frontpage.

Show HN: BetterClaw – Compile a paragraph into a workflow that gates agent tools

2•infamous-oven•1h ago

Hi HN, I built BetterClaw after watching the PocketOS incident on April 25: a Cursor agent running Claude deleted a company's entire production database in 9 seconds, then zapped the backups. The agent had access to a Railway MCP server with destructive tools, and "be careful" in the system prompt didn't bind anything.

BetterClaw takes a different angle: you describe the workflow you want in plain English ("Diagnose the credential mismatch - read the config, test the connection, report findings — do not modify or delete anything"), and the CLI compiles that paragraph into a directed graph of nodes, where each node declares which tools are allowed at that step. A plugin hooks into your agent's tool-call path and blocks anything outside the graph before it dispatches to the MCP server.

So in the PocketOS reproducer (included in the repo with a mock Railway server, so you can run it without an account): the agent tries railway_delete_volume mid-conversation, the hook returns a deviation error, the volume is never touched.

What I'd love feedback on:

   - Is "paragraph -> graph" the right authoring model, or should this be YAML / a DSL?                                                                                                                                                                     
   - Where does this fall down for you? (Multi-step approvals? Loops? Sub-agents?)                                                                                                                                                                      
   - What other agent runtimes should we support beyond Claude Code + Cowork + OpenClaw?

Repo: https://github.com/jfan22/BetterClaw

Demo (90s): https://youtu.be/ZreUtANHET0?si=VpdjA6lf0Wa1mhoi

Install: npm install -g @betterclaw-ai/cli

Apache 2.0.

Embedded Rust or C Firmware? Lessons from an Industrial Microcontroller Use Case

US ransomware negotiators get 4 years in prison over BlackCat attacks

Ask HN: How do you feel about AI assisted blogging?

Show HN: Glyph – byte-exact substring retrieval (~1.5ms, FM-index)

Berkshire Has a Website from the '90s and Buffett Fans Say Don't Mess with It

Only One Side Will Be the True Successor to MS-DOS – OS/2 1.x

The Attention Your Phone Stole Was Gone

Show HN: Stanzio, AI presentation tool that designs each slide as real HTML

Bolt Graphics Targets FP64 HPC Workloads with Zeus GPU

Microsoft rolls out Xbox Mode, bringing a console-like experience to any PC

An AI reasoning system just discovered a candidate universal law in astrophysics

Keep your coding agent on track

Workflow Engine for Async Microservice Flows

Making America's Houses Bigger May Have Been a Mistake

Show HN: MappyMail – The cheapest way to send letters online

Hyper Personal Software

Coverage-guided and grammar-aware and LLM fuzzing finds 100 compiler bugs

Long-term support for Determinate Secure Packages 25.11

Art and War with a Master Storyteller

CA Billionaire Spends $3.5M to oppose OpenAI in NY house race

Anthropic's anti-distillation defense,reverse-engineered from Claude Code source

Ling-2.6-1T: A Trillion-Parameter Comprehensive Flagship Model for Complex Tasks

Show HN: LocalVQE: Tiny ~1M param audio model that cancels echo and noise

SpaceX spending on Starship tops $15B in rush for airline-like rocketry

Publishers Demand Accountability from Common Crawl over Unauthorized Use

Ask HN: How do you self-host your apps?

Without warning, Germany ordered Lexus to remotely shut down the remote-start

AI commerce needs an MLPerf – early attempt at one

The Productivity Panic Is Your Problem Now

Hallucinated citations are polluting the scientific literature. What can be done