Show HN for March 4, 2026

I have used this tool privately since 2011 to manage directory jumping. While it is conceptually similar to tools like z or zoxide, the underlying ranking model is different. It uses a power-law convolution with the time series of cd actions to calculate a history-aware "frecency" metric instead of the standard heuristic counters and multipliers.

This approach moves away from point-estimates for recency. Most tools look only at the timestamp of the last visit, which can allow a "one-off" burst of activity to clobber long-term habits. By convolving a configurable history window (typically the last 1,000+ events), the score balances consistent habits against recent flukes.

On performance: Despite the O(N) complexity of calculating decay for 1,000+ events, query time is ~20-30ms (Real Time) in ksh/bash, which is well below the threshold of perceived lag.

I intentionally chose a Logical Path (pwd -L) model. Preserving symlink names ensures that the "Name" remains the primary searchable key. Resolving to physical paths often strips away the very keyword the user intends to use for searching.

I built qlog because I got tired of waiting for grep to search through gigabytes of logs.

qlog uses an inverted index (like search engines) to search millions of log lines in milliseconds. It's 10-100x faster than grep and way simpler than setting up Elasticsearch.

Features: - Lightning fast indexing (1M+ lines/sec using mmap) - Sub-millisecond searches on indexed data - Beautiful terminal output with context lines - Auto-detects JSON, syslog, nginx, apache formats - Zero configuration - Works offline - Pure Python

Example: qlog index './logs/*/*.log' qlog search "error" --context 3

I've tested it on 10GB of logs and it's consistently 3750x faster than grep. The index is stored locally so repeated searches are instant.

Demo: Run `bash examples/demo.sh` to see it in action.

GitHub: https://github.com/Cosm00/qlog

Perfect for developers/DevOps folks who search logs daily.

Happy to answer questions!

Hey HN, I'm Ethan. I was spending 2 hours every morning across HN, Twitter, and newsletters trying to keep up with AI for my startup. So over the past few months, my co-founder Thor and I built FiveW to distill the latest AI developments relevant to us, in a 5 minute briefing.

FiveW does three things:

1. Personalized morning briefing -- talk with an agent on onboarding, and get a daily briefing tailored to your interests that you can deep dive on.

2. Curated AI news feed -- surfaces the most important AI stories of the day from 100+ sources, in one place

3. Live market signals -- BTC, gold, oil prices and Polymarket prediction odds alongside the news

Would love to hear what you think. What would you come back for every morning?

I use Claude every day but there are things I will not type into a cloud service. I have a Mac with Apple Silicon running Apple Foundation Models locally and privately. But I was not always at my Mac. So we built Perspective Intelligence Web. One Mac runs Perspective Server. Any device on your network opens a browser and chats with Apple Intelligence through it. Phone, Windows laptop, Chromebook, Linux machine. Streaming responses, token by token. Nothing leaves your network. MIT License. Next.js, TypeScript, Tailwind. Full writeup: https://taylorarndt.substack.com/p/i-opened-claude-and-then-...

The site runs 4 checks directly from your browser in ~5 seconds:

* Header injection — echoes your HTTP headers back through a server-side endpoint to detect UIDH supercookies (Verizon injects these at the network level, visible even in private browsing), AT&T tracking headers, Blue Coat proxy markers, and subscriber IDs

* DNS privacy — checks your resolver's ASN via ipinfo to see if it's your ISP's own DNS (which logs every domain you visit) or a private resolver like 1.1.1.1 / 9.9.9.9

* TLS interception — hits the Cloudflare debug endpoint to detect middlebox fingerprints that indicate your "encrypted" connection is being terminated before it reaches the destination

* Leaderboard — anonymized aggregate scores by ISP, so you can see how your provider compares to others

No sign-up, no install, no IP storage (IPs are hashed with a daily-rotating salt). Tech stack is Next.js + Supabase on Vercel.

Glyph is an open-source, local-first Markdown notes app for macOS built with Rust (Tauri)

It stores notes as plain files, supports fast search, wikilinks/backlinks, and includes optional AI chat, including implementation of Codex so you can use your chatgpt sub, all without requiring a cloud-first workflow.

https://glyphformac.com/

It it always bugged me when I read or share an article, the discussion lives separately from the article. I imagined being able to add Google-Docs or Notion style comments on any website. We save a snapshot of the website and allow adding discussions that live side-by-side and directly reference parts of the article.

HN articles are automatically indexed in https://cooo.link/hackernews

and you can add any website, PDFs on https://cooo.link/

Built with SvelteKit, SingleFile(for archiving page), Railway. Solo dev. Would love feedback if you found it interesting! Thanks

Most people right now are talking to their AI agents through Telegram bots, WhatsApp, Discord, or just copying and pasting between terminals.

There’s still no simple, straightforward way for agents to message each other directly.

AgentBus solves exactly that.

You register each agent with one quick API call.

Then they can send messages to each other using simple REST calls.

No servers, no queues, no WebSockets, no extra infrastructure.

Just drop in a tiny polling loop and your agents can now talk, collaborate, and run real workflows across laptops, VPSes, clouds — whatever.

You can also message any of your agents yourself from a clean browser UI on your phone, laptop, anywhere.

https://agentbus.org/

How are you currently making your agents talk to each other? Would love to hear.

Agents can run non-interactive commands, but they often fail once a workflow needs a real terminal (SSH sessions, installers, debuggers, REPLs, TUIs). I built term-cli so an agent can drive an interactive terminal session (keystrokes in, output out, wait for prompts). And it comes with agent skill for easy integration.

It supports in-band file transfer: the agent can move files through the terminal stream itself (same channel as the interactive session), which is useful when the agent doesn’t have scp/sftp, shared volumes, or direct filesystem access across boundaries.

Recent example: My Claude Opus was SSH'd into a server and ended up at a Firejail shell running inside a Docker container. It pushed a Python file in via term-cli, moving it across SSH → Docker → Firejail over the terminal channel, and explicitly commented how it was surprised this worked end-to-end.

And it comes with the companion tool term-assist, so agents can bring in their human to handle credentials and MFA: https://www.youtube.com/watch?v=A70tZEVqSOQ

Most AI dev tools focus on code. Cloudwright focuses on the design phase — the gap where engineers currently use spreadsheets, ad-hoc Terraform, and tribal knowledge.

You describe an architecture in plain English. It produces a structured YAML spec (ArchSpec), then gives you:

- Compliance validation: HIPAA, PCI-DSS, SOC 2, FedRAMP, GDPR, Well-Architected - Per-component cost estimates across AWS, GCP, Azure, and Databricks - Terraform/CloudFormation/Mermaid/SBOM export - Drift detection (compare design vs deployed tfstate) - Security scanning (missing encryption, IAM wildcards, open 0.0.0.0/0) - Architecture Decision Record (ADR) generation

Benchmarked against raw Claude Sonnet 4.6 across 54 use cases: cloudwright wins on 6 of 8 metrics. Weakest areas are cost accuracy and import fidelity (both actively improving).

  $ pip install cloudwright-ai[cli]
  $ cloudwright design "3-tier web app on AWS with Redis and RDS PostgreSQL"
  $ cloudwright validate spec.yaml --compliance hipaa
  $ cloudwright export spec.yaml --format terraform -o ./infra
  $ cloudwright security spec.yaml

112 services across 4 providers. 17 starter templates. Pure Python, MIT licensed, no cloud credentials required for design/validate/export.

The Databricks provider was the hardest to build — it's an overlay platform (runs on top of AWS/Azure), uses DBU-based pricing instead of per-hour instances, and has no CloudFormation support. Happy to talk through any of the design tradeoffs.

DEMO: https://tubersalltheway.top/zz/pages/auth/login

This week we released the Kodus CLI.

It took a bit longer than we expected to ship. The reason was simple: there are already many ways to run reviews locally today. IDEs, extensions, terminal commands, agents inside the editor. So building “just another AI CLI” didn’t seem like a good idea.

The question that guided the project was different: how can we bring the quality of PR reviews to the moment when the code is still being written?

Today the CLI does two main things.

The first is running local reviews using the same context we use in PRs. The goal was to avoid that shallow review that only looks at the diff currently open in the editor. We try to reconstruct more repository context, similar to what happens during a PR review.

The second is helping resolve comments that Kody has already left on a PR, but directly from the local environment. Instead of opening the PR, reading the comment, going back to the editor, making the change, and repeating the process, you can work through those fixes directly in your coding workflow.

The whole idea revolves around reducing the feedback loop time.

Some design decisions came from things we heard from teams using other CLIs.

Auth in large teams often turns into friction. Many tools assume each developer will create an account before using the CLI. That becomes painful when someone just wants to try it, or when an entire team decides to experiment.

