frontpage.

Ash is a macOS sandbox that restricts AI coding agents. It limits access to files, networks, processes, IO devices, and environment variables. You can use Ash with any CLI coding agent by wrapping it in a single command: `ash run -- <agent>`. I typically use it with Claude to stay safe while avoiding repetitive prompts: `ash run -- claude --dangerously-skip-permissions`.

Ash restricts resources via the Endpoint Security and Network Extension frameworks. These frameworks are significantly more powerful than the sandbox-exec tool.

Each session is driven by a policy file. Any out-of-policy action is denied by default. You can audit denials in the GUI app, which lets you view out-of-policy actions and retroactively add them to your policy file.

Ash also comes with tools for building policies. You can use an "observation session" to watch the typical behavior of a coding agent and capture that behavior in a policy file for future sandbox sessions. Linting, formatting, and rule merging are all built into the Ash CLI to keep your policy files concise and maintainable.

Download Ash at https://ashell.dev

The Bay Area Considers the Unthinkable: Life Without BART

A Methodological Critique of "First Proof" (Abouzaid et al., 2026)

Umbra Open Data Tracker

Show HN: A tool for arranging photos for home-printing without wasting paper

I've never parented a 6-year-old child. But I've dealt with macOS system updates

Rising Air-Conditioning Use Intensifies Global Warming

Exigy Shareware Construction Kit

Every paper published in the Bridges Conference on art and mathematics

I built a RabbtiMQ UI alternative because its not 2005 anymore

How God Got So Great

Texas women used crow drones to fly drugs into Louisiana prison

Local-First CI/CD with Makefiles

I'm 21 and My Startup Scalify.ai Is Going Viral

Show HN: RunAnwhere – Faster AI Inference on Apple Silicon

"This guy's arrogance takes your breath away" (2016)

The evolution of Mac app window corners

Gateproof: Build Software in Reverse

Philippines shifts to four-day work week as Iran war pushes oil prices up

Kung Fu: The Way of Violence Has No Mind [video]

Team simulates a living cell that grows and divides

Isotopic Evidence for a Cold and Distant Origin of Interstellar Object 3I/Atlas

Defeat as Method

Ad-tech is fascist tech

Berth – One-command deploys for AI-generated code (no Docker, no YAML)

Writing an LLM from scratch, part 32e – Interventions: the learning rate

Microsoft Copilot Update Hijacks Default Browser Links

Is Music Just Sound?

Starting to building an open-source tool to track how AI agents search the web

A funny game:Guesss AI or human?