frontpage.

Anthropic's Model Context Protocol (MCP) has made it easy to spin up servers that expose tools and data to LLMs.

A lot of these MCP servers run locally because they need access to your files, shell, browser, etc. The problem: they typically run with the same privileges as your user. If a server is buggy, misconfigured, or prompt-injected, it can do anything you can do: read SSH keys, exfiltrate dotfiles, poke around in private repos, etc.

Our research group is working on this by adding a security manifest (inspired by the Android app manifest) plus a local policy enforcement engine that sandbox MCP servers. You can specify which hosts they can reach, which files/directories they can read/write, and so on, instead of giving them full user-level access.

Code and docs: https://github.com/orgs/GuardiAgent/repositories https://www.guardiagent.com

Curious how others are locking down agents/tools today and what you'd want from a system like this.

Bring TeXmacs to Your Students and Colleagues

How LLMs generate judgments

Dos and Don't for Any Place

RISC OS and NetBSD running on the same SoC

iOS Clone SwiftUI

'Living off the land' allowed Russia-linked group to breach Ukrainian entities

Reinforcement Learning Control of Quantum Error Correction

Trump admin attempts to open pristine Alaska wildlife refuge to gas/oil drilling

Show HN: RAG-chunk – A tool to choose optimal chunk sizes for RAG

Trump administration eliminates protections for endangered species

A new bill could sink India's drones from the sky

Show HN: GuardiAgent – Sandboxing / permission model for MCP servers

Abuse of the nullish coalescing operator in JS/TS

Brexit Hit to UK Economy Double Official Estimate, Study Finds

AI Eats the World [pdf]

Nation-state actors bridging cyber and kinetic warfare

Show HN: Get Fat Slowly

A $5 Domain Purchase Exposed Critical AI Agent Security Flaws – Deep Dive

Show HN: Understand Mortgage Cash Flows

How a French judge was digitally cut off by the USA

The Violent Aerodynamics of a Pastry

What does your hiring process look like in a post-ChatGPT world?

X11 Record and Replay

NASA Mars Relay Network visualization tool

I Quit Algorithmic Trading to Do Web Startups (2010)

UK minister ducks cost questions on nationwide digital ID scheme

Walrus: A Cross-Domain Foundation Model for Continuum Dynamics

Flowers for Algernon

Google's Gemini 3 Is Here: A Special Early Look

YouTube suddenly played at 1am (found the culprit)

Show HN: GuardiAgent – Sandboxing / permission model for MCP servers

Bring TeXmacs to Your Students and Colleagues

How LLMs generate judgments

Dos and Don't for Any Place

RISC OS and NetBSD running on the same SoC

iOS Clone SwiftUI

'Living off the land' allowed Russia-linked group to breach Ukrainian entities

Reinforcement Learning Control of Quantum Error Correction

Trump admin attempts to open pristine Alaska wildlife refuge to gas/oil drilling

Show HN: RAG-chunk – A tool to choose optimal chunk sizes for RAG

Trump administration eliminates protections for endangered species

A new bill could sink India's drones from the sky

Show HN: GuardiAgent – Sandboxing / permission model for MCP servers

Abuse of the nullish coalescing operator in JS/TS

Brexit Hit to UK Economy Double Official Estimate, Study Finds

AI Eats the World [pdf]

Nation-state actors bridging cyber and kinetic warfare

Show HN: Get Fat Slowly

A $5 Domain Purchase Exposed Critical AI Agent Security Flaws – Deep Dive

Show HN: Understand Mortgage Cash Flows

How a French judge was digitally cut off by the USA

The Violent Aerodynamics of a Pastry

What does your hiring process look like in a post-ChatGPT world?

X11 Record and Replay

NASA Mars Relay Network visualization tool

I Quit Algorithmic Trading to Do Web Startups (2010)

UK minister ducks cost questions on nationwide digital ID scheme

Walrus: A Cross-Domain Foundation Model for Continuum Dynamics

Flowers for Algernon

Google's Gemini 3 Is Here: A Special Early Look

YouTube suddenly played at 1am (found the culprit)