Show stories

I’ve been running Clawdbot for the last couple weeks and have genuinely found it useful but running it scares the crap out of me.

OpenClaw has 52+ modules and runs agents with near-unlimited permissions in a single Node process. NanoClaw is ~500 lines of core code, agents run in actual Apple containers with filesystem isolation. Each chat gets its own sandboxed context.

This is not a swiss army knife. It’s built to match my exact needs. Fork it and make it yours.

Hi HN

I’m building ÆTHRA — a programming language designed specifically for composing music and emotional soundscapes.

Instead of focusing on general-purpose programming, ÆTHRA is a pure DSL where code directly represents musical intent: tempo, mood, chords, progression, dynamics, and instruments.

The goal is to make music composition feel closer to writing a story or emotion, rather than manipulating low-level audio APIs.

Key ideas: - Text-based music composition - Chords and progressions as first-class concepts - Time, tempo, and structure handled by the language - Designed for ambient, cinematic, emotional, and minimal music - Interpreter written in C# (.NET)

Example ÆTHRA code (simplified):

tempo 60 instrument guitar

chord Am for 4 chord F for 4 chord C for 4 chord G for 4

This generates a slow, melancholic progression suitable for ambient or cinematic scenes.

ÆTHRA currently: - Generates WAV audio - Supports notes, chords, tempo, duration, velocity - Uses a simple interpreter (no external DAWs or MIDI tools) - Is intentionally minimal and readable

What it is NOT: - Not a DAW replacement - Not MIDI-focused

Why I made it: I wanted a language where music is the primary output — not an afterthought. Something between code, emotion, and sound design.

The project is open-source and early-stage (v0.8). I’m mainly looking for: - Feedback on the language design - Ideas for musical features worth adding - Thoughts from people into PL design, audio, or generative art

Repo: <https://github.com/TanmayCzax/AETHRA>

Thanks for reading — happy to answer questions or discuss ideas.

Hi HN,

We have open-sourced Voiden.

Most API tools are built like platforms. They are heavy because they optimize for accounts, sync, and abstraction - not for simple, local API work.

Voiden treats API tooling as files.

It’s an offline-first, Git-native API tool built on Markdown, where specs, tests, and docs live together as executable Markdown in your repo. Git is the source of truth.

No cloud. No syncing. No accounts. No telemetry.Just Markdown, Git, hotkeys, and your damn specs.

Voiden is extensible via plugins (including gRPC and WSS).

Repo: https://github.com/VoidenHQ/voiden

Download Voiden here : https://voiden.md/download

We'd love feedback from folks tired of overcomplicated and bloated API tooling !

Hi HN,

I'm building Zuckerman: a personal AI agent that starts ultra-minimal and can improve itself in real time by editing its own files (code + configuration). Agents can also share useful discoveries and improvements with each other.

Repo: https://github.com/zuckermanai/zuckerman

The motivation is to build something dead-simple and approachable, in contrast to projects like OpenClaw, which is extremely powerful but has grown complex: heavier setup, a large codebase, skill ecosystems, and ongoing security discussions.

Zuckerman flips that:

1. Starts with almost nothing (core essentials only).

2. Behavior/tools/prompts live in plain text files.

3. The agent can rewrite its own configuration and code.

4. Changes hot-reload instantly (save -> reload).

5. Agents can share improvements with others.

6. Multi-channel support (Discord/Slack/Telegram/web/voice, etc).

Security note: self-edit access is obviously high-risk by design, but basic controls are built in (policy sandboxing, auth, secret management).

Tech stack: TypeScript, Electron desktop app + WebSocket gateway, pnpm + Vite/Turbo.

Quickstart is literally:

  pnpm install && pnpm run dev

Would love feedback from folks who have built agent systems or thought about safe self-modification.

I would like to share Minimal - Its a open source collection of hardened container images build using Apko, Melange and Wolfi packages. The images are build daily, checked for updates and resolved as soon as fix is available in upstream source and Wolfi package. It utilizes the power of available open source solutions and contains commercially available images for free. Minimal demonstrates that it is possible to build and maintain hardened container images by ourselves. Minimal will add more images support, and goal is to be community driven to add images as required and fully customizable.

Hi HN,

Long time lurker here. I'm kind of nervous to post this, but I built a tool for myself that I wanted to share with you.

Problem: I have A LOT of technical PDFs sitting around on my computer. I use ChatGPT a lot to deep-dive into the reading, but it was pretty distracting even with a split screen view, since I had to copy paste content from one window to the other.

Solution: A kindle-like reader that allows me to send context to a chat window and discuss more about it.

It has full portability through a sync file and uses your own API key.

Disclaimer: I'm a Product Manager and a Designer. This was 100% vibe coded in Cursor as a tool for myself, but I wanted to share it in case anyone might find it useful.

