frontpage.

https://docs.openparallax.dev

I kept reading about security issues with open source AI agents. Deleting important data, exfiltrating confidential information. Another thing was the technical difficulty of setting one up. Non-technical friends of mine kept reaching out because they were unable to find their way around installing it.

I built an open-source AI agent for personal use where the LLM reasoning system literally cannot execute anything. It runs in a sandboxed process with no filesystem, no network, no shell. It proposes actions over gRPC to a separate engine process that validates every action through four tiers. YAML policy rules, a heuristic engine + DeBERTa classifier, an independent (reversed prompted) LLM evaluator, and human in the loop. Actions that fail validation are blocked. The system also tags data sensitivity (IFC) and snapshots state before destructive actions for rollback. Multiple heterogeneous levels of validation means a wider coverage of attack surfaces. The reasoning system is treated as fully compromised by default, so the security boundary holds regardless of what the LLM does.

I wrote it in Go, it's one single static binary. Tested it against 280 adversarial cases with 98.9% block rate and zero false positives under default config. The agent is multiplatform, installed with one command, setup and ready to run in under 3 minutes (with API keys in hand). No external dependencies needed (no nodejs, python or docker)

Repo: https://github.com/openparallax/openparallax

Paper (draft, arXiv submission pending): https://github.com/openparallax/openparallax/releases/downlo...

Happy to answer questions about the architecture, threat model, or evaluation.

Ravi – Identity infrastructure for autonomous AI agents (email, phone, vault)

Atoms' First Open Source Project: Splitter

Show HN: Build Android homescreen widgets with Python

Framework fitting non linear equations on a unit square

Anker's EufyMake E1 Brings Printers Out of the Dark Ages

If it could have, why didn't it?

Oracle Gives Corporate Bankers AI Coworkers

Zuver – Build your enterprise Agents with just 10MB RAM

Built agents and desktop app to work from local files and folders

Why reviewing code doesn't mean understanding it

Learnability and Privacy Vulnerability Are Entangled in a Few Critical Weights

Hypequery – Type-safe ClickHouse queries that work across your back end

We made compliance violations compiler errors, not audit findings

Ask HN: What's your favorite security cam system?

All your writing tools in one place

Agentic coding at enterprise scale demands spec-driven development

GLP-1 medicine improves liver health independent of weight loss

'This is a Witch Hunt': Poker World Rallies Behind the Lodge After $2M Seizure

ProductHunt Botched Our Launch

OpenAI's internal memo about beating the competition

Show HN: ClaudeMap – Google Maps for your codebase, runs as a Claude Code skill

Loonies for Loongsons

Critically Endangered Crafts in the UK

AI Browser Agent Leaderboard

Show HN: Hacienda-CLI – CLI to reconcile Spanish tax returns with the tax agency

PyCon US 2026: Why we're asking you to think about your hotel reservation

Turn your best AI prompts into one-click tools in Chrome

NYC to open municipal grocery store in 2027

Google App Available for Windows

Modifying FileZilla to Workaround Bambu 3D Printer's FTP Issue

Show HN: OpenParallax: OS-level privilege separation for AI agent execution