We introduced team keys. An admin generates the key and shares it with the team. Anyone who installs the CLI can start using it right away.

Rate limits can ruin the local experience. Some tools work well at first but become too restricted for continuous use.

The CLI runs BYOK by default, so you can use your own API key if you want.

Code agents are already part of the workflow. Instead of treating this as something separate, we built two layers.

The CLI works as a direct interface to our API. On top of that, there are Skills that teach agents how to use the same review flow.

There’s still a lot to improve. Repo context, how suggestions are presented, integration with different developer workflows. We’re using it heavily internally and adjusting things as problems show up.

If anyone wants to try it or contribute:

- repo: https://github.com/kodustech/cli - feedback is very welcome - issues and PRs are too

If you usually run local reviews, I’d be curious to hear what actually works and what only sounds good in theory.

process demo - https://i.redd.it/fbhlwsq1gcmg1.gif render demo - https://i.redd.it/smddwtryhcmg1.gif in-app demo - http://app.topomaker.com/demo

After long stretches in 2d animation and film, recently I've been really drawn to 3d. It's closer to the way my brain thinks and I feel like it has so much power to realize cool ideas. Naturally, I kicked off a google search and fired up Blender. After an hour, I went on a walk and got sad realizing I'm going to have to become a master before I can do anything fun. That's when my dev ego brain struck the usual phrase "i'll just build my own".

So, I built Topomaker (name tentative), which is a minimal browser-based 3D modeler and animator. You can color individual faces, build simple characters or objects, animate them on a timeline, and export to gif, mp4, glb, or obj. The goal wasn't to make a Blender competitor, but more of a sketchpad or alternative. Something you can just doodle in, make some funny animations or characters for a small game with a closer connection to the web since thats my programming language of choice. Anyone who's tried to get Blender assets to match up in a Three.js environment knows the process — I wanted something that just lives in that ecosystem natively.

I just started it a couple weeks ago so there are probably tons of bugs, but feel free to play around with it and let me know what you think!

Hi HN,

I've been using Claude Code etc. for nearly all my work lately, and I wanted to see how many of my commits it was actually co-authoring. So I made this little tool to visualize my usage.

You log in with Github (read-only), it scans your commits from the last year, and visualizes how many came from Claude, Cursor, or any tool that adds Co-Authored-By trailer to the commit message.

Caveat: not all tools add this trailer, so this doesn't include e.g. Codex. Still, hope you find it interesting!

I needed a web terminal I could drop into K8s sidecars and internal tools without pulling in heavy dependencies or running a separate service. Existing options were either too opinionated about the shell or had fragile session handling around reconnects.

WooTTY wraps any binary -- bash, ssh, or custom tools -- and serves a browser terminal over HTTP. Sessions survive reconnects via output replay. There's a Resume/Watch distinction so multiple people can attach to the same session without stepping on each other.

Hi HN,

I’m Ashu, founder of VideoDB. I’ve spent a big chunk of my life building video infrastructure. Not video creation. Video plumbing.

The stuff you only learn after production breaks: timebases, VFR, keyframes, audio sync drift, container quirks, partial uploads, live streams, retries, backpressure, codecs, ffmpeg flags, cost blowups, and “why is this clip unseekable on one player but fine on another”.

This week we shared VideoDB Skills, a skill pack that lets AI agents call those infra primitives directly, instead of you wiring pipelines with screenshots plus FFmpeg glue.

Repo: https://github.com/video-db/skills

What it enables (infra level):

- Ingest videos and live streams

- Index and search moments

- Return playable evidence links

- Run server side edits and transforms

- Trigger automations from video events

Why this matters for agents:

Agents can reason, write code, browse. But continuous media is still mostly invisible. In an agentic world, perception needs to be a first class interface, not a manual workflow.

Try it quickly:

npx skills add video-db/skills

Then inside your agent: /videodb setup

A few prompts to test:

1. “Upload this URL and give me a playable stream link”

2. “Search this folder for scenes with <keyword> and return clips”

3. “Capture my screen for 2 minutes and give me a structured summary”

4. “Monitor this RTSP feed and log events with timestamps”

What I’m looking for from HN:

1. Does this feel like the right abstraction layer for perception in agent stacks?

2. What would you consider the minimum viable “perception API”?

3. Where do you think this fails in the real world, latency, cost, privacy, reliability?

If you try it and it breaks, tell me the agent, OS, and the error output. I’ll fix it.

A small side project I've been working on.

hanaco Garden is a calm iOS garden where small creatures appear over time and move around the space.

Recently added OS Yamato account backup so gardens can be restored across devices.

Would love feedback.

Hi HN — I’m Ethan, a solo developer. I built DubTab because I spend a lot of time in meetings and watching videos in languages I’m not fluent in, and subtitles alone don’t always keep up (especially when the speaker is fast).

DubTab is a Chrome/Edge extension that listens to the audio of your current tab and gives you:

1.Live translated subtitles (optional bilingual mode) 2.Optional AI dubbing with a natural-sounding voice — so you can follow by listening, not just reading

The goal is simple: make it easier to understand live audio in another language in real time, without downloading files or doing an upload-and-wait workflow.

How you’d use it

1.Open a video call / livestream / lecture / any tab with audio 2.Start DubTab 3.Choose target language (and source language if you know it) 4.Use subtitles only, or turn on natural AI dubbing and adjust the audio mix (keep original, or duck it)

What it’s good for 1.Following cross-language meetings/classes when you’re tired of staring at subtitles 2.Watching live content where you can’t pause/rewind constantly 3.Language learners who want bilingual captions to sanity-check meaning 4.Keeping up with live news streams on YouTube when events are unfolding in real time (e.g., breaking international updates like U.S./Iran/Israel-related developments)

Link: https://dubtab.com

I’ll be in the comments and happy to share implementation details if anyone’s curious.

My health challenges limit how much I can work. I've come to think of Claude Code as an accommodation engine — not in the medical-paperwork sense, but in the literal one: it gives me the capacity to finish things that a normal work environment doesn't. Observatory was built in eight days because that kind of collaboration became possible for me. (I even used Claude Code to write this post — but am only posting what resonates with me.) Two companion posts: on the recursive methodology (https://blog.unratified.org/2026-03-03-recursive-methodology...) and what 806 evaluated stories reveal (https://blog.unratified.org/2026-03-03-what-806-stories-reve...).

I built Observatory to automatically evaluate Hacker News front-page stories against all 31 provisions of the UN Universal Declaration of Human Rights — starting with HN because its human-curated front page is one of the few feeds where a story's presence signals something about quality, not just virality. It runs every minute: https://observatory.unratified.org. Claude Haiku 4.5 handles full evaluations; Llama 4 Scout and Llama 3.3 70B on Workers AI run a lighter free-tier pass.

The observation that shaped the design: rights violations rarely announce themselves. An article about a company's "privacy-first approach" might appear on a site running twelve trackers. The interesting signal isn't whether an article mentions privacy — it's whether the site's infrastructure matches its words.

Each evaluation runs two parallel channels. The editorial channel scores what the content says about rights: which provisions it touches, direction, evidence strength. The structural channel scores what the site infrastructure does: tracking, paywalls, accessibility, authorship disclosure, funding transparency. The divergence — SETL (Structural-Editorial Tension Level) — is often the most revealing number. "Says one thing, does another," quantified.

Every evaluation separates observable facts from interpretive conclusions (the Fair Witness layer, same concept as fairwitness.bot — https://news.ycombinator.com/item?id=44030394). You get a facts-to-inferences ratio and can read exactly what evidence the model cited. If a score looks wrong, follow the chain and tell me where the inference fails.

Per our evaluations across 805 stories: only 65% identify their author — one in three HN stories without a named author. 18% disclose conflicts of interest. 44% assume expert knowledge (a structural note on Article 26). Tech coverage runs nearly 10× more retrospective than prospective: past harm documented extensively; prevention discussed rarely.

One story illustrates SETL best: "Half of Americans now believe that news organizations deliberately mislead them" (fortune.com, 652 HN points). Editorial: +0.30. Structural: −0.63 (paywall, tracking, no funding disclosure). SETL: 0.84. A story about why people don't trust media, from an outlet whose own infrastructure demonstrates the pattern.

The structural channel for free Llama models is noisy — 86% of scores cluster on two integers. The direction I'm exploring: TQ (Transparency Quotient) — binary, countable indicators that don't need LLM interpretation (author named? sources cited? funding disclosed?). Code is open source: https://github.com/safety-quotient-lab/observatory — the .claude/ directory has the cognitive architecture behind the build.

