frontpage.

Anthropic says on their safety page: "these filters are not a security boundary." Snyk found 36% of ClawHub skills contain security flaws. Trend Micro documented malware being distributed through ClawHub.

These agents have shell access, file access, and connected accounts. We built Shoofly to sit in front of tool calls before they fire.

- PreToolUse / PostToolUse hooks intercept every tool call - Blocks prompt injection, credential theft, unauthorized writes, malware in tool results - Works with OpenClaw, Claude Code CLI, and Cowork / Dispatch - Open YAML policy -- read it, fork it, audit it - Free tier detects. $5/mo blocks.

The Cowork piece was the interesting part. Cowork runs Claude Code inside a full Ubuntu VM -- host hooks don't fire there. We used the plugin system with hooks/hooks.json and VirtioFS to get sub-50ms alert latency from inside the VM to host notifications.

curl -fsSL https://shoofly.dev/install.sh | bash

shoofly.dev

What if AI doesn't need more RAM but better math?

Show HN: Prompt Injection Experiments in OpenClaw with Opus4.6

My Hands-On Guide to the Best AI HR Software in 2026

Specific ways to get early users for your new product [video]

Deadlock, Circular Reference and Halting

The Lamentations of a Rocking Chair

We put browsers on thousands of people's devices so antibots can't block us

Linux, Finally for Everyone

Is Your Language Learning App Lying to You?

Ask HN: Non-AI, engineering blogs? 2026

I built an agent orchestrator within tmux

Can you crack today's Numble?

Show HN: Public transit systems as data – lines, stations, railcars, and history

Show HN: Liter-LLM, Universal LLM client in Rust with bindings for 11 languages

Agent Orchestrator Within Terminal

Russia can't escape this disaster [video]

WSL's GitHub repository is being hit with a wave of Chinese spam issues

Show HN: Built tool to turn n8n workflows into OpenClaw-compatible agent skills

Iran's propaganda machine trolls Trump

Cloud Sync not working with iPhone, works fine for Mac

Donald Trump says 'Cuba is next' in speech touting US Military successes

The Bay Area Exclusion License

TypeScript game engine for single / multiplayer browser based games

Iranian Hackers Breached Kash Patel's Email–But Not the FBI's

Next 12 months: Production Code that runs itself

The road to electric – in charts and data [UK]

Cory Doctorow's self-hosted did:web Bluesky server

A Recipe for Steganogravy

Show HN: Home Maker: Declare Your Dev Tools in a Makefile

Splyc

Show HN: Shoofly – pre-execution security for Claude Code Cowork and OpenClaw