spreading in 2026 – 269 samples in 72h

https://sshlab.eu/blog/a-wannacry-cluster-from-2017-still-active-in-2026-b5bdaad3
1•dblanko•5m ago•0 comments

The space bit of SpaceX is worth $8 a share, says Morgan Stanley

https://www.ft.com/content/09a62ed4-16af-433c-adb7-c877d1975388
2•iamflimflam1•6m ago•0 comments

Ask HN: Is there anything good in the existence of LLMs?

1•sirnicolaz•7m ago•0 comments

Zero-Trust Workload Identity in Kubernetes with Spiffe, Spire, and Cilium

https://www.freecodecamp.org/news/implement-zero-trust-workload-identity-in-kubernetes-with-spiff...
1•enz•7m ago•0 comments

Browser extension to filter out all unknown brands from Amazon search results

https://chromewebstore.google.com/detail/amazonbrandfilter/mhfjchmiaocbleapojmgnmjfcmanihio
2•alecco•15m ago•1 comments

Beyond Refusal: Aligned vs. Abliterated LLMs for Vulnerability Analysis

https://arxiv.org/abs/2607.05842
1•sbulaev•16m ago•0 comments

Moraine: Unified Agent Tracing

https://github.com/eric-tramel/moraine
1•handfuloflight•18m ago•0 comments

The social physics of conversation: Communication patterns matter

https://andiroberts.com/citizenship/the-social-physics-of-conversation-citizenship-leadership
1•kiyanwang•18m ago•0 comments

The hard part wasn't the code. The hard part was the thinking that produced it

https://medium.com/@mjmoughtin/the-reframe-2f2a74aa4b93
1•raychis•19m ago•0 comments

The Download: your stake in OpenAI, and the Treasury's AI warning

https://www.technologyreview.com/2026/07/07/1140197/the-download-your-openai-stake-treasury-ai-wa...
1•joozio•19m ago•0 comments

Zebra-Rs Rust Version of GNU Zebra, Quagga, FRR

https://zebra.rs
1•kishiguro•20m ago•0 comments

Leave a failing test before you go on vacation

https://lukapeharda.com/article/leave-a-failing-test-before-you-go-on-vacation/
1•srijan4•21m ago•0 comments

Show HN: Plugin to Connect Pi to Signal

https://github.com/aalzubidy/pi-signal
1•sub-e12•22m ago•0 comments

Badger: Low-level SQLite file format visualizer

https://github.com/nikitazigman/badger
1•thunderbong•23m ago•0 comments

Microsoft Laid Off a 37-Year Vet

https://twitter.com/layoffai/status/2074629736140075212
3•taubek•29m ago•0 comments

The Four Core Areas of Responsibility for an Engineering Manager

https://softwareleads.substack.com/p/the-four-pillars-of-engineering-management
1•kiyanwang•30m ago•0 comments

Show HN: Jot, a menu bar app that catches a thought before it's gone

https://jot.arunbrahma.com
1•masterbrewer•31m ago•0 comments

Highlite – Make any website your virtual whiteboard

https://get-highlite.app
1•ryoann•32m ago•0 comments

Not all model upgrades are upgrades

https://developer.microsoft.com/blog/not-all-model-upgrades-are-upgrades
1•waldekm•33m ago•0 comments

Turn a €5 ESP32-S3 Board into a Browser-Based Workbench for Hardware Hacking

https://www.hackster.io/geo-tp/turn-a-5-esp32-s3-board-into-a-browser-based-workbench-b528dd
1•geotp•34m ago•0 comments

OpenAI to unveil GPT-5.6 on Thursday after delaying launch

https://www.reuters.com/technology/openai-gets-us-approval-broad-gpt-56-rollout-axios-reports-202...
1•adithyaharish•35m ago•0 comments

B2B Payment Platforms for Global Businesses in 2026: A Comparative Guide

https://www.xtransfer.com/blog/b2b-payment-platforms-global-business
1•pingx•35m ago•0 comments

Omp

https://omp.sh/
1•217•35m ago•2 comments

Nextdocs.io – AI Slide Generation

https://www.nextdocs.io
1•galacticdessert•37m ago•0 comments

My Name Is SiMON

https://github.com/ProphetGang/formal_symbol_language
1•ProphetGang•42m ago•1 comments

Vagrant-tart: Vagrant plugin for Tart; run macOS VMs on M-series using Vagrant

https://github.com/letiemble/vagrant-tart
1•gurjeet•47m ago•0 comments

From Quantum Relative Entropy to the Semiclassical Einstein Equations

https://journals.aps.org/prl/pdf/10.1103/lmq8-nsty
1•sonicrocketman•48m ago•0 comments

Notes and reading materials on finite topological spaces

https://math.uchicago.edu/~may/finite
2•gone35•52m ago•0 comments

I built a single endpoint that turns anything into LLM-ready data

https://ingesti.xyz
1•tenesedu•52m ago•0 comments
Open in hackernews

Show HN: AgentShield SDK – Runtime security for agentic AI applications

https://pypi.org/project/agentshield-sdk/
2•iamsanjayk•1y ago
Hi HN,

We built AgentShield, a Python SDK and CLI to add a security checkpoint for AI agents before they perform potentially risky actions like external API calls or executing generated code.

Problem: Agents calling arbitrary URLs or running unchecked code can lead to data leaks, SSRF, system damage, etc.

Solution: AgentShield intercepts these actions:

- guarded_get(url=...): Checks URL against policies (block internal IPs, HTTP, etc.) before making the request.

- safe_execute(code_snippet=...): Checks code for risky patterns (os import, eval, file access, etc.) before execution.

It works via a simple API call to evaluate the action against configurable security policies. It includes default policies for common risks.

Get Started:

Install: pip install agentshield-sdk

Get API Key (CLI): agentshield keys create

Use in Python: from agentshield_sdk import AgentShield # shield = AgentShield(api_key=...) # await shield.guarded_get(url=...) # await shield.safe_execute(code_snippet=...)

Full details, documentation, and the complete README are at <https://pypi.org/project/agentshield-sdk/>

We built this because securing agent interactions felt crucial as they become more capable. It's still early days, and we'd love to get your feedback on the approach, usability, and policies.

Comments

subhampramanik•1y ago
Looks interesting -- Does it work like a wrapper on top of OpenAI specs? Like, can we just replace the OpenAI package with this, and it's fully integrated?
iamsanjayk•1y ago
Hey, thanks for asking! Good question.

AgentShield isn't a wrapper around the OpenAI package, so you wouldn't replace openai with it. Think of AgentShield as a separate safety check you call just before your agent actually tries to run a specific risky action.

So, you'd still use the openai library as normal to get your response (like a URL to call or code to run). Then, before you actually use httpx/requests to call that URL, or exec() to run the code, you'd quickly check it with shield.guarded_get(the_url) or shield.safe_execute(the_code).

Currently, It focuses on securing the action itself (the URL, the code snippet) rather than wrapping the LLM call that generated it.