frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: Agent-zero-trust – scan a repo before your AI coding agent reads it

https://github.com/ralfyishere/agent-zero-trust
1•ralfyishere•1h ago

Comments

ralfyishere•1h ago
AI coding agents read files and follow instructions with tool access. That means a repo is not just code anymore. It is an instruction environment: a README, an HTML comment, an MCP config, a postinstall script, or a Claude Code hook can steer an agent the moment it enters. The HTML-comment attack is documented in the wild.

azt scans a repo before Claude Code, Cursor, Codex, or Gemini operates in it. It inventories everything that can influence an agent (14+ file classes, including .mcp.json, hooks, .envrc, folderOpen tasks, lifecycle scripts) and flags known injection, execution, and exfiltration shapes.

Three design choices I expect HN to have opinions about:

1. The core is deterministic and offline. No model calls, ever. There is a bootstrap paradox in LLM-based screening: content being judged can inject the judge. A scanner vulnerable to the attack it screens is worse than nothing, because it manufactures false confidence.

2. It publishes its own false-negative ledger. corpus/misses/ contains working attacks the scanner does NOT catch, asserted undetected in CI so the ledger cannot silently drift. A clean scan means "no known-shape red flags", never "safe".

3. It disclosed its own day-one bypass. The first version's gate could be forged by an agent's file-write tool. Found it in our first live test, fixed it the same day, disclosed in SECURITY.md.

Try it in 30 seconds, no install (stdlib only): git clone https://github.com/ralfyishere/agent-zero-trust cd agent-zero-trust python3 azt.py scan corpus/malicious-markdown # exits 1, red findings

Or: pipx install agent-zero-trust && azt scan <repo>. There is also a GitHub Action and a gate mode that blocks an agent's tools until an intake scan passes (a speed bump, not a sandbox).

It's not a replacement for Snyk's agent-scan, which inventories your installed agent/MCP/skill components. azt is the other side: intake for a repo you're about to enter. Run both.

Single file, stdlib only, MIT. Bypass reports are the most wanted contribution: every confirmed one becomes a rule or a public entry in the misses ledger, credited.

Xbox layoffs hit accessibility leadership

https://www.pcgamer.com/gaming-industry/xbox-layoffs-hit-accessibility-leadership-calling-into-qu...
1•robin_reala•1m ago•0 comments

New Switch 1 and 2 root exploit

https://twitter.com/gezine_dev/status/2074894225460822503
1•bagxrvxpepzn•1m ago•1 comments

Vought: Trump admin won't do DOGE after-action report

https://federalnewsnetwork.com/agency-oversight/2026/07/vought-trump-admin-wont-do-doge-after-act...
1•doener•2m ago•0 comments

Why the rise of open source AI isn't hurting Anthropic yet

https://techcrunch.com/2026/07/07/why-the-rise-of-open-source-ai-isnt-hurting-anthropic-yet/
1•Brajeshwar•2m ago•0 comments

Harness Engineering for Self-Improvement

https://lilianweng.github.io/posts/2026-07-04-harness/
1•gszr•2m ago•0 comments

Show HN: Monogram, AI app with on the fly generation

https://www.monogram.ai/
1•edouard1234567•3m ago•1 comments

Show HN: Requirements Engineering with Formal Verification

https://fizzbee.ai/
3•jayaprabhakar•3m ago•0 comments

Postgres branch per PR with a GitHub app

https://xata.io/blog/introducing-the-xata-github-app
1•tudorg•3m ago•0 comments

From bigrams to GPT-2, one component at a time (in Jax)

https://www.gilesthomas.com/2026/07/llm-from-scratch-34b-building-and-training-gpt-2-small-in-jax
1•gpjt•4m ago•0 comments

Feeding on Illusions

https://theconvivialsociety.substack.com/p/feeding-on-illusions
1•longdefeat•4m ago•0 comments

The Gmail API Alternative for AI Agents – MailKite

https://mailkite.dev/blog/gmail-api-for-ai-agents/
2•fijiwebdesign•6m ago•0 comments

Tail Scale

https://dehora.net/journal/2026/7/tail-scale
1•speckx•6m ago•0 comments

Ask HN: Another "Hacker News" with less AI and more human-focused hacking?

3•weird_trousers•7m ago•0 comments

KubeSwift, Kubernetes-Native VM Orchestration on Cloud Hypervisor

https://github.com/kubeswift-io/kubeswift
2•wrkode•8m ago•0 comments

Loopy: Agent workflows that run when your data changes

https://loopy.computer/
1•handfuloflight•9m ago•0 comments

Dangling Pointer

https://en.wikipedia.org/wiki/Dangling_pointer
1•rolph•10m ago•0 comments

Show HN: Microsoft releases Flint, a visualization language for AI agents

https://microsoft.github.io/flint-chart/#/
2•chenglong-hn•10m ago•1 comments

Firefox new Wrexham shirt sponsor

https://www.nytimes.com/athletic/7427454/2026/07/08/wrexham-firefox-shirt-sponsor/
2•mprev•10m ago•0 comments

Nginx Vulnerabilities

1•finbot•10m ago•0 comments

PlayStation can delete all your digital games after 3 years of inactivity (EU)

https://www.flatpanelshd.com/news.php?subaction=showfull&id=1783340582
3•thewebguyd•11m ago•0 comments

1-in-2 phones sold in Africa exfiltrate whole-device activity to China

https://www.nowsecure.com/blog/2026/07/08/what-the-transsion-telemetry-research-means-for-mobile-...
1•lmbbuchodi•11m ago•0 comments

Lost Media: Konpeito Tapes

https://enocc.com/blog/2025-12-10-konpeito-media.html
1•nyoki•11m ago•0 comments

Show HN: Hover over your UI element to get its exact location in code

https://loerei.github.io/HoverSource/
1•Loerei•12m ago•1 comments

What Do We Know About the Microplastics Inside Us?

https://e360.yale.edu/features/cassandra-rauert-interview
1•speckx•12m ago•0 comments

Chaos Agent

https://github.com/jasnonaz/chaos-agent
2•data_ders•15m ago•0 comments

What Is a Container, Really? Five Years of GPU Infrastructure

https://www.beam.cloud/blog/what-is-a-container-really
1•Mernit•15m ago•0 comments

The next generation of ChatGPT Voice [video]

https://www.youtube.com/watch?v=9f-Ew_lDtxc
1•gurjeet•15m ago•0 comments

Grok 4.5

https://cursor.com/blog/grok-4-5
2•meetpateltech•16m ago•0 comments

panSpeedCalc

https://phfx.com/tools/panSpeedCalc/
1•skibz•16m ago•0 comments

Show HN: Apposters – Generate a project website directly from a GitHub link

https://apposters.com/
1•loeona•17m ago•0 comments