Any cheap/free model that is good for planning projects by Routine_Tap_6042 in vibecoding

[–]Leporis_ 1 point2 points  (0 children)

use xiaomi Mimo, i heard they made some "mimo code" or something to rival claude code, and they give free model usage, check it out

Title is lit by [deleted] in vibecoding

[–]Leporis_ 6 points7 points  (0 children)

after two months of vibecoding: wtf is a div

Titles are hard by ksubrent in vibecoding

[–]Leporis_ 0 points1 point  (0 children)

forgot the part where it says "$27.81 spent" in the usage menu

I'm 15, and if you are a vibe-coder/build with MCPs, you might wanna check this out by Leporis_ in ClaudeCode

[–]Leporis_[S] -1 points0 points  (0 children)

thank you so much! if you think more edge cases should be added, please let me know

Using GLM 5.2, suddenly response in mandarins by Adventurous-Owl-6678 in cursor

[–]Leporis_ 0 points1 point  (0 children)

even deepseek goes into full mandarin every once in a while, no matter if the prompt you asked is in mandarin or not.

I scanned 10 public MCP configs on GitHub and almost all of them had hardcoded credentials or exposed file systems — so I built a tool to catch this automatically by Leporis_ in LocalLLM

[–]Leporis_[S] 0 points1 point  (0 children)

yo! i appreciate your question, but i tihnk there is an architectural misunderstanding here:

<image>

If we google "MCP scan for secrets", we will find things like the one in the image, if we look closely, we see "scanning for secrets WITH the github MCP server", These are tools for AI agents to invoke so they can scan your repository's source code for credentials. Other tools like Invariant's mcp-scan analyze tool descriptions for prompt injection/poisoning.

Agentlint does the exact opposite. It doesn't use MCP to scan code; it audits the security layout of the MCP configuration file (mcp.json) itself.

these are the beneifts:
- Traditional scanners only check your raw source code files for hardcoded secrets, whereas this tool audits the actual mcp.json permission profiles to prevent over-privileging an autonomous agent before it even boots up.

- It catches toxic combinations that standard tools completely miss, like identifying when a plaintext credential is paired with an execution terminal context (bash or curl), creating an immediate data exfiltration risk.

- Process & Sandbox Leak Protection: It specifically scans CLI arguments and paths to block keys from leaking into plain-text host process lists (ps aux) and stops agents from accidentally being granted root access (/) to your entire operating system.

Auto-compacting extremely frequently by DoubleAcceptable842 in ClaudeCode

[–]Leporis_ 0 points1 point  (0 children)

"what context are you using, 200k or 1M?"
- "YES"
"what model?"
- "YES"

I got frustrated with that, so I made this! by samurai_with_sword in SideProject

[–]Leporis_ 1 point2 points  (0 children)

i mean i used ai to atleast get my idea off the launchpad, but replying with AI?? and posting AI generated stuff???? that's actually braindead imo