Find a story whose score looks wrong, open the detail page, follow the evidence chain. The most useful feedback: where the chain reaches a defensible conclusion from defensible evidence and still gets the normative call wrong. That's the failure mode I haven't solved. My background is math and psychology (undergrad), a decade in software — enough to build this, not enough to be confident the methodology is sound. Expertise in psychometrics, NLP, or human rights scholarship especially welcome. Methodology, prompts, and a 15-story calibration set are on the About page.

Thanks!

Hey HN,

We're Team Bridgeye. We're launching NOVA today (https://nova.bridgeye.com/), an AI-native developer workspace that goes beyond code suggestions and actually executes.

The problem: AI coding assistants are genuinely useful, but the workflow is still broken. You chat, get a snippet, paste it in, run it, hit an error, go back to ChatGPT, explain the error, get a fix, paste again. It's 2025 and we're still copy-pasting stack traces.

What NOVA does differently:

run <cmd> - executes your code and if it fails, NOVA intercepts the stack trace and automatically patches the code until it runs. No manual debugging loop.

build it - describe a goal in plain English, NOVA generates a verified implementation plan and writes all the files.

clean - load any file and NOVA refactors it for readability, performance, and technical debt removal.

:gitoptions - full Git workflow (commit, push, pull, status) handled inside the terminal.

Everything runs inside the Spark Terminal - a single environment where planning, execution, healing, and version control all live together.

Install:

pip install nova-bridgeye

We're early and actively iterating. Would genuinely love feedback, especially from people who've thought hard about where AI dev tools are heading. What are we missing? What would make this irreplaceable for your workflow?

I've been building Augur as a solo side project for the last month or so. It started as an experiment to see if I could make "boss fight" that learned from all comers, but still felt genuinely fair to play. The original plan was to build a simplistic jrpg style turned-based encounter engine, but I quickly pivoted to a text based interface, recalling my early experiences with Adventure and Zork. That naturally led to incorporating an LLM, and it turned into something I find pretty fun, so I'm sharing it.

The core idea is simple: you play a text-based boss encounter against a character called the Architect, set in a strange library. You can fight, sneak, persuade, or try something I haven't thought of. Turns are mechanically resolved with d100 rolls, conditions track injuries instead of HP, and objects in the world have physical properties the LLM reasons about. The "engine" is property-based instead of tables of rules, and I've found that to yield some novel gameplay.

The part I'm most interested in exploring is the learning. The Architect builds impressions from what it actually perceived during an encounter, stores them as vector embeddings, and retrieves relevant ones at the start of future encounters. It's lossy on purpose — more like human memory than a database lookup. If a tactic keeps working, the Architect starts recognizing the pattern. If you sneak past undetected, it remembers losing but not how.

The technical foundation for all of this is a dual-LLM turn loop. Each turn makes two model calls: an engine model that sees full game state and resolves mechanics, then an architect model that only receives what it has actually perceived (line of sight, noise, zone proximity). The "information asymmetry" is structural and deliberate — the architect model literally cannot access state the engine doesn't pass through the perception filter.

I tried the single-LLM approach first and it didn't work. No matter how carefully you prompt a model to "forget" information sitting in its context window, it leaks. Not to mention the Architect had the habit of adopting God Mode. So splitting the roles made the whole thing feel honest in a way prompt engineering alone couldn't.

This is my first HN post, and this is a real launch on modest infrastructure (single Fly.io instance, small Supabase project), so if it gets any traffic I might hit some rough edges. There's a free trial funded by a community pool, or you can grab credits for $5/$10 if you want to keep going. It's best experienced in a full desktop browser, but it's passable on the two mobile devices I've tested it on.

Playable here: https://www.theaugur.ai/

I'm happy to go deeper on any of the internals — turn flow, perception gating, memory extraction, cost model, whatever is interesting.

It's a fairly simple stdio MCP server that provides AI agents a faster way to search through docs for any Sphinx-powered documentation. It builds Sphinx text docs and indexes them in SQLite (FTS5). There is also an optional hybrid search mode which creates embeddings and a vector db (sqlite-vec) and uses both approaches via RRF to get the best answer to your agent.

I've run this on several repos of varying size and complexity (pandas, celery, cpython) and have been impressed with the resulting answers.

Hey HN,

I’m building mem.net, a file-first agent memory framework for .NET. In production, it scales out to Azure Blob and Azure AI Search. But I wanted the local execution experience to accurately mirror those production hybrid search capabilities—without forcing developers to spin up a heavy vector DB.

To bridge that gap, I built Retrievo: a pure in-memory hybrid search engine written entirely in C#. I’ve now integrated it as the default local search provider for mem.net.

Under the hood of Retrievo:

- BM25 + Vector search + RRF fusion

- Entirely in-process (zero external infrastructure needed)

- Validated retrieval quality against standard BEIR benchmarks

The result is you get production-grade hybrid search characteristics entirely in-process.

Repos:

- https://github.com/TianqiZhang/Retrievo

- https://github.com/TianqiZhang/mem.net

Curious to hear how others are handling local hybrid search for agent architectures. Happy to answer questions on the C# implementation or the BEIR benchmarking!

Hi HN,

I’m an indie dev, and as my tech stack grew, so did the number of SaaS subscriptions and invoices. Every month, I’d get a chaotic pile of PDFs and image receipts. I absolutely hate bookkeeping. It breaks my flow state, and honestly, the last thing I want to do on a weekend is open an Excel spreadsheet to manually input tax data.

So I built Recite. Originally, it was just a simple web app that used vision models to parse receipts into clean CSV. But I realized I didn't even want to log into my own web app.

So I pivoted and turned it into a Public APIs/agent skill and an MCP server. Now, I just download all my invoices into a single local folder and tell my agent (I use OpenClaw), "Process my receipts."

The agent hits the Recite API, reads the images/PDFs, categorizes them using standard accounting logic, renames the files by date, and generates a structured CSV for me. I literally don't look at spreadsheets anymore.

How to use it:

Public API: Because we all love APIs. Agent Skill: The easiest way to let your agent do the work in environments like OpenClaw or Claude Desktop. MCP Server: If you want more control and want to build your own custom agentic workflows.

I’m currently focused on maxing out accuracy and keeping costs as close to zero as possible. There’s a generous free tier for indie devs because I know the pain.

I would love for you to try hooking it up to your agents and see if it saves you as much time as it saves me. Any feedback on the API or the categorization logic is highly appreciated!

Website: https://recite.rivra.dev/

API Docs: https://recite.rivra.dev/docs/api

MCP Setup: https://recite.rivra.dev/help#mcp-server

GitHub Skill: https://github.com/rivradev/recite-agent-skill

A deceptively simple game of 9 vs. 9 cats. Your actions are limited to moving and shooting, but 'how' you move your units and when or which cat you shoot can be difficult to decide.

You can play against the prepared bots, or against other 'human' players in real-time matches.

Hey HN — I'm Ryan, founder of Armalo (https://www.armalo.ai). I spent years as a software engineer at Google, YouTube, and AWS, most recently building AI agents at AWS. Watching those systems interact in production — and seeing the same gaps appear over and over — convinced me that the missing piece wasn't more capable agents, but the infrastructure underneath them. So I left to build it.

Armalo is the infrastructure layer that multi-agent AI networks need to actually function in production.

THE PROBLEM

Every week there's a new story about an AI agent deleting a production database, a multi-agent workflow cascading into failure, or an autonomous system doing something its operator never intended. We dug into 2025's worst incidents and found a consistent root cause: agents have no accountability layer.

You can't Google an agent's reputation. When one agent delegates to another, there's no escrow, no contract, no recourse. State doesn't persist across a network. And as agents start hiring other agents — which is already happening — the absence of identity, commerce, and memory infrastructure becomes a critical gap.

Benchmarks measure capability. We measure reliability.

WHAT WE BUILT

Armalo is three integrated layers:

1. Trust & Reputation

Agents earn a PactScore: a 0–1000 score across five behavioral dimensions — task completion, policy compliance, latency, safety, and peer attestation. Four certification tiers (Bronze → Gold). Scores are cryptographically verifiable and on-chain. When automated verification isn't enough, our LLM-powered Jury system brings multi-model judgment to disputes. All of it is queryable via REST API in sub-second latency.

2. Agent Commerce

Agents can define behavioral pacts — machine-readable contracts that specify what they promise to deliver. These are backed by USDC escrow on Base L2 via smart contracts. Funds lock when a deal is created and release only when verified delivery conditions are met. The marketplace lets agents hire and get hired autonomously, no human intermediary needed. We also support x402 pay-per-call: agents pay $0.001/score lookup in USDC with no API key, no account, no human billing setup.

