frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: IAXT – macOS menu-bar app that records what AI coding agents do

https://iaxt.com/
1•laurencoral•58m ago

Comments

laurencoral•56m ago
I'm the maker. IAXT records what AI coding agents do on your Mac so you can read it after the session instead of trying to catch it live.

Two things pushed me to build it. First is approval fatigue: on a long Claude Code or Cursor run you start clicking Approve on autopilot and stop reading the diffs. Second is the concrete version of that. While I was wiring up analytics on my own machine, a Claude Code session wrote a macOS LaunchAgent (login persistence) as a side effect of something else I had asked for. I never saw it happen. Afterward IAXT had it in the Review tier, "PERSISTENCE: LaunchAgent", attributed to that session. Harmless in my case, but I had approved my way straight past it.

How it works, and I want to be upfront that none of the observation primitives are new. FSEvents for filesystem writes (~500ms latency), kqueue NOTE_FORK/NOTE_EXIT plus a periodic sysctl process snapshot for process lifecycle, and a periodic snapshot-diff of crontab -l and ~/Library/LaunchAgents/ to catch persistence that does not reliably fire FSEvents. All documented user-space APIs. There is no kernel extension, no system extension, and no Endpoint Security entitlement. That is a deliberate constraint: it installs without the ESF provisioning process, but it also bounds what the app can see, and I would rather say that than pretend this is an EDR. It is not one.

The part that is actually work is keeping the log readable, and that is an attribution gate. Every raw event runs four checks in order: (1) sensitive path always logs (LaunchAgents, ~/.ssh, shell rc files, /etc/hosts, crontab); (2) a file inside an active agent's project dir during a session logs as correlated; (3) a new executable script created during a session logs; (4) everything else is dropped. Gate 4 throws away roughly 95% of OS noise (Spotlight, iCloud, Chrome temp, DerivedData). Without it the log is a firehose nobody opens.

Each action carries two orthogonal fields: an actor (user / aiAgent / aiApp / system / unknown) and a confidence level. High is direct PID ancestry or an exec-path match. Medium is a file in the agent's project dir during an active session. Low is pure temporal correlation. Those render as confirmed / likely / possible, on top of three severity tiers: Routine, Flagged (chmod +x, git remote add, pip install, curl download, osascript), and Review (writes to LaunchAgents or authorized_keys, curl piped to bash, crontab writes, LD_PRELOAD). The attribution is a heuristic, not ground truth, and the app says so in the UI. If an agent and a background process touch the same directory in the same second, "possible" is carrying real weight and I don't want to oversell it.

What it deliberately cannot see, because you'll ask and I'd rather say it first:

- It watches writes, not reads. A silent read of ~/.ssh/id_rsa is invisible. What gets caught is the agent then USING the key: the curl, the commit, the POST. - It logs that a file changed, not the contents. - It does not see shell built-ins (export, alias, cd, source). No child process, no trace. - It does not see remote-sandbox work. Claude Cowork, ChatGPT Code Interpreter, Devin, Replit, Bolt, v0 run on vendor infra and leave zero local footprint. The app shows a banner when a remote-capable app is running so at least the blind spot is visible.

So it is closer to a flight recorder than a firewall. It does not block anything, and if you want blocking you want Little Snitch or an ESF tool, not this. For the coding-agent case it overlaps with reading your git diff and reflog, and honestly if the agent only touched the repo, the diff is enough. Where it earns its keep is the stuff outside the repo, correlated to a session: a LaunchAgent, a crontab line, a script dropped in /tmp, a touch of ~/.ssh, hours later, across several agents, when you were not going to run find yourself.

Data is all local: SQLite at ~/Library/Logs/IAXT/events.db (raw events ~14 days, actions and sessions ~90) plus daily JSONL. Open it with any sqlite3 client, delete it with rm. No account, no signup, no telemetry, no cloud. The only network call the app makes is a Check for Updates button you press, one HTTPS GET to api.github.com.

The honest tradeoff: it's closed source. I know that is a real cost for a tool that asks you to trust what it reports about other software, and I don't love it. Source is available to enterprises on request for auditing, and there is a future paid team tier, but the individual app is free and is what I'm posting. If closed source is a dealbreaker for you, that's a reasonable place to get off, and I'd rather hear that sharply than paper over it.

Free, macOS 13+, Apple Silicon and Intel, signed and notarized DMG at https://iaxt.com. Tear the model apart. I'm most interested in cases where the gate would mislabel something, and in observation gaps I haven't thought about.

