frontpage.

I run AI agents for coding (OpenClaw, Claude Desktop) and realized they could read their own .env files. Tested it - asked my agent to "check configuration" and it printed everything.

The problem: agents need file access to work, but if they can read files, they can read their own credentials. One prompt injection and your API keys are leaked.

Standard solutions don't help: - Environment variables: agent can read process.env - Secret managers: agent needs credentials to access them - Better prompting: can't security-patch an LLM with instructions

I built a proxy token architecture instead. The agent never sees real credentials:

- Agent has: pxr_abc123 (proxy token) - Real keys: encrypted in OS keychain - On API call: decrypt key, make call, scrub memory immediately

Built in 1 week. 500 npm installs with zero promotion (people are searching for this).

GitHub: https://github.com/VouchlyAI/Pincer-MCP npm: npm install -g pincer-mcp

Works with OpenClaw, Claude Desktop, any MCP client.

Looking for security feedback - if you see holes in the architecture, please tell me. I want to know before people trust this with production credentials.

Hypersonica tests Europe's sovereign hypersonic missile prototype

ImageJ: Workhorse of Scientific Imaging

PhysLean: Formalising Physics into Lean 4

Telstra to cut 209 jobs from AI joint venture, offshoring work to India

Nullfs has been merged for Linux 7.0

Show HN: A framework that makes your AI coding agent learn from every session

How the GNU C Compiler became the Clippy of cryptography

I guess we're doing Moon factories now

What is this and why do people do it?

Show HN: Running a public CORS proxy on the open internet for 4 years

Tell HN: Increased 403's on the Cloudflare Dashboard

Fluorite, Toyota's Upcoming New Game Engine in Flutter [video]

Entertainment Computer System

Someone's attacking SolarWinds WHD to steal credentials – but we don't know how

Show HN: MCP App Template designed for coding agents

My Thoughts on AI

Show HN: Seedance2 – Stop "prompt guessing" and start directing AI video

Scientists Found a Mysterious Cave Full of Million-Year-Old Fossils

Show HN: Business card scanner with frame selection, dedupe, and vCard export

LightRag / GraphRag Implementation in Rust

Show HN: Claude Meter – macOS menu bar app to track your Claude Code usage limit

MechaEpstein-8000

Europe's 'painful' realisation it must be bolder with US: security report

Show HN: Konform Browser v140.7.0-108

Structure Beats Prose: Specs for Coding Agents That Work

Design is dead, it's all evolution now

Mistral.rs – Fast, zero-config multimodal LLM inference for a variety of models

Benchmarking Claude C Compiler

What Moltbook alternatives are doing some actual constructive work?

Show HN: PhoneClaw