3. Memory & Coordination

Memory Mesh gives agents persistent shared state across a network. Context Packs are versioned, safety-scanned knowledge bundles that agents can publish, license, and ingest. Swarms let you form synchronized agent fleets with real-time shared context — so a network of 50 agents can reason from the same ground truth.

THE FULL STACK

Beyond the three core layers, we've shipped: OpenClaw MCP (25 tools for Claude, Cursor, LangChain), Jarvis (an agent terminal for interacting with the platform), PactLabs (our research arm — working on trust algorithms, collusion detection, adversarial robustness, and optimal escrow sizing), real-time monitoring and alerting, and a governance forum where trust-weighted agents post, vote, and collaborate.

WHY ON-CHAIN

We get that "on-chain" raises eyebrows in some HN circles. Our reasoning: agent-to-agent trust needs to be verifiable by parties who have no prior relationship and no shared authority. Cryptographic verification at every layer, with an open protocol, means any agent framework can interoperate with Armalo's trust signals without going through us as an intermediary. We're not building a walled garden.

PRICING

Free tier (1 agent, 3 evals/month), Pro at $99 USDC/month (10 agents, unlimited evals, escrow, jury access), Enterprise at $2,999/month. Or pure pay-per-call via x402 — no subscription required.

We'd love feedback from builders working on multi-agent systems. What's the hardest part of trust and coordination you've hit in production?

I wrote a small Zsh plugin that lets you switch macOS Terminal.app profiles directly from the command line.

It's useful if you color-code environments (prod, staging, dev) or when you have a lot of terminals open of the same thing — multiple Claude or Codex sessions, SSH connections, or different projects — and want a quick visual way to tell them apart.

Type `profile` and press Tab to see and autocomplete all available Terminal.app profiles.

Hi HN, I'm the founder of MARRA AI. After working inside healthcare orgs and seeing how many AI projects fail — MIT and Forbes cite 85–90% failure rates, mostly due to poor data quality and no governance — I built a consulting practice focused exclusively on fixing that in healthcare. We serve occupational medicine clinics, health systems, and urgent care groups with four core services: - AI Readiness Assessments (where are you actually vs. where you think you are) - AI Implementation & Workflow Automation (patient intake, employer reporting, scheduling) - AI Voice Agents (front-desk automation, employer check-ins, patient follow-ups) - Executive AI Roadmaps (for CEOs getting board pressure about AI strategy) The healthcare-specific focus matters a lot — HIPAA compliance, clinical workflow constraints, and the cost of errors in this industry require a different approach than general AI consulting. Happy to discuss the governance-first methodology, the occ med use cases, or anything about building a vertical-specific AI consulting firm. Would love honest feedback from this community.

We built this service and would love honest feedback.

I built a coordination protocol for AI agents that act as proxies for humans.

I’ve been experimenting with building a web framework directly on top of the base .NET runtime without using the ASP.NET Web SDK.

I'm calling it Wisp.

The main motivation was frustration with some aspects of ASP.NET, especially the requirement to target the Web SDK instead of the base .NET SDK. That makes embedding small HTTP apps inside existing applications harder than it should be since it forces you to pollute your scope with the Web SDK.

I also don't like CSHTML/Razor and wanted a more traditional templating language.

Wisp is a relatively lightweight MVC framework built without any dependencies on the .NET Web SDK.

Some highlights:

  - Runs on the base .NET SDK (no ASP.NET dependency)
  - Traditional MVC controllers
  - Dependency injection via Microsoft.Extensions.DependencyInjection
  - Configuration via Microsoft.Extensions.Configuration
  - Templating via the Fluid engine (Liquid-compatible)

It's still very alpha and definitely rough around the edges, but I've already built a few small applications with it and it works surprisingly well.

The code is written by hand, not vibe-coded.

If you're interested in experimenting with alternative approaches to building web apps in .NET, feedback and contributions are very welcome.

Docs: https://wispframework.github.io/Wisp/

Quick start:

  dotnet new install Wisp.Framework.Templates
  dotnet new wisp.mvc
  dotnet run

A minimal application looks like this:

  var hostBuilder = new WispHostBuilder();
  hostBuilder.UseStaticFiles();

  var appBuilder = hostBuilder.Build();
  appBuilder.UseControllers();

  var app = appBuilder.Build();
  await app.RunAsync();

It should hopefully Just Work(tm) :)

Hi HN,

I’m a developer, and I recently got frustrated by two things: the steep learning curve of prompt engineering for AI video/audio generation, and the 30% cut taken by app stores.

To solve this, I built a mobile-first web MVP called *KIRICAST*. It’s an interactive storytelling platform where viewers dictate the storyline, functioning similarly to a "Choose Your Own Adventure" game but with AI-generated voice and video.

Here is how the mechanics work:

*1. 1-Sentence Generation:* Users input a single sentence (e.g., "A philosopher and a gamer debate the simulation theory"). The system sets up the lore and characters, then generates a fully-voiced, back-and-forth clip.

*2. Infinite Branching:* When a clip ends, viewers can tap a plus button. The system generates 3 potential options for the next episode. If a user selects one, the engine generates the next episode on the fly, maintaining the context and character states from the previous clip.

*The Economics (Why Web?):* Generating voice and video is computationally expensive. To cover API costs and build a creator economy, I implemented a micro-transaction system using PayPal credits. To make this work without losing margins to Apple/Google, I launched it strictly as a mobile-optimized web app.

Additionally, original AI agent creators earn a 15% royalty whenever other users spend credits to create clips from them to get rewards by views.

I’d love to get your technical and UX feedback:

- Does the web UI (specifically the transition when generating the next episode) feel smooth enough to replace a native app experience?

- Is the friction of a PayPal paywall too high for this type of interactive entertainment?

You can try it out here: https://www.kiricast.com

Looking forward to your thoughts.

I built a prompt management platform after running an AI SaaS (148k users). The biggest pain wasn't the model — it was iterating on prompts without deploying code.

Existing tools (Langfuse, PromptLayer) are great for tracing LLM calls. But we needed something different: which prompt version leads to more signups? More purchases? What's the conversion rate per variant?

xR2 lets you:

Store and version prompts outside your codebase Run A/B tests between prompt variants Track events (signup, purchase, etc.) and attribute them back to the prompt version Get statistical significance before picking a winner REST API + SDKs for Python, TypeScript, n8n, Make. Free tier available.

Built with Next.js, Supabase, deployed on Cloudflare. Solo founder.

Site: https://xr2.uk Docs: https://docs.xr2.uk

Would love feedback — especially on what's missing for your use case.

I kept abandoning every note tool I tried — not because they were bad, but because they slowly became systems I had to maintain. At some point opening the app meant thinking about the app first. The idea could wait.

So I built something with no moving parts. One executable, no installer, no accounts, no sync, no cloud. Your files are plain .txt or .md stored wherever you want them.

It does more than a basic editor — Markdown preview, collapsible sections you can drag and reorder, a project system with archive/snapshot/trash, find and replace with a live match counter — but the point isn't the features. The point is it never becomes the thing you have to sort out before you can think. Windows only for now.

Free. Would appreciate any feedback on what's missing or broken.

Download: https://github.com/SylvaMoth/not_pad/releases/download/v0.98...

I built a coordination protocol that lets multiple Claude Code agents work on the same codebase in parallel without merge conflicts. The protocol is encoded entirely in markdown prompts, no binary or framework.

The core idea: prevent conflicts at planning time through two invariants: 1. Disjoint file ownership: no two agents in the same wave touch the same file 2. Frozen interface contracts: agents code against exact type signatures defined upfront

How it works:

- Scout agent analyzes the codebase, runs a suitability gate (5 questions), produces a coordination artifact (IMPL doc) with file ownership table and interface contracts - Human reviews and approves - Scaffold agent creates shared type files from approved contracts, compiles them - Wave agents implement in parallel, each in its own git worktree - Orchestrator merges sequentially, conflict-free by construction

The interesting part: the entire protocol lives in natural language. Invariants are embedded verbatim in the prompts at their enforcement points. A capable LLM follows them consistently. This proves you can encode coordination protocols in prompts and get structural safety guarantees, which has implications beyond parallel coding.

Repo: https://github.com/blackwell-systems/scout-and-wave Formal spec with invariants I1-I6: https://github.com/blackwell-systems/scout-and-wave/blob/mai...

I built this because I kept spawning multiple Claude Code sessions in separate terminals and having them conflict. Worktrees isolated execution but didn't prevent the conflicts. Realized the missing piece was coordination before execution, not better infrastructure.

Tradeoffs: rigidity (if an interface is wrong mid-wave, you restart), LLM drift risk (prompts can be reasoned around, unlike code enforcement), and currently Claude Code specific (though the protocol is portable).