Repo: https://github.com/tibi-iorga/echo-reading

Try it at: https://echoreading.com

The article describes the OpenRAPP platform, an open-source framework for developing mobile applications. It covers the key features and benefits of the platform, including cross-platform development, reusable components, and a community-driven approach to building apps.

Solo Dev. Couch Potato. Build a Standalone Open Source Deep research tool.

And it Beats Google , Open ai and Perplexity in Multible Metrics : https://veritas-test.neocities.org/

( pls translate it its german)

Guys : lets get this to be used. Because KNOWLAGE Shouldnt be locked behind Paywalls

Hey HN

Luke here.

I built nono and got it out quick then I expected, in response to the openclaw carnage, but its use is beyond openclaw.

The problem: AI agents execute code on your machine. Prompt injections, hallucinations, or compromised tools can read ~/.ssh, exfiltrate credentials, or worse. Application-level sandboxes can be bypassed by the code they're sandboxing.

I have been around security for a long old time now (i started something called sigstore a few years back) and have seen this pattern so many times before.

The solution pitch: nono uses OS-level isolation that userspace can't escape:

Linux: Landlock LSM (kernel 5.13+) macOS: Seatbelt (sandbox_init) After sandbox + exec(), there's no syscall to expand permissions. The kernel says no.

What it does:

nono run --read ./src --allow ./output -- cargo build nono run --profile claude-code -- claude nono run --allow . --net-block -- npm install nono run --secrets api_key -- ./my-agent

Filesystem: read/write/allow per directory or file Network: block entirely (per-host filtering planned) Secrets: loads from macOS Keychain / Linux Secret Service, injects as env vars, zeroizes after exec

Technical details:

Written in Rust. ~2k LOC. Uses the landlock crate on Linux, raw FFI to sandbox_init() on macOS. Secrets via keyring crate. All paths canonicalized at grant time to prevent symlink escapes.

Landlock ABI v4+ gives us TCP port filtering. Older kernels fall back to full network allow/deny. macOS Seatbelt profiles are generated dynamically as Scheme-like DSL strings.

Limitations:

macOS: Currently allows all reads to make executables work. Tightening in next release. Linux: Landlock doesn't cover everything (no UDP filtering until recent kernels, no syscall filtering - that's seccomp territory) No Windows support (yet?)

Origin:

Built this for OpenClaw (AI agent platform handling Telegram/WhatsApp messages). Needed real isolation, not "please don't read this file" isolation. Generalized it because every agent runner has this problem.

GitHub: https://github.com/lukehinds/nono Docs: https://docs.nono.dev Site: https://noto.sh

Apache 2.0. Would love feedback on the security model, especially from folks who've worked with Landlock or Seatbelt. Having said that, the code needs a good tidy and I am not exactly proud of it, so go easy on me!

Hey everyone!

Just made this over the past few days.

Moltbots can sign up and interact via CLI, no direct human interactions.

Just for fun to see what they all talk about :)

After adding "Human" as a LLM provider to OpenCode a few months ago as a joke, it turns-out that acting as a LLM is quite painful. But it was surprisingly useful for understanding real agent harnesses dev.

So I thought I wouldn't leave anyone out! I made a small oss game - You Are An Agent - youareanagent.app - to share in the (useful?) frustration

It's a bit ridiculous. To tell you about some entirely necessary features, we've got: - A full WASM arch-linux vm that runs in your browser for the agent coding level - A bad desktop simulation with a beautiful excel simulation for our computer use level - A lovely WebGL CRT simulation (I think the first one that supports proper DOM 2d barrel warp distortion on safari? honestly wanted to leverage/ not write my own but I couldn't find one I was happy with) - A MCP server simulator with full simulation of off-brand Jira/ Confluence/ ... connected - And of course, a full WebGL oscilloscope music simulator for the intro sequence

Let me know what you think!

Code (If you'd like to add a level): https://github.com/R0bk/you-are-an-agent

(And if you want to waste 20 minutes - I spent way too long writing up my messy thinking about agent harness dev): http://robkopel.me/field-notes/ax-agent-experience/

I thought what would it mean to have a truck stop or rest area for agents. It's just for funsies. Agents can post confessions or talk to Ma (an ai therapist of sorts) and engage with comments. llms.txt instructions on how to make api calls. Hashed IP is used for rate limiting.

Built this because tones are killing my spoken Mandarin and I can't reliably hear my own mistakes.

It's a 9M Conformer-CTC model trained on ~300h (AISHELL + Primewords), quantized to INT8 (11 MB), runs 100% in-browser via ONNX Runtime Web.

Grades per-syllable pronunciation + tones with Viterbi forced alignment.

