frontpage.

At my last company, we connected Claude Code and Cursor to almost all our internal services via MCP. It made the team incredibly fast, but we hit a wall: permissions.

If you give an agent "Read Only" access, it can’t actually fix anything. If you give it "Write" access, it’s only a matter of time before a hallucination or a bad prompt results in a deleted database or a nuked production bucket. We had a few "close calls" that convinced us that simply reducing IAM permissions makes agents useless.

I built Armour (https://github.com/fuushyn/armour) to solve this. It’s a stdio proxy for MCP servers that lets you stay "secure by default" without stripping the agent's capabilities.

How it works: Instead of connecting your IDE directly to an MCP server, you point it to Armour. It acts as a middleware layer where you can:

Argument-level blocking: This is the core feature. You can allow an agent to use a tool like github, but block specific arguments like delete.

The goal is to move away from the "all-or-nothing" permission model. You should be able to trust an agent with a shell without worrying it will run rm -rf /.

Repo - https://github.com/fuushyn/armour

Collaborative editing with AI is hard

Show HN: WhoDB CLI – Terminal database client (Golang) with local AI support

Hootsuite seeks business with ICE amid financial pressures

Stop Vibe Shipping Agents

Amazon CEO says Trump tariffs are driving prices up

My Meandering Path to Silver

Got factory ruin. Now builds Nordic prefab homes with industrial precision [video]

Guide to Retroarch, system, emulator, core, and ROM config files (2021)

Can you read 900 words per minute?

WildCAT3D: Appearance-Aware Multi-View Diffusion in the Wild

Article on the History of Spot Instances: Analyzing Spot Instance Pricing Change

Show HN: NativeLine – Build native iOS apps through conversation (Swift only)

Ozempic Is Reshaping the Fast Food Industry

Show HN: Open-source tool for converting docs into .md and loading into Postgres

Monitor Hacker News Post in Realtime

Shallow review of technical AI safety (2025)

Show HN: Run Claude Code from WhatsApp

The Repetition of China

Memory chip makers could face 100% tariffs unless increased US production

'It's Now Happening'–Urgent U.S. Dollar 'Collapse' Warning Issued

A scammer's blueprint: How cybercriminals plot to rob a target in a week

Pipeline Parallelism in SGLang: Scaling to Million-Token Contexts and Beyond

SWE-gen: Scaling SWE-bench task generation

Blog: Prototyping a Bloom filter-based erasure code in Zig

Ads in ChatGPT, Why OpenAI Needs Ads, the Long Road to Instagram

Curl closing their bug bounty due to overload and abuse

The Battlefield Is Now Your Mind

File systems are here to stay

Free Next.js Hosting

Claude Code as a Sales Guy

Show HN: Armour – A secure stdio MCP proxy, written in Go

Comments