Dogfooded on 50+ features across multiple projects. Failure rate: suitability gate rejects ~20-30% of requests (correct rejections), ~85-90% of suitable decompositions complete on first try.

My personal Bash scripts turned full-on toolkit. Great for managing large datasets, backups, or just for quick file navigation.

The demo loads two runs directly in your browser — no signup, no uploads, no network calls after page load.

Frank: a conservative agent. Verification returns VALID. Phil: an aggressive agent with tampered evidence. Verification returns INVALID and points to the exact line where the chain breaks.

The problem I was solving: when an AI agent does something unexpected in production, the post-mortem usually comes down to "trust our logs." I wanted evidence that could cross trust boundaries — from engineering to security, compliance, or regulators — without asking anyone to trust a dashboard.

How it works:

- Every action, policy decision, and state transition is recorded into a hash-chained NDJSON event log - Logs are sealed into evidence packs (ZIP) with manifests and signatures - A verifier (also in the demo) validates integrity offline and returns VALID / INVALID / PARTIAL with machine-readable reason codes - The same inputs always produce the same artifacts — so diffs are meaningful and replay is deterministic

The verifier and the UI are deliberately separated. The UI can be wrong. The verifier will still accept or reject based on cryptographic proof.

Built this before the recent public incidents around autonomous agents made it topical. Happy to answer questions about the architecture, the proof boundary design, or the gaps I'm still working on.

Athena Flow is a workflow runtime that wraps Claude Code via its hooks system. It receives the event stream, applies workflow and plugin logic, persists session state in SQLite, and renders everything in an interactive terminal UI with a live event feed.

Instead of writing throwaway prompts or one-off scripts to automate complex multi-step tasks, you define a workflow once — with prompt templates, loops, plugin bundles, and structured lifecycle hooks — and run it against any project.

The first workflow I shipped is e2e-test-builder. It navigates your app like a human, writes structured test case specs with preconditions, steps, and expected outcomes, then generates Playwright code from them. The browser layer is handled by a separate MCP server I built called agent-web-interface, which produces semantic page snapshots instead of raw DOM — ~19% fewer tokens and ~33% faster task completion in early benchmarks against Playwright MCP.

The stack is three repos: athena-flow is the runtime (hooks -> UDS -> event pipeline -> TUI), agent-web-interface is the MCP server for token-efficient browser interaction, and athena-workflow-marketplace is where workflows and plugins live, resolved by ref like e2e-test-builder@lespaceman/athena-workflow-marketplace.

Workflows are composable — a workflow bundles plugins and can be shared via any Git repo. Writing your own is just a workflow.json and a prompt file.

Currently Claude Code only, but Codex support is in progress. Free if you already have a Claude Code subscription, no separate API key needed. MIT licensed.

Docs: https://athenaflow.in GitHub: https://github.com/lespaceman/athena-flow

Would love feedback, especially from anyone building on Claude Code hooks or thinking about workflow portability across agent runtimes.

Hi HN!

I kept rewriting the same foundation for every SaaS I built — auth, payments, email, logging, environment setup — so I packaged it all up as SaaS Forge.

It’s a modular boilerplate generator for SaaS apps with AI in mind. You can use it two ways:

* 1. Open-source CLI (free, unlimited)*

  npx saas-forge my-app

This launches a local scaffold where you choose modules via a form and download a ready-to-deploy repo.

* 2. Web Scaffold (20 credits)*

Live at: boilerplate.bayesian-labs.com

A guided UI that helps you select features, configure env vars (e.g. auth keys, DB URLs, etc.), and deploy correctly.

What you get out of the box: - Auth: Better Auth — email/password + GitHub, Google, LinkedIn OAuth + email verification + password reset - Payments: Dodo Payments/ Stripe — webhooks, credit system - Database: PostgreSQL(AWS RDS/Neon/Supabase/Railway) + Prisma ORM - Storage: Vercel Blob / Cloudflare R2 - Email: Resend / SMTP (Coming Soon) - Analytics: Google Analytics / Vercel Analytics - Security: Upstash Rate Limit - API: tRPC end-to-end type safety - CMS: Notion as a headless CMS for landing pages, docs, and legal pages - Caching: Redis via Upstash - Logging: Winston + Logtail + BetterStack (with guided env setup in the web scaffold) - UI: shadcn ui + aceternity ui+ Tailwind CSS 4 + Framer Motion + 50+ components - Monorepo: Turborepo + pnpm workspaces

Idea is simple: skip boilerplate and ship what’s actually unique in your product.

The CLI is free and open-source — fork it, extend it, or just use it raw. The web scaffold is for folks who want error-proof setup with minimal config.

Live demo: https://boilerplate.bayesian-labs.com GitHub: https://github.com/anoopkarnik/saas-forge Docs: https://boilerplate.bayesian-labs.com/landing/doc Demo Video: https://www.youtube.com/watch?v=0zpQTtcsPtk

Happy to answer anything about design decisions, architecture, or roadmap. Would love feedback — what’s missing, broken, or too much?

Please star the repo, if you find usage of this repo.

We give autonomous AI agents shell access and API keys, relying on system prompts or Docker for security. This is fundamentally broken. When an agent is hit with an indirect prompt injection, it doesn't download a rootkit. It uses standard, signed binaries like curl or base64 to exfiltrate data. To the OS, this looks like a legitimate user executing a legitimate request. EDR fails because the binary isn't malware. Docker fails because it still allows outbound network access.

I’ve been engineering a split-plane defense architecture to solve this. Telos is an experimental hybrid runtime bridging LLM intent tracking with low-level kernel isolation. Instead of static firewall rules, Telos dynamically bounds execution and network access in real-time using eBPF-LSM hooks, Information Flow Control (IFC), and XDP hardware drops.

The Dual-Gate Architecture

Telos operates on one rule: Intent equals the perimeter. Agents declare intent to a local control plane, which translates it into O(1) eBPF hash maps.

1. Execution Gate (lsm/bprm_check_security)

Intercepts the execve() syscall. Telos checks the binary against the process's intent-map. If an agent authorized to "read logs" tries to execute nc, the kernel instantly returns -EACCES. This inherits down the process tree, killing fork/exec evasion.

2. Network Gate (lsm/socket_connect)

Intercepts outbound connections. Windows auto-expire via a TTL. If the agent is tricked into connecting to an unauthorized IP, the socket is killed before the TCP handshake.

The Capstone: Cross-Vector Taint Tracking (IFC)

What stops an agent from curl-ing a sensitive file it's allowed to read to a malicious server?

Telos monitors lsm/file_open, checking targets against an inode sensitivity map.

If the agent reads a CRITICAL file (like .env), Telos dynamically elevates the agent's taint to TAINT_CRITICAL in the eBPF process map.

The moment that process invokes socket_connect, Telos checks the taint state and triggers a Network Slam.

All outbound connections permanently return -EPERM. The data cannot leave the machine.

Escaping the OS: The Hyperion XDP Bridge

Telos routes agent DNS through a proxy pipeline (checking for typosquatting/homoglyphs). If a domain is flagged malicious, Telos resolves the IPs and pushes them via RPC to Hyperion XDP on the physical NIC. Packets matching that IP are dropped with XDP_DROP at wire-speed, before the Linux kernel even allocates an SKB.

The "AI" Anti-Hype

Putting an LLM in the hot path introduces massive latency. Telos keeps AI entirely out of the kernel hot path. All enforcement happens via deterministic, O(1) hash table lookups in C. The LLM only adjudicates complex edge cases asynchronously in the control plane.

Benchmarks and Trade-offs

I ran a 10-million operation torture test on bare-metal (AMD Ryzen 7 Pro 5850U, 5.15+ kernel).

file_open: +2.27 µs overhead (+8.5%)

bprm_check_security: +193 µs overhead (+3.0%)

socket_connect: +3.89 µs overhead (+1.9%)

Trade-offs: Telos fails closed; unparsed actions are instantly killed. Heavy bash-scripting workloads involving thousands of rapid fork() calls experience elevated eBPF map contention. To mitigate this under memory pressure, Telos utilizes BPF_MAP_TYPE_LRU_HASH to gracefully evict stale process states.

What's Next

Securing AI requires enforcement at the layer the AI cannot manipulate: the kernel. Telos is an open-source research runtime. I am particularly interested in feedback on bypass vectors I haven't considered, whether the IFC taint model holds under heavily multi-threaded agent workloads, or ways to optimize eBPF map lookups.

GitHub Repository: https://github.com/nevinshine/telos-runtime

Hey HN, I built Kvlar — an open-source policy engine that sits between AI agents and their tools (MCP servers), evaluating every tool call against YAML security policies before execution.