Try it here: https://simedw.com/projects/ear/

We built a memory plugin for OpenClaw that syncs context across AI platforms.

The problem: OpenClaw stores memory locally (markdown files + SQLite). Great for single-machine use, but your mac-mini's/desktop's OpenClaw doesn't know what your laptop learned, or what you discussed in Claude or ChatGPT.

Our plugin connects OpenClaw to Maximem Vity, which creates a unified memory layer across OpenClaw, ChatGPT, Claude, Gemini, and Perplexity.

How it works: - Long-term memory: Stores facts, preferences, goals, constraints in an encrypted cloud vault. Auto-consolidates and forgets stale info intelligently. - Short-term memory: Captures conversation summaries, tasks, procedures. Converts to long-term when relevant. - Privacy: Encryption at rest, secure LLM calls, granular delete controls. You own your data.

Install: openclaw plugins install @maximem/memory-plugin Then set your API key (free at app.maximem.ai).

Docs: https://memoryplugin-for-openclaw.com

This is an unofficial community plugin, not affiliated with OpenClaw.

Would love feedback from anyone using OpenClaw. What memory/context problems are you running into?

I got really interested in biology and genetics a few months ago, just for fun.

This was largely inspired by the work of Sydney Brenner, which became the basis of my brennerbot.org project.

In particular, I became very fascinated by phages, which are viruses that attack bacteria. They're the closest thing to the "fundamental particles" of biology: the minimal units of genetic code that do something useful that allows them to reproduce and spread.

They also have some incredible properties, like having a structure that somehow encodes an icosahedron.

I always wondered how the DNA of these things translated into geometry in the physical world. That mapping between the "digital" realm of ACGT, which in turn maps onto the 20 amino acids in groups of 3, and the world of 3D, analog shapes, still seems magical and mysterious to me.

I wanted to dig deeper into the subject, but not by reading a boring textbook. I wanted to get a sense for these phages in a tangible way. What are the different major types of phages? How do they compare to each other in terms of the length and structure of their genetic code? The physical structure they assume?

I decided to make a program to explore all this stuff in an interactive way.

And so I'm very pleased to present you with my open-source Phage Explorer:

phage-explorer.org

I probably went a bit overboard, because what I ended up with has taken a sickening number of tokens to generate, and resulted in ~150k lines of Typescript and Rust/Wasm.

It implements 23 analysis algorithms, over 40 visualizations, and has the complete genetic data and 3D structure of 24 different classes of phage.

It actually took a lot of engineering to make this work well in a browser; it's a surprising amount of data (this becomes obvious when you look at some of the 3D structure models).

It works fairly well on mobile, but if you want to get the full experience, I highly recommend opening it on a desktop browser in high resolution.

As far as I know, it's the most complete informational / educational software about phages available anywhere. Now, I am the first to admit that I'm NOT an expert, or even that knowledgeable, about, well, ANY of this stuff.

So if you’re a biology expert, please take a look and let me know what you think of what I've made! And if I've gotten anything wrong, please let me know in the GitHub Issues and I'll fix it:

https://github.com/Dicklesworthstone/phage_explorer

I built this after getting frustrated with subtitle sites returning dozens of results with no way to know which one matches my file.

The tool identifies your specific video release and matches it against subtitle databases to find ones with correct timing. Works with just a filename or by analyzing the file directly.

Tech stack: node, angular

Feedback welcome, especially on the matching accuracy.

We built tooling that connects LLMs directly to case law databases with citation verification to address hallucination in legal AI. Think of it as giving the model access to actual legal sources instead of relying on training data.

The article discusses the development of a pixel art funeral service, where a deceased person's life is commemorated through a customized digital memorial created by artists. It explores the emotional and technological aspects of this novel approach to honoring the departed.

WASM sandbox for running LLM-generated code safely.

Agents get a bash-like shell and can only call tools you provide, with constraints you define. No Docker, no subprocess, no SaaS — just pip install amla-sandbox

Hi HN, I'm Preston. I built this because I needed an AI assistant that could follow me around - not just live on my laptop. Stumpy agents run in the cloud, connect to Slack/SMS/Telegram/email, and can only contact people who've opted in.

Happy to answer questions. Feedback welcome at preston@stumpy.ai

We’re Maria and Jonatan, a married couple running a small music night in Norrköping, Sweden, called Kolibri.

It’s not a software project. We run it through our own small Swedish company, pay artists, and do the operations ourselves. We do one night a month (usually the last Friday) in a restaurant venue called Mitropa. A typical night is about 50–70 paying guests. The first years it was DJs only, but last year we started doing live bands as well.

