frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Free artwork for personal or commercial use

https://www.patreon.com/posts/free-artwork-for-108545521
1•techwrath11•59s ago•0 comments

Show HN: Page speed analysis and optimization tool for advanced users

https://pagegym.com/
1•razcoj•1m ago•0 comments

Never do in the cloud what you can do locally

https://cloud.google.com/billing/docs/concepts
1•MostlyRetarded•2m ago•0 comments

Kasparov: "Putin is testing Europe: before the end of the year, he will invade

https://www.mundoamerica.com/news/2025/10/06/68e3ae8be9cf4a1c738b45a5.html
1•nabla9•2m ago•1 comments

Scientists Discover Creature That Exists Between Life and Not-Life

https://www.popularmechanics.com/science/animals/a65193552/archaea-cell-virus/
1•vinhnx•2m ago•0 comments

The Greatest Paper Airplanes

https://archive.org/details/PAPERAIR
1•bane•5m ago•0 comments

Ask HN: Should product/engineering teams reorg as prototypers/scalers?

2•raknahs1991biz•6m ago•0 comments

Show HN: I made games so boring the fun part is guessing your score

https://boring.game/
2•chris_r_123•7m ago•0 comments

Nanochat

https://twitter.com/karpathy/status/1977755427569111362
2•jbegley•7m ago•0 comments

Cholesterol-lowering drugs could reduce risk of dementia

https://medicalxpress.com/news/2025-10-cholesterol-lowering-drugs-dementia.html
1•bikenaga•8m ago•0 comments

What Dynamic Typing Is For

https://unplannedobsolescence.com/blog/what-dynamic-typing-is-for/
2•todsacerdoti•9m ago•0 comments

'Chemo brain' cognitive issues linked to poor lymphatic-system drainage

https://medicalxpress.com/news/2025-10-chemo-brain-cognitive-issues-linked.html
1•bikenaga•9m ago•0 comments

Paraguay – The Silicon Valley of South America?

https://www.bbc.com/news/articles/c4g92xq8wdlo
1•Taikonerd•10m ago•0 comments

Terahertz Light Unlocks a New Class of Non-Volatile Memory

https://www.science.org/doi/10.1126/science.adz5230
1•willmadden•10m ago•1 comments

Android's sideloading limits are its most anti-consumer move yet

https://www.makeuseof.com/androids-sideloading-limits-are-anti-consumer-move-yet/
4•josephcsible•12m ago•0 comments

Trying Out the Ptyxis Terminal Emulator

https://leo3418.github.io/2025/08/14/trying-ptyxis.html
1•Lockal•13m ago•0 comments

Sending a message: Beijing issues documents without Word format amid US tensions

https://www.scmp.com/economy/china-economy/article/3328782/sending-message-beijing-issues-documen...
5•akyuu•13m ago•1 comments

NanoChat – The best ChatGPT that $100 can buy

https://github.com/karpathy/nanochat
3•huseyinkeles•13m ago•0 comments

Fzf 0.66.0 introduces "–raw mode"

https://github.com/junegunn/fzf/releases/tag/v0.66.0
1•birdculture•15m ago•0 comments

Is this the longest time anyone's taken to update an app?

https://lab174.com/blog/20251013-the-longest-amount-of-time-between-updates/
1•merelysounds•15m ago•0 comments

PFAS: A French region has banned tap water. A warning for the rest of Europe?

https://www.theguardian.com/environment/2025/jul/01/pfas-forever-chemicals-water-contamination-sa...
1•akyuu•17m ago•0 comments

How parallelizing your builds can slow them down

https://thefridaydeploy.substack.com/p/how-parallelizing-your-builds-can
1•telliott1984•18m ago•0 comments

Joy in Israel as Hostages Return

https://www.bbc.co.uk/news/live/cx2r2z0gyp7t
2•FridayoLeary•20m ago•0 comments

Show HN: Digital Accessibility Workflow Platform

https://testparty.ai
1•jztan•21m ago•1 comments

Maze Generator

https://mazegenerator.net/
1•bookofjoe•22m ago•0 comments

Don't Buy Antivirus, Use an LLM Instead

https://gxenos.github.io/personal-blog/posts/llm-as-av/
3•gxenos95•23m ago•2 comments

He Won the $2B Lottery. Now He's Buying Up Lots Burned in the L.A. Fires

https://www.wsj.com/economy/housing/altadena-powerball-winner-los-angeles-fires-5acd346e
2•toomanyrichies•24m ago•0 comments

Polarization fluctuates around political events, study shows

https://phys.org/news/2025-09-polarization-fluctuates-political-events.html
1•PaulHoule•24m ago•0 comments

The height at which a hill becomes a mountain, according to data

https://www.washingtonpost.com/business/2025/10/13/real-height-which-hill-becomes-mountain-accord...
1•thinkingemote•25m ago•0 comments

MCP and the Future of AI

https://www.contraption.co/mcp-and-the-future-of-ai/
1•philip1209•25m ago•0 comments
Open in hackernews

Archestra's Dual LLM Pattern: Using "Guess Who?" Logic to Stop Prompt Injections

https://www.archestra.ai/blog/dual-llm
5•ildari•1h ago

Comments

ildari•1h ago
Hi HN, I'm Ildar from Archestra, we build an open-source LLM gateway. We've been exploring ways to protect AI agents from prompt injections during tool calls and added the approach, inspired by the game "Guess Who", where the agent can learn what it needs without ever seeing the actual result. See the details in the blog post we wrote
magicalhippo•1h ago
I've tried some of these prompt injection techniques, and simply asked a few local models (like Gemma 2) if they thought it was very likely a prompt injection attempt. They all managed to correctly flag my attempts.

I know LLama folks have a special Guard model for example, which I imagine is for such tasks.

So my ignorant questions are this:

Do these MCP endpoints not run such guard models, and if so why not?

If they do, how come they don't stop such blatant attacks that seemingly even an old local model like Gemma 2 can sniff out?

joeyorlando•1h ago
hey there

Joey here from Archestra. Good question. I recently was evaluating what you mention, against the latest/"smartest" models from the big LLM providers, and I was able to trick all of them.

Take a look at https://www.archestra.ai/blog/what-is-a-prompt-injection which has all the details on how I did this.

magicalhippo•18m ago
Thanks. Interesting and scary such blatant attempts succeed. After all, all external data is evil, we all know that right?
ildari•1h ago
Most mcp endpoints don’t run any models, the main model decides which tools the ai agent should execute, and if the agent passes results back into context, that opens the door to prompt injections.

It’s really a cat-and-mouse game, where for each new model version, new jailbreaks and injections are found