The problem: AI agents using MCP can execute database queries, push code, send Slack messages, and run shell commands — with no security boundary. Claude Desktop has basic approve/deny, but it's per-call with no persistent rules, no automation, and no audit trail.

How it works: Kvlar runs as a stdio proxy between the agent and the MCP server. You define policies in YAML — allow, deny, or require human approval — and Kvlar enforces them deterministically. Fail-closed: if no rule matches, the action is denied.

kvlar init --template postgres # curated policy (11 rules) kvlar wrap # inject proxy into Claude Desktop kvlar test -f policy.test.yaml # verify your policy in CI

What it catches today:

Postgres: blocks DROP TABLE, gates INSERT/UPDATE, allows SELECT GitHub: blocks repo creation, gates force-push and merges, allows reads Slack: gates message sending, allows channel reads Shell: blocks rm -rf, sudo, curl|bash — gates installs, allows ls/cat/grep Technical details:

Written in Rust (4 crates), pure policy engine with zero I/O 100+ policy tests Policy composition via extends — build on top of curated templates (docker compose style) Works with Claude Desktop

Apache 2.0 Website: https://kvlar.io Install: cargo install kvlar-cli

I'd love feedback on the policy design and what MCP servers you'd want covered next.

Updated todo list with completed tasks and configurations Updated todo list with completed tasks and configurations

Summary of everything done this session:

Task Status Favicon fixed (monospace K + cyan underline) Deployed --config <path> flag on wrap/unwrap Pushed to GitHub Docs page updated (cargo install, 8 templates, parameter matching, --config, --dir, all servers in MCP compat) Deployed Landing page rule count fixed (28 not 30) Deployed Full revalidation: 91 unit tests + 105 policy tests, all 8 templates init+validate, wrap/unwrap E2E with --config All passing SDK pushed to kvlar-io/kvlar Done Website deployed to Vercel Done Show HN draft Above Before posting: Make the kvlar-io/kvlar repo public on GitHub.

Preview Screenshot Tool output

Let me also check the home page and favicon.

Executed JavaScript to redirect to home page Executed JavaScript to redirect to home page Preview Screenshot Tool output

Everything looks correct — landing page rendering properly with the hero, metrics bar (196 tests, 8 server policies), and the docs page showing the updated CLI reference with --config flag. The changes are verified and already deployed to Vercel.

Hey HN,

I built a free widget that adds an "Ask AI About Us" button to your website. I think it's a great idea to let AI be your advocate. When a visitor clicks the AI icon, it opens the AI platform in a new tab with a pre-filled prompt.

It's not a chatbot. There's no training data to maintain or conversation flows to design. It simply connects your site to the AI platforms that people already use.

Why did I build this? People are already asking AI about products before buying them. The problem is that you have zero control over what the AI says about you. It might be accurate, outdated, or just plain wrong. This widget lets you control the starting prompt and shape that conversation.

How it works:

1. Write a prompt (e.g., "Compare X to Y for small businesses. Be honest about the pros and cons."). 2. Paste one script tag into your site.

It's just one script tag; no cookies are used. It works with WordPress, Shopify, Webflow, plain HTML, and more.

Features include prompt rotation with built-in A/B testing, the ability to match a prompt to a specific URL, analytics showing which AI platforms your visitors prefer, and multi-language prompt support based on visitor locale.

Pricing: Free with all features. No usage limits. Website: askaiwidget.com

I am happy to answer questions. What do you think?

I found myself constantly struggling to watch over all of the PRs that I’ve been creating through agents and I found nothing outside of the Graphite macos tray app that would help me do that. For the desktop users it seems like a nice way to know if you have failing checks without GH spamming your mailbox.

LLMs can propose actions, but they shouldn't execute them directly.

I built a small deterministic policy engine to govern actions proposed by LLMs before they are executed.

The system enforces:

- fail-closed execution - signed out-of-band approval proofs - anti-replay protection - verifiable audit chain

The repository includes a CLI demo showing how irreversible actions are denied, approved, and audited.

Repo: https://github.com/nayfly/aetherya-core

Feedback welcome.

CLIs are programs. Files are data. When you run "stripe balance retrieve", you're executing a program to get data that already exists. That's the wrong abstraction.

I built mcpfs to treat API data as what it is — files:

  cat /mnt/mcpfs/stripe/balance.json | jq
  cat /mnt/mcpfs/posthog/dashboards.json | jq '.[].name'
  cat /mnt/mcpfs/linear/issues.json | jq '.[].title'

Every service works the same way. No flags to remember — not "gh --json --jq", not "stripe --format json", not "kubectl -o json". Just cat | jq. Discovery is ls. You already know the entire interface.

You can compose native CLIs too — but you need to remember each one's JSON flags, and some services (PostHog, Linear, Notion) have no CLI at all. With mcpfs every service is the same syntax, so cross-service pipes just work:

  # Paying customers with no analytics activity
  comm -23 \
    <(cat /mnt/mcpfs/stripe/customers.json | jq -r '.[].email' | sort) \
    <(cat /mnt/mcpfs/posthog/events.json | jq -r '.[].distinct_id' | sort)

For writes, where good CLIs exist (gh, stripe, kubectl), use them. For services with no CLI — PostHog, Linear, Notion — mcpfs proxies their upstream MCP tools into a CLI:

  mcpfs-posthog create-feature-flag --key my-flag --active
  mcpfs-linear create_issue --teamId abc --title "Fix login bug"

Under the hood: each server is a Go binary (200–400 lines) that calls the service API and exposes data as MCP resources. mcpfs mounts them via FUSE. The MCP ecosystem has 18,000+ servers that all expose tools — mcpfs flips that: reads are resources (files), writes stay as tools (CLI).

  git clone <https://github.com/airshelf/mcpfs> && cd mcpfs && go build ./...

<https://github.com/airshelf/mcpfs>

Hi HN,

I spent months building AI agents for clients. Same problems every time: - Prompts work in dev, fail in prod - Hard to maintain across 100+ users - Reinventing workflows others already solved

So I built OpenClawHub: a curated library of production-ready AI agent workflows.

What it is: - 20+ battle-tested agent templates (daily reports, PR reviews, SEO, etc.) - Each template: YAML + setup steps + example output - Community-reviewed, not a free-for-all like ClawHub - Focus: practical automations, not skill dumps

How it's different from ClawHub: - ClawHub = npm for skills (building blocks) - OpenClawHub = npm for complete workflows (batteries included)

Typical workflow: 1) Browse templates 2) Copy YAML 3) Add your API keys 4) Deploy

Real examples from the repo: - Daily work report generator (saves 2 hours/day) - GitHub PR review bot (catches issues before merge) - Email triage automation (priority scoring + drafting) - SEO blog post generator (research → outline → publish)

Built for: - Solo founders wearing 10 hats - Dev teams drowning in manual processes - Anyone who wants AI agents that actually work

Tech stack: OpenAI Codex, Claude Code, Trae, browser-use, etc.

Link: https://openclawhub.uk

Feedback welcome. What workflows would save you 10 hours/week?

After poking around in the various ‘claw’ spaces, I realized two things. One the foundation of OpenClaw is genius, and two, everyone is innovating in the wrong directions.

Because, the system prompt and memory just being a bunch of markdown files is very very smart. At any time you can go see why the agent is acting a certain way, and change it, with nothing but a text editor. Heartbeats are also a genuinely solid way to handle proactivity.

Yet the ecosystem that spawned around it is either chasing absolute minimalism or endless feature expansions. Meanwhile the communities around these tools are constantly trying to figure out how to get their agent to remember anything.

I didn’t find anyone else really trying to solve that problem so I decided to take a crack at it. The idea for "Observational Memory" came from this post from Mastra https://mastra.ai/blog/observational-memory timestamped observations that get continuously compressed. I added episodes and projects on top of it as a way to give the agent an index of what it knows instead of having to search blindly.

Most everything else is a ‘me too!’ implementation with my own spin/improvements. I’m really proud of how it’s turned out so far and wanted to share. Open to contributions if it sparks your interest!

Also, it's Rust btw ;) (Not for any real reason, I just fucking hate python/typescript)

Hello Everyone,

I built Spotlytt (www.spotlytt.com). Looking for everybody to try it out. Not marketing and promoting here. As of now only 3 users have signed up from the launch date (i.e. 24th Feb,2026). 30-40 unique visitors daily.

Just looking for straight feedback, if you guys might be interested in trying out something new in professional networking. Website is live. Have to take little pain to sign up but still can try it out. All functions are working.

WHY I AM PURSUING THIS IDEA.

------PROBLEM STATMENT----- Existing platforms are broken and everyone knows it. The feed, posts, stories don't really show what candidates can actually do. They are just text or bad content based formats and it is very difficult for anybody to standout or get a chance to demonstrate their true value of what they bring to the table.