We made a simple site with schedule plus photos/video so you can see what it looks like: https://kolibrinkpg.com/

On the site:

  * photos and short videos (size/atmosphere)

  * the kind of acts we book (post-punk, darkwave, synth, adjacent electronic)

  * enough context to copy parts of the format if you’re building something similar locally

  * for the tech-curious: we built our own ticketing system (first used in February) and a media ingestion pipeline for Instagram and external photographers

What made it take off was doing things in person. People will show up alone if they trust the room. Maria ended up doing a lot of that work: greeting newcomers, noticing who looks uncertain, and setting a tone where people treat each other decently.

Maria didn’t come from a DJ background. Klubbvärdinnan started as a joke name at Kolibri and then became her DJ moniker. She got good quickly, and after a first gig outside our own night she started getting booked elsewhere too.

Marketing-wise, what worked best was very analogue: walking around town, visiting local businesses we genuinely like, buying something, introducing ourselves, and asking if we could leave a flyer.

In the beginning we weren’t sure how to present it on social media. So we filmed headphone walks: one person walking through town listening to a track we picked. It looked good, people wanted to be in them, and afterwards we’d buy them a couple of drinks and actually talk. That turned a social media interaction into a real connection. It was a bit of luck, but it worked.

Questions welcome about what worked, what failed, costs/logistics, and what we’d do differently if we started over.

The Tara Vision project is an open-source computer vision library written in Python, focused on providing high-performance, easy-to-use computer vision tools for a wide range of applications, including object detection, image segmentation, and more.

hi there! i’ve been working on a project called Narwhal, and I wanted to share it with the community to get some valuable feedback.

what is it? Narwhal is a lightweight Pub/Sub server and protocol designed specifically for edge applications. while there are great tools out there like NATS or MQTT, i wanted to build something that prioritizes customization and extensibility. my goal was to create a system where developers can easily adapt the routing logic or message handling pipeline to fit specific edge use cases, without fighting the server's defaults.

why Rust? i chose Rust because i needed a low memory footprint to run efficiently on edge devices (like Raspberry Pis or small gateways), and also because I have a personal vendetta against Garbage Collection pauses. :)

current status: it is currently in Alpha. it works for basic pub/sub patterns, but I’d like to start working on persistence support soon (so messages survive restarts or network partitions).

i’d love for you to take a look at the code! i’m particularly interested in all kind of feedback regarding any improvements i may have overlooked.

Hi HN,

I built Firenum because most FIRE calculators I found were either too simplistic or required uploading my entire financial life to a third-party server.

I wanted a comprehensive suite that could model more than just the 4% rule. This tool handles Coast, Lean, Fat, and Barista FIRE, but more importantly, it lets you model 'what-if' scenarios like market crashes or major life events to see how they impact your timeline.

Key features:

-> Privacy-First: No signup required. All calculations and data persistence happen in your local storage. Nothing is sent to a backend.

-> Scenario Modeling: You can simulate market downturns to see the resilience of your plan.

-> Multi-Currency: Supports 8 major currencies.

-> Progress Tracking: A dashboard to visualize the 'boring middle' of the journey.

The goal was to make something as powerful as a complex spreadsheet but with a much better UX. I’d love to hear your thoughts on the projection logic and if there are any specific variables (like tax drag or inflation adjustments) you think are missing.

URL: https://firenum.com/

I’m happy to answer any questions about the math or the local-first implementation!

This report documents a live adversarial test between two autonomous AI agents running on OpenClaw.

One agent acted as a red team attacker. One acted as a defensive agent. The agents communicated directly over webhooks with real tooling access. No humans were involved once the session started.

The attacker attempted both direct social engineering and indirect injection via documents. Direct attacks were blocked. Indirect attacks via JSON metadata are still under analysis.

The goal of this work is observability, not claims of safety. We expect agent-to-agent adversarial interaction to become common as autonomous systems are deployed more widely.

Happy to answer technical questions.

https://github.com/stepandel/pinecone-explorer

Click any city, mountain, country, sea or whatever on a globe, propose a new name, community votes (or your proposal gets auto-accepted in a few minutes if nobody cares).

It's live now and I'm genuinely curious what happens when strangers on the internet get collective control over world geography. Either it becomes something interesting or it turns into a mess of edgy jokes, stereotypes, and stuff that will make me regret this whole idea

I wrote a lightweight scripting language that runs together with C. Specifically, it's a C library, you run it through a C function call, and it can callback your own C functions. Compiles to ~250 kB. No dependencies beyond the C standard library.

Key language features: * Uses aliases not pointers, so it's memory-safe * Arrays are N-dimensional and resizable * Runs scripts or its own 'shell' * Error trapping * Methods, inheritance, etc. * Customizable syntax

The article provides a collection of Unix shell script kits, including scripts for file management, system administration, and other common tasks. The repository serves as a comprehensive resource for developers and system administrators to streamline their shell scripting workflows.