frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Cppsp v1.4.5–custom pattern-driven, nested, namespace-scoped templates

https://github.com/user19870/cppsp
1•user19870•18s ago•1 comments

The next frontier in weight-loss drugs: one-time gene therapy

https://www.washingtonpost.com/health/2026/01/24/fractyl-glp1-gene-therapy/
1•bookofjoe•3m ago•1 comments

At Age 25, Wikipedia Refuses to Evolve

https://spectrum.ieee.org/wikipedia-at-25
1•asdefghyk•5m ago•2 comments

Show HN: ReviewReact – AI review responses inside Google Maps ($19/mo)

https://reviewreact.com
1•sara_builds•6m ago•0 comments

Why AlphaTensor Failed at 3x3 Matrix Multiplication: The Anchor Barrier

https://zenodo.org/records/18514533
1•DarenWatson•7m ago•0 comments

Ask HN: How much of your token use is fixing the bugs Claude Code causes?

1•laurex•10m ago•0 comments

Show HN: Agents – Sync MCP Configs Across Claude, Cursor, Codex Automatically

https://github.com/amtiYo/agents
1•amtiyo•11m ago•0 comments

Hello

1•otrebladih•13m ago•0 comments

FSD helped save my father's life during a heart attack

https://twitter.com/JJackBrandt/status/2019852423980875794
2•blacktulip•15m ago•0 comments

Show HN: Writtte – Draft and publish articles without reformatting, anywhere

https://writtte.xyz
1•lasgawe•17m ago•0 comments

Portuguese icon (FROM A CAN) makes a simple meal (Canned Fish Files) [video]

https://www.youtube.com/watch?v=e9FUdOfp8ME
1•zeristor•19m ago•0 comments

Brookhaven Lab's RHIC Concludes 25-Year Run with Final Collisions

https://www.hpcwire.com/off-the-wire/brookhaven-labs-rhic-concludes-25-year-run-with-final-collis...
2•gnufx•21m ago•0 comments

Transcribe your aunts post cards with Gemini 3 Pro

https://leserli.ch/ocr/
1•nielstron•25m ago•0 comments

.72% Variance Lance

1•mav5431•26m ago•0 comments

ReKindle – web-based operating system designed specifically for E-ink devices

https://rekindle.ink
1•JSLegendDev•28m ago•0 comments

Encrypt It

https://encryptitalready.org/
1•u1hcw9nx•28m ago•1 comments

NextMatch – 5-minute video speed dating to reduce ghosting

https://nextmatchdating.netlify.app/
1•Halinani8•29m ago•1 comments

Personalizing esketamine treatment in TRD and TRBD

https://www.frontiersin.org/articles/10.3389/fpsyt.2025.1736114
1•PaulHoule•30m ago•0 comments

SpaceKit.xyz – a browser‑native VM for decentralized compute

https://spacekit.xyz
1•astorrivera•31m ago•0 comments

NotebookLM: The AI that only learns from you

https://byandrev.dev/en/blog/what-is-notebooklm
2•byandrev•31m ago•1 comments

Show HN: An open-source starter kit for developing with Postgres and ClickHouse

https://github.com/ClickHouse/postgres-clickhouse-stack
1•saisrirampur•32m ago•0 comments

Game Boy Advance d-pad capacitor measurements

https://gekkio.fi/blog/2026/game-boy-advance-d-pad-capacitor-measurements/
1•todsacerdoti•32m ago•0 comments

South Korean crypto firm accidentally sends $44B in bitcoins to users

https://www.reuters.com/world/asia-pacific/crypto-firm-accidentally-sends-44-billion-bitcoins-use...
2•layer8•33m ago•0 comments

Apache Poison Fountain

https://gist.github.com/jwakely/a511a5cab5eb36d088ecd1659fcee1d5
1•atomic128•35m ago•2 comments

Web.whatsapp.com appears to be having issues syncing and sending messages

http://web.whatsapp.com
1•sabujp•35m ago•2 comments

Google in Your Terminal

https://gogcli.sh/
1•johlo•36m ago•0 comments

Shannon: Claude Code for Pen Testing: #1 on Github today

https://github.com/KeygraphHQ/shannon
1•hendler•37m ago•0 comments

Anthropic: Latest Claude model finds more than 500 vulnerabilities

https://www.scworld.com/news/anthropic-latest-claude-model-finds-more-than-500-vulnerabilities
2•Bender•41m ago•0 comments

Brooklyn cemetery plans human composting option, stirring interest and debate

https://www.cbsnews.com/newyork/news/brooklyn-green-wood-cemetery-human-composting/
1•geox•41m ago•0 comments

Why the 'Strivers' Are Right

https://greyenlightenment.com/2026/02/03/the-strivers-were-right-all-along/
1•paulpauper•43m ago•0 comments
Open in hackernews

Ask HN: Best practice securing secrets on local machines working with agents?

10•xinbenlv•2w ago
When building with autonomous / semi-autonomous agents, they often need broad local access: env vars, files, CLIs, browsers, API keys, etc. This makes the usual assumption — “the local machine is safe and untampered” — feel shaky.

We already use password managers, OAuth, scoped keys, and sandboxing, but agents introduce new risks: prompt injection, tool misuse, unexpected action chains, and secrets leaking via logs or model context. Giving agents enough permission to be useful seems at odds with least-privilege.

I haven’t seen much discussion on this. How are people thinking about secret management and trust boundaries on dev machines in the agent era? What patterns actually work in practice?

Comments

deflator•2w ago
I've been having success using Doppler for secret storage. Takes it off the filesystem.
xinbenlv•2w ago
My question is not about on or off storage, is more about when you give agent access, it assume the environment agent runs is safe
algebra-pretext•2w ago
I’m not too familiar with the space, but a friend of mine works at Descope[0] where they offer IAM solutions for agents.

[0] https://www.descope.com/

xinbenlv•2w ago
is the permission device+client based or role based?
nojs•2w ago
Run the agent in a sandbox without access to production secrets.
xinbenlv•2w ago
What if you simply need to give them access. E.g if you want them to do code review you have to at least give them code repo read access. But you don't know if the environment where agent runs will be compromised
mejutoco•1w ago
If you give read access with their own api key they will only get read access, the access that you gave them. Not sure what is the issue.
CriptoSeguro25•2w ago
TBH, the best pattern I've seen is just nuking the secrets at the input level. Run a local regex watcher in-memory that flags anything looking like a PK or seed phrase before it even hits the agent's context window. Keeps it off the network stack entirely
xinbenlv•2w ago
Any prompt injection attack could by pass this by simply do a base64 or any encoding, I guess?
CriptoSeguro25•2w ago
You ar absolutely right. Obfuscation like Base64 or rot13 will always beat static Regex. I was thinking more in terms of a seatbelt for accidental leaks user error rather than a defense against adversarial prompt injection. It's about reducing the blast radius of clumsy mistakes, not stopping a determined attacker.
bilbo-b-baggins•2w ago
The solution that Anthropic uses for Claude Code Web for repository access is to not give the LLM any secrets at all - anything requiring escalated privilege is done through a proxy which holds the credentials.
varshith17•2w ago
Concrete setup: (1) All secrets in 1Password/Bitwarden with CLI, (2) Agent sandbox with no env var access, (3) Wrapper scripts that fetch secrets on-demand and inject at runtime, (4) Context scrubbers that strip secrets before LLM sees logs. Key insight: don't prevent agent access to secrets, prevent secrets from entering agent context/logs. Different problem, solvable with tooling.