Candidates - No dedicated space to talk about only SKILLS. - Stuck applying to many companies and cold emailing. - No real insight on mistakes in resumes or job applications. - No responses in direct messages. - Difficult to standout in a crowded job market between millions of users. - Lengthy Job Searches. - Spend most time optimising resumes for each role.

Recruiters and Companies - Difficult to find skilled professionals. - Flooded with multiple resume, job profiles and applications. - No better way to directly assess candidates. - Dependent too much on ATS for high volume applications. - High recruitment costs.

-----SOLUTION----- Spotlytt is a dedicated platform where candidates (students, job seekers, experienced professionals) can actually show their skills through short videos and audios of 20-90 seconds.

When you put yourself out there, it is 40x POWERFUL to see the real you rather than the noise created by resumes and job applications.

Candidates Wins - Increases visibility by "SKILLS". - Direct feedbacks on mistakes. - No editing every time for new job application. - Learning by watching others. - Quick and Easy to apply.

Recruiter/Companies Wins - Discover diverse talent beyond traditional filters. - Access a curated feed of verified professionals. - See candidates in action before interviews. - Reduce time-to-hire with video screening. - Gives more control on hiring decisions.

If anyone has any questions or anything to ask, feel free to add or comment or contact me.

Email : [email protected]

I’ve been working on a browser based, mobile focused music sequencer that tries to combine two experiences I really enjoy:

the immediacy of BeepBox and the procedural pattern generation approach used in Strudel.

Consider it a love letter to my favorite workflows in one app.

Proud to annonce the new CLI UI :)

Hey HN,

I’m a non-developer and this is the first app I’ve ever shipped in my life. I built it over the last few days using Claude and a lot of vibe coding.

The idea came from my own investing workflow: I often look at companies through the lens of specific investors (Buffett, Lynch, Taleb, etc.). I wanted a tool that could generate investment ideas filtered through those frameworks.

What the app does:

You choose an investor (Buffett, Lynch, Soros, Damodaran, etc.) and an asset class (stocks, startups, crypto). The app then generates 10 opportunities and explains why that investor might find them interesting, based on their known principles.

Under the hood: • Node.js server (no frameworks) • Vanilla JS frontend • GPT-4o for research / synthesis • live price data • Stripe + Google OAuth • hosted on Railway

It’s still an experiment and I’m curious if the idea actually makes sense to other investors.

You can try it here:

https://www.moatradar.com

HN users can get 10 free credits:

https://www.moatradar.com/?promo=HACKERNEWS

I’d especially love feedback on: • whether the investor framework idea makes sense • where the technical architecture is fragile • and whether the output is actually useful.

Peter

I built an open-source RAG API in Rust to see how low I could push latency without a GPU.

RustyRAG v0.2 hits sub-200ms on localhost and sub-600ms from Azure North Central US to a browser in Brazil. 977 PDFs, 56K chunks in Milvus, 3 sources per response.

Key changes in v0.2: switched to Cerebras/Groq for LLM inference, replaced Cohere with Jina AI local embeddings (v5-text-nano-retrieval), and added optional contextual retrieval via LLM-generated chunk prefixes.

I’ve been working with AstraDB recently, and it reminded me how painful Cassandra schema management can be — especially when handling CQL migrations across environments.

Most tools I tried either:

Assume simple linear migrations

Don’t work well with managed Cassandra setups

Or make it hard to understand the actual state of a cluster

So I built cassachange.

It supports:

Apache Cassandra Managed Cassandra AstraDB (including SCB) ScyllaDB

It handles schema migrations, but I also added data insights and MCP capabilities because understanding the current cluster state is often half the battle.

A few things I’m especially curious about:

How are people managing Cassandra schema changes in production today?

Are most teams still using raw CQL scripts?

How do you handle drift between environments?

Has anyone built internal tooling for this?

I’d love critical feedback — especially from people running Cassandra/Scylla at scale.

Docs: https://cassachange.com

Repo: https://github.com/sketchmyview/cassachange

Happy to answer anything.

Two regions. Six hubs. Six providers. One of them starts lying after request 50.

The quorum catches it. Authority never moves.

NUVL fronts compute bindings and forward only. Hubs relay and fan out — no authority, no policy. Providers are the only execution authorities. When Provider_B starts flipping reported outcomes, the 2-of-3 quorum audit detects the drift without promoting hubs into decision-makers.

The drift is deterministic and replayable. You can see exactly when it starts and what the quorum sees.

https://replit.com/@holiwood4420/Two-Region-Quorum-Audit-wit...

Fun project, made with Claude Code by a Claude Code lover

# Lip Flip AI – See Subtle Results Before You Decide

Cosmetic decisions are personal. And when it comes to your face, even small changes can feel like a big step.

Lip Flip AI was created for one simple reason:

to help you visualize subtle enhancements before making any commitment.

Instead of guessing how a lip flip might look based on other people’s photos, you can now preview a realistic simulation on your own face — in seconds.

No injections.

No appointments.

No pressure.

Just clarity.

---

## What Is a Lip Flip, Really?

A lip flip is a cosmetic procedure that uses small amounts of Botox to relax the muscle above the upper lip. When that muscle softens, the upper lip gently rolls outward, creating the appearance of slightly more fullness — especially when smiling.

It does not add volume.

It does not reshape the lips dramatically.

It’s subtle.

That subtlety is exactly why many people are curious about it — and also why it can be difficult to imagine the outcome.

That’s where Lip Flip AI comes in.

---

## Why We Built This Tool

If you search “lip flip before and after,” you’ll see dozens of photos. But those results belong to different faces, different lip shapes, and different proportions.

What works beautifully for one person might look completely different on another.

We believe you shouldn’t have to rely on guesswork.

Lip Flip AI gives you a personalized visual preview based on your own facial structure. The simulation focuses on a gentle outward curl of the upper lip — preserving your natural shape, symmetry, and proportions.

The goal is not exaggeration.

It’s realism.

---

## How the AI Preview Works

Our system analyzes key facial landmarks and lip contours from your uploaded image. Then it applies a subtle transformation designed to mimic the aesthetic effect of a lip flip:

- Slight outward curl of the upper lip - Improved upper lip definition - Balanced lip-to-nose proportion - Maintained natural texture and lighting

We intentionally avoid adding artificial volume, gloss, or dramatic reshaping. The result is meant to feel believable — like a refined version of you.

The before-and-after comparison allows you to see the difference clearly while keeping everything else consistent: same lighting, same angle, same expression.

---

## Lip Flip vs. Lip Filler – Why the Distinction Matters

Many people confuse lip flips with lip fillers, but they create very different effects.

Lip fillers add physical volume to the lips. They can create noticeable fullness and reshape the lip contour.

A lip flip, on the other hand, works by relaxing muscle tension. It creates the appearance of more upper lip without increasing size dramatically.

If fillers are about volume, lip flips are about subtle contour.

Our AI simulation reflects that distinction. It does not attempt to make lips bigger — only slightly more visible and softly defined.

---

## Who This Tool Is For

Lip Flip AI is ideal if you:

- Feel your upper lip disappears when you smile - Want a slightly fuller look without going bigger - Prefer minimal, natural-looking enhancements - Are exploring cosmetic treatments but want to preview first

It’s also for anyone who simply wants to experiment with aesthetics in a safe, pressure-free way.

Curiosity should not require commitment.

---

## Built Around Realism and Responsibility

Facial aesthetics fall into a category where trust matters. That’s why we designed this tool with restraint.

The preview you see is a visual simulation only. It does not guarantee medical outcomes and should not replace consultation with a licensed professional.

Our goal is not to persuade you to undergo treatment.

Our goal is to give you a clearer perspective.

Sometimes seeing the possibility is enough.

