frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Show HN: MinimumReleaseAge-style protection for Agent Skills

https://github.com/skill-mill/agent-skill-porter
1•hatappo•1h ago

Comments

hatappo•1h ago
I’ve been building `agent-skill-porter`, a CLI for managing AI agent Skills across ecosystems:

https://github.com/skill-mill/agent-skill-porter

One thing that bothered me is that Skills usually sit outside normal package-manager protections.

Package ecosystems are increasingly using ideas like pnpm’s `minimumReleaseAge` and uv’s `--exclude-newer` to avoid pulling in artifacts that are too new. But Skills often aren’t package-managed at all, even though they may include helper scripts, downloaded artifacts, and even binaries.

Given recent supply-chain incidents like the axios compromise, and research like Snyk’s ToxicSkills report, that felt like a real gap.

So I added a cooldown mechanism based on the Git tree hash of the skill directory.

The CLI now resolves a Skill from Git history, treats the skill directory tree as the release unit, and only installs/updates to a tree that is older than a configured minimum age. If the latest one is too new, it falls back to the newest eligible older tree.

This is implemented as `--min-age` for add/download/update. ex. `sk add https://github.com/remotion-dev/skills --min-age 30`

I’d be especially interested in feedback on whether “directory tree hash” seems like the right trust/version boundary for non-package-managed AI artifacts.

Elon Musk's SpaceX files to go public

https://www.axios.com/2026/04/01/spacex-elon-musk-ipo
1•rurp•2m ago•0 comments

How many trackers are there?

https://adguard.com/en/blog/adguard-ad-tracker-report-2025.html
2•twapi•3m ago•0 comments

Bluesky Is Made with AI

https://bsky.app/profile/jay.bsky.team/post/3micqcyeawc2g
2•ronsor•3m ago•0 comments

Sequential Optimal Packing for PCB Placement

https://blog.autorouting.com/p/sequential-optimal-packing-for-pcb
1•seveibar•5m ago•0 comments

Scientists crack a 20-year nuclear mystery behind the creation of gold

https://www.sciencedaily.com/releases/2026/03/260313002633.htm
2•prabal97•9m ago•0 comments

Show HN: Auto sketch prompt and AI renderings for architects

https://renderai.app/
1•franrai•10m ago•1 comments

Croatia's Football Team Signed Deal with Fake Gambling Sponsor Rep

https://www.bellingcat.com/news/2026/04/01/croatian-football-teams-deal-with-gambling-sponsor/
1•lschueller•11m ago•0 comments

Ask HN: What happens when you block/mark as spam a call or text?

2•dsalzman•12m ago•0 comments

Ask HN: Is this type of person rare?

2•piratesAndSons•12m ago•1 comments

What Claude Code Leak Teaches Us About Agent Skills

https://skilldb.dev/blog/claude-code-leaked-what-500k-lines-teach-us-about-agent-skills
2•dev_chad•12m ago•0 comments

An Aroma Most Beguiling

https://orionmagazine.org/article/an-aroma-most-beguiling/
1•Petiver•12m ago•0 comments

Optimizing Page Size

https://www.redblobgames.com/blog/2026-03-25-optimizing-page-size/
1•ingve•13m ago•0 comments

Robotics Infra: Deploying DeepMind's MuJoCo on Azure, Part 2: Microsoft Heard Us

https://www.hapticlabs.ai/blog/2026/03/31/deploying-mujoco-on-azure-ml-part-2
2•mexitlan•15m ago•0 comments

The Habitable Zone

https://science.nasa.gov/exoplanets/habitable-zone/
1•thunderbong•15m ago•0 comments

Are We Having Fun Yet?

https://makoism.com/are-we-having-fun-yet/
2•speckx•15m ago•0 comments

SpaceX confidentially files to go public at $1.75T, reports say

https://www.theguardian.com/technology/2026/apr/01/spacex-public-offering-stock-market
6•bookofjoe•16m ago•0 comments

How to Get to Tomorrow

https://campedersen.com/kardashev
1•aduffy•17m ago•0 comments

PHPantom: A Fast PHP Language Server Built in Rust

https://github.com/AJenbo/phpantom_lsp
1•Kovah•18m ago•0 comments

NASA's Artemis II Crew Launches to the Moon (Official Broadcast) [video]

https://www.youtube.com/watch?v=Tf_UjBMIzNo
2•twalichiewicz•19m ago•0 comments

ESLint plugin that audits vibe-coded Next.js apps before a dev touches them

https://github.com/srk0102/stackrules
1•srk0102200•19m ago•0 comments

MCP isn't winning because it's technically necessary – it won the way syslog won

https://nickromito.substack.com/p/what-are-my-thoughts-on-mcp
2•nromito•20m ago•0 comments

High-performance cell atlas workflow driven by manifold fitting

https://phys.org/news/2026-02-high-cell-atlas-workflow-driven.html
1•PaulHoule•22m ago•0 comments

Making and Meeting Moloch: Game design and the pressure to make numbers go up

https://knowingken.com/making-and-meeting-moloch
1•andthenzen•22m ago•0 comments

Trinity-Large-Thinking: Scaling an Open Source Frontier Agent

https://www.arcee.ai/blog/trinity-large-thinking
2•linolevan•22m ago•0 comments

Robot Umpires Have Arrived–and They're Making Baseball Players Shrink

https://www.wsj.com/sports/baseball/mlb-robot-umpires-abs-shrinking-65eaacf5
1•coloneltcb•23m ago•0 comments

Artemis Astronauts Board Spacecraft for NASA Moon Launch

https://www.nytimes.com/live/2026/04/01/science/moon-nasa-artemis-launch
3•Alupis•25m ago•1 comments

SpaceX files for IPO, targets $1.75T valuation

https://arstechnica.com/space/2026/04/spacex-finally-files-for-ipo-targets-1-75-trillion-valuation/
6•AndrewDucker•28m ago•2 comments

NASA Teams Readying Artemis II Moon Rocket for Launch

https://www.nasa.gov/blogs/missions/2026/03/31/nasa-teams-readying-artemis-ii-moon-rocket-for-lau...
1•Alupis•28m ago•0 comments

Affected by This LastPass Breach? How to Get a Cut of the $24.5M Settlement

https://www.pcmag.com/news/affected-by-this-lastpass-breach-how-to-get-a-cut-of-the-245m-settlement
3•fraXis•30m ago•0 comments

Show HN: Modern AI assisted goals and performance management

https://prfrm.architectfwd.com
2•quintes•31m ago•0 comments