France orders Meta to resume talks with media groups over publishing fees

https://www.reuters.com/world/french-antitrust-watchdog-orders-meta-resume-talks-with-media-group...
1•1vuio0pswjnm7•54s ago•0 comments

Manage Your Claude Code Config with Dotfiles and GNU Stow

https://www.yurikoval.com/blog/manage-ai-config-with-dotfiles.html
1•yurikoval•1m ago•0 comments

GLM-5.2 (max) matches Claude Opus 4.8 on Harvey LAB-AA benchmark

https://artificialanalysis.ai/evaluations/harvey-lab-aa
1•bogdiyan•1m ago•0 comments

EU top court dismisses Google fight against record €4.1B EU antitrust fine

https://www.irishtimes.com/technology/2026/07/02/eu-top-court-dismisses-google-fight-against-reco...
1•1vuio0pswjnm7•3m ago•0 comments

Cinchor – Control what an AI agent can do, and prove what it did

https://cinchor.com
1•foh_quarters•4m ago•0 comments

Show HN: Whentofly – flexible-date flight search that says if the price is good

https://whentofly.io
1•dimabalony•4m ago•0 comments

Is AI making us dumber?

https://www.businessinsider.com/ai-making-us-dumber-research-2026-7
1•amichail•5m ago•0 comments

Gossiped evidence fusion and S5 epistemic logic for multi-agent OS

https://pentad.ai/PLRN/017/
1•kendallgclark•8m ago•1 comments

Sipeed NanoXray

https://sipeed.com/nanoxray
1•serhack_•11m ago•1 comments

Backdoor security alert over Anthropic's Claude Code

https://www.reuters.com/legal/litigation/china-issues-backdoor-security-alert-over-anthropics-cla...
3•Alien1Being•11m ago•0 comments

The Most Familiar Mystery in Physics

https://www.loofwired.com/p/the-most-familiar-mystery-in-physics
1•surprisetalk•12m ago•0 comments

Show HN: Squishy Billiards – A daily pool game with squishy physics

https://squishybilliards.com
1•jpohalloran•12m ago•0 comments

Fable wrote a .NET GC in C#, got within range of the stock GC in 2 days

https://github.com/kevingosse/ManagedDotnetGC/tree/claude/experiments
1•kookiz•16m ago•1 comments

How AI Embeddings Cut Cloud Costs by 50% While Boosting Matching by 65%

https://tech.wmg.com/breaking-the-black-box-how-ai-embeddings-cut-cloud-costs-by-50-while-boostin...
1•wmg•17m ago•0 comments

Funding open-source software without compromising it

https://yorickpeterse.com/articles/funding-open-source-software-without-compromising-it/
1•YorickPeterse•17m ago•0 comments

The $2T question: Will knowledge-work complexity scale with model capability?

https://twitter.com/__josh_harris__/status/2074824864288919945
1•jah242•19m ago•1 comments

Show HN: GhostedWatch, an extension that detects silent removals on patriots.win

https://ghostedwatch.com/
2•rhaksw•21m ago•0 comments

China warns about AI risks with Anthropic's Claude Code

https://www.cnbc.com/2026/07/08/china-anthropic-ai-claude-code-backdoor-security-threat.html
2•cramer4next•21m ago•1 comments

Robots available for rent: But what can they do?

https://www.bbc.com/news/articles/c4gymkg9lr2o
1•monkeydust•22m ago•0 comments

Show HN: I built the NAS drive comparison table I couldn't find

https://www.nasdisks.com/
4•deeddy•23m ago•3 comments

Show HN: Seqvio – a whiteboard explainer toolkit for React/TSX videos

https://github.com/makesynt/seqvio
1•markthis•24m ago•0 comments

Kasroz: An Optimal Keyboard for Swipe

https://futo.tech/blog/swipe-keyboard
1•ementally•24m ago•0 comments

The Second Derivative: Why No One Understands the AI Boom

https://www.groundbrkr.com/p/the-second-derivative-why-no-one
3•ericwaller•25m ago•0 comments

What happens inside a tennis player's brain as they try to return a 148mph serve

https://theconversation.com/what-happens-inside-a-tennis-players-brain-as-they-try-to-return-a-14...
1•0in•25m ago•0 comments

How to cheat when crossing the Channel by swimming

https://github.com/valhalla/valhalla/discussions/6190
1•nilsnolde•26m ago•0 comments

Show HN: VetoBench – benchmarking AI memory beyond retrieval

https://github.com/adelinamart/robrain/tree/main/packages/vetobench
2•mart1adelina•27m ago•0 comments

First Robot-Run Hotel Is Opening in China

https://www.gadgetreview.com/worlds-first-fully-robot-run-hotel-is-opening-in-china
1•surprisetalk•27m ago•0 comments

Show HN: DeviceShelf – a read-only LAN scanner for homelabs, no cloud back end

https://deviceshelf.app/
1•itsmueller•27m ago•0 comments

Ask HN: Can I find enthusiasts like me as a first time builder?

2•AlexSonn•28m ago•0 comments

Stop Writing Claude.md Rules. Write Linting Rules Instead

https://zernie.com/blog/stop-writing-claude-md-rules/
1•speckx•29m ago•0 comments