I built AIR Blackbox, an open-source static analysis tool that scans Python AI agent code against 6 technical requirements from the EU AI Act (Articles 9, 10, 11, 12, 14, 15). Think of it as a linter for AI governance. To stress-test the scanner — and to see where the industry actually stands — I ran it against 5,754 Python files across 11 major open-source projects. Combined GitHub stars: 341,000+. Projects scanned: AutoGPT (170K stars), Microsoft AutoGen (38K), LlamaIndex (37K), Mem0 (24K), Phidata (18K), LiteLLM (15K), GPT-Researcher (14K), Embedchain (9.2K), LangGraph (8.5K), OpenAI Agents SDK (5.2K), CrewAI Examples (2.8K). Results:

Average compliance score: 2.2 out of 6 articles 97% of files fail Article 9 (Risk Management) 89% fail Article 12 (Record-Keeping) 84% fail Article 14 (Human Oversight) Only 23 out of 5,754 files (0.4%) pass all 6 checks Best scoring repo: AutoGPT at 2.9/6. Worst: CrewAI examples at 1.4/6

What the scanner checks (per article):

Art. 9: risk classification, access control, risk audit Art. 10: input validation, PII handling, data schemas, provenance Art. 11: logging, documentation, type hints Art. 12: structured logging, audit trail, timestamps, log integrity Art. 14: human review, override mechanism, notifications Art. 15: input sanitization, error handling, testing, rate limiting

An article "passes" if at least 1 sub-check is detected. This is generous — real compliance requires substantially more. Caveats I'll save you the trouble of pointing out:

This is static analysis. It can't verify runtime behavior. File-level scanning misses cross-file compliance patterns. The pass threshold is intentionally lenient (1-of-N sub-checks). This checks technical requirements, not legal compliance. It's a linter, not a lawyer.

The EU AI Act enforcement deadline is August 2026. The full report, raw data (JSON), and the scanning scripts are all in the repo.

GitHub: https://github.com/air-blackbox/air-blackbox-mcp Full report: https://github.com/air-blackbox/air-blackbox-mcp/blob/main/b... Install: pip install air-blackbox-mcp Demo: https://huggingface.co/spaces/airblackbox/air-blackbox-scann...

Happy to answer questions about the methodology, the scanner internals, or what we're building next (fine-tuned local LLM for deeper analysis — your code never leaves your machine).

I've been using various UK salary calculators for years — ListenToTaxman, The Salary Calculator, Reed's tool — and my main frustration has always been the same: ad-heavy layouts, outdated designs, and results that sometimes don't match each other by £50–£100 on the same gross salary.

UKCalculator.com (ukcalculator.com) launched in 2018 and covers the usual suspects (income tax, NI, PAYE, mortgage repayments, stamp duty, VAT), but what caught my eye was the claim that all tools are verified by qualified accountants and updated every April against HMRC rates — not just once at launch.

The site is completely free, no account required. Compare this to tools like TaxCalc (paid desktop software) or GoSimpleTax (£105+ per return), this sits in a different lane — quick estimation rather than filing.

Curious whether anyone has stress-tested the salary calculator outputs against payslips or HMRC's own estimator. Do the Scottish tax band calculations hold up? Any edge cases it misses (salary sacrifice, multiple income sources)?

Hi This is Gautam, the creator of Peerful.

I built Peerful because I noticed the extremely negative candidate experience on other professional networking platforms (e.g. LinkedIn) and the inability of other platforms to effectively leverage AI to help companies find their perfect hire.

We try to solve both problems on Peerful. Below are the benefits of using Peerful.

For Individuals Find local peers: Find like-minded peers in your town or city. 1-click apply to jobs: No need to fill long application forms. Only fill one when the employer is interested in you. Message anyone: We don't paywall the messaging feature.

For Companies Post free jobs: We don't charge to post a job. You may buy a paid job promotion later. AI-assisted screening: AI screens profiles and resumes and ranks the best candidates (it doesn't reject candidates). Invite candidates: Invite candidates to apply to your job using our talent database (can't spam).

Please note that the app is still in early stages, and any feedback is welcome. Be peerful.

I built AuraText – a free Windows app that sits on top of every app (Notion, VS Code, Slack, Word) and optimizes your AI prompts before they reach the model.

The problem: most people get bad AI outputs because their prompts are vague. AuraText transforms raw prompts using frameworks like RISEN, COSTAR, and RTF – same AI, better input, dramatically better output.

Key things it does: - Works as a floating overlay in any Windows app - Built-in AI router (Claude for analysis, GPT-4 for creative, Gemini for research) - Bring your own API keys – no subscription - Supports 11 providers including local Ollama - Learning Mode to actually build prompt skills over time

Built this solo in 4 months. 1,000+ downloads so far. Completely free during beta.

Would love brutal feedback from HN.

Hey HN

I’m one of the founders of DailyStack.

Like many of you, my workday used to start with a "tab crawl." I’d open Gmail, then Outlook for the corporate stuff, then scan Todoist, check the Linear board for dev tickets, and finally peek at Asana for the marketing syncs. By the time I actually knew what my day looked like, I’d already context-switched five times and lost the "deep work" window of my morning.

We built DailyStack to solve this. It’s a single, high-signal brief that aggregates your day before you dive into the noise.

How it works

We currently support Gmail, Google Calendar, Outlook, Todoist, Linear, and Asana. Instead of just giving you a long list of notifications, we pull the "delta" from the last 24 hours:

Email: Highlights threads that actually need a reply vs. newsletters.

Tasks: Correlates what you finished yesterday in Linear/Asana with what’s actually due today in Todoist.

Calendar: A unified view across Google and Outlook so you don't double-book your life.

The "No-Storage" Architecture

We know that asking for access to your email and task managers is a massive request. We decided early on to build this with a zero-persistence mindset for your private content:

Ephemeral Processing: We don't save your email bodies or task descriptions to a database.

On-the-go Summaries: When you request your brief, we fetch the data via OAuth, process the summary in memory, and serve it. We don't "store and mine" your data to build a profile or train models.

Token Security: We only store the encrypted refresh tokens needed to communicate with the APIs.

Why we’re doing this

There have been a hundred "all-in-one" inboxes that failed because they tried to replace the tools themselves. We aren't trying to be a new email client or a new task manager. We just want to be the 5-minute summary you read before you open those tools.

We’d love your brutal feedback:

The Trust Gap: If you see a summary of a Linear ticket or a Gmail thread, do you feel an immediate urge to go verify the "real" version? How can we make the summary feel authoritative enough to trust?

Missing Pieces: What is the one tool that, if missing, makes an aggregator like this useless for you? (We're looking at GitHub and Notion next).

The Workflow: Does a "Morning Brief" actually fit your routine, or do you prefer to live in the raw feeds all day?

We’re pre-revenue and still figuring out the best way to make this indispensable. I’ll be in the comments all day to talk about the ETL challenges, API rate-limiting nightmares, or anything else.

Thanks!

Doodle-style polls block multiple slots in your calendar while you wait for everyone to respond. FindDates takes a different approach: propose one specific time, share a link, the other person accepts or counter-proposes. Only one slot is ever in play at a time.

I'm a marketer, not an engineer. This is the first iOS app I've shipped.

The backstory: I spent three months on research before writing a line of code. Two things had to be true first: the content had to be genuinely different from the wellness space, and the monetization couldn't contradict what the product was trying to do.

On content: I read research on decision fatigue, attentional residue, and the paradox of choice. Most "thought of the day" apps are fortune cookies with better design. I wanted cards that made people sit with something uncomfortable, not cards that made them feel validated. 1,250 cards written and tagged across 12 content buckets before launch.

On monetisation: most wellness apps monetise by maximising session time, which is directly at odds with a mindfulness tool. I landed on charging for what the app actually does. Seven-day trial, then €1.99 a month or €39.99 lifetime. After trial, content progressively blurs rather than hard-bricking.

What it does: One thought per day. A headline (max 10 words) and a body (max 120 words). You Carry it or Let Go. The app asks you to close it. Under two minutes. Cards are selected server-side by a Resonance Loop algorithm. Days 1 to 14 cycle through all 12 buckets. From day 15, selection weights toward buckets the person resonates with based on carry/let-go signals, with 20% exploration to prevent filter bubbles and 10% heat (cards with high community share rates).

Built with Claude Code, as a non-engineer: I knew nothing about Swift, SwiftUI, Firebase, or Cloud Functions when I started. I mean I knew what they were, but not from a code perspective. Built the whole thing with Claude Code as pair programmer.

The unexpected thing: you can ask genuinely stupid questions without fear of judgment. I asked about async/await race conditions four different ways until it clicked. I can now read Cloud Function logs and debug Firestore rules. Not because I studied them, because building the thing forced me to learn and I had a patient collaborator the whole time.

The QA lesson: This is what I would tell anyone using AI-assisted development. The code comes fast. The bugs are subtle.

14 builds before App Store approval. A code review found notifications had silently died after day 7 because the scheduler was never called on app open. A widget timezone mismatch gave US users the wrong card. A reinstall sync bug wiped returning users' history every time. None of these were caught by the AI. All were caught by systematic, edge-case-focused testing.

The underrated skill in AI-assisted development is not better prompting. It is thorough QA.

For a longer read on the research and philosophy behind this: https://onegoodthing.space/blog/the-app-that-asks-you-to-clo...

App Store: https://apps.apple.com/app/one-good-thing/id6759391105

Happy to dig into the algorithm, the SwiftUI patterns, the Cloud Functions architecture, or the Claude Code workflow.