frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Show HN: Spendict – a performance marketer's verdict for AI agents, over MCP

https://www.spendict.com/
1•ds246•3m ago•0 comments

Cloud Rebuild (Preview)

https://learn.microsoft.com/en-us/windows/configuration/cloud-rebuild/
1•taubek•7m ago•0 comments

Turbocharged solo dev – zooming out a couple of clicks

https://adjohu.com/blog/turbocharged-solo-dev/
1•adjohu•8m ago•0 comments

Children (Composition)

https://en.wikipedia.org/wiki/Children_(composition)
1•doener•10m ago•0 comments

Show HN: Lip Sync AI – Create Your Talking Videos Instantly

https://lipsyncai.co/
1•vtoolpro•13m ago•0 comments

AI-powered video generator SaaS Application for Sale

https://flippa.com/13365327-ai-powered-video-generation-platform-for-creating-viral-short-form-co...
1•kilincarslan•13m ago•1 comments

Movement Is Not Progress

https://frederickvanbrabant.com/blog/2026-07-10-movement-is-not-progress/
1•TheEdonian•14m ago•0 comments

Onemind.md – give your repo a memory without any extra tooling

https://github.com/lazardanlucian/onemind.md
1•lazardanlucian•17m ago•0 comments

I don't need you. I do

https://www.sunilshenoy.com/2026/07/12/i-dont-need-you-i.html
1•cybersunil•18m ago•0 comments

Yakr – a social-relay messaging protocol with Python and Rust implementations

https://github.com/MY20-PHEV/yakr
1•MY10-PHEV•24m ago•0 comments

Show HN: Grinta – a local-first coding agent built for long autonomous runs

https://github.com/josephsenior/Grinta-Coding-Agent
1•JosephSenior•26m ago•0 comments

How does a Dev's job look like in a few years?

1•korrak•26m ago•1 comments

Show HN: Runeward: Sandboxing AI agents with policy gates

https://runewardd.github.io/runeward/
1•tha_infra_guy•30m ago•0 comments

Big Tech to face fines for consumer protection failures, says EU official

https://www.ft.com/content/25640be5-a5bd-4548-81f9-bd0e16f87f35
2•giuliomagnifico•31m ago•1 comments

Leaked Documents Reveal Secret Russia-China Military Plan to Disable Starlink

https://united24media.com/world/leaked-documents-reveal-possible-secret-russia-china-military-pla...
2•vrganj•33m ago•0 comments

Show HN: DPDK vs. Af_XDP Latency Benchmarks Tested on Real NICs

https://github.com/ASherjil/ABTRDA3
1•CoreCppEngineer•33m ago•1 comments

Cuelume: Interface Sound Design Kit

https://cuelume-site.pages.dev/
1•handfuloflight•34m ago•0 comments

Itanium: Market Reception

https://en.wikipedia.org/wiki/Itanium
1•tosh•34m ago•1 comments

Meta u-turns on AI feature amid privacy backlash

https://thehill.com/policy/technology/5964282-privacy-concerns-instagram-ai/
2•Alien1Being•38m ago•0 comments

Test Your Webcam and Microphone

https://webcamtester.io/en/
1•QOOBRA•38m ago•0 comments

Remembering Ken Iverson (2004)

https://web.archive.org/web/20180412035431/https://keiapl.org/rhui/remember.htm
1•tosh•48m ago•0 comments

I needed one feature for my SaaS. 6 hours later I had launched another SaaS

https://www.floatingvideo.com
1•astonfred•50m ago•1 comments

Think preprints are unreliable? Analysis of 70000 studies might change your mind

https://www.nature.com/articles/d41586-026-02167-3?linkId=62708614
2•XzetaU8•50m ago•1 comments

A proper Docker image for WebCalendar: SQLite-backed and self-contained

https://projects.rocks/blog/webcalendar-docker.html
1•mysterhawk•54m ago•0 comments

Jiki – Learn to Code the Fun Way

https://jiki.io
1•phil-pickering•55m ago•1 comments

The Hard-Line Activists Ramping Up for the War with AI

https://www.wsj.com/tech/ai/anti-ai-activists-disappearance-sam-kirchner-6872879f
2•thm•57m ago•0 comments

The Gen X Career Meltdown (2025)

https://www.nytimes.com/interactive/2025/03/28/style/gen-x-creative-work.html
2•Michelangelo11•1h ago•0 comments

In Praise of Exhaustive Destructuring

https://antoine.vandecreme.net/blog/exhaustive-destructuring-praise/
1•avandecreme•1h ago•0 comments

AST vs. Bytecode (2023) [pdf]

https://stefan-marr.de/downloads/oopsla23-larose-et-al-ast-vs-bytecode-interpreters-in-the-age-of...
1•tosh•1h ago•0 comments

When They Steal Our Future

https://karenkelsky.substack.com/p/when-they-steal-our-future
1•Michelangelo11•1h ago•0 comments
Open in hackernews

Show HN: AgentShield SDK – Runtime security for agentic AI applications

https://pypi.org/project/agentshield-sdk/
2•iamsanjayk•1y ago
Hi HN,

We built AgentShield, a Python SDK and CLI to add a security checkpoint for AI agents before they perform potentially risky actions like external API calls or executing generated code.

Problem: Agents calling arbitrary URLs or running unchecked code can lead to data leaks, SSRF, system damage, etc.

Solution: AgentShield intercepts these actions:

- guarded_get(url=...): Checks URL against policies (block internal IPs, HTTP, etc.) before making the request.

- safe_execute(code_snippet=...): Checks code for risky patterns (os import, eval, file access, etc.) before execution.

It works via a simple API call to evaluate the action against configurable security policies. It includes default policies for common risks.

Get Started:

Install: pip install agentshield-sdk

Get API Key (CLI): agentshield keys create

Use in Python: from agentshield_sdk import AgentShield # shield = AgentShield(api_key=...) # await shield.guarded_get(url=...) # await shield.safe_execute(code_snippet=...)

Full details, documentation, and the complete README are at <https://pypi.org/project/agentshield-sdk/>

We built this because securing agent interactions felt crucial as they become more capable. It's still early days, and we'd love to get your feedback on the approach, usability, and policies.

Comments

subhampramanik•1y ago
Looks interesting -- Does it work like a wrapper on top of OpenAI specs? Like, can we just replace the OpenAI package with this, and it's fully integrated?
iamsanjayk•1y ago
Hey, thanks for asking! Good question.

AgentShield isn't a wrapper around the OpenAI package, so you wouldn't replace openai with it. Think of AgentShield as a separate safety check you call just before your agent actually tries to run a specific risky action.

So, you'd still use the openai library as normal to get your response (like a URL to call or code to run). Then, before you actually use httpx/requests to call that URL, or exec() to run the code, you'd quickly check it with shield.guarded_get(the_url) or shield.safe_execute(the_code).

Currently, It focuses on securing the action itself (the URL, the code snippet) rather than wrapping the LLM call that generated it.