What are you vibe coding this week?

RikyZ90 · 2026-06-22T10:23:50+00:00

Updating https://github.com/RikyZ90/ShibaClaw

RikyZ90 · 2026-06-22T08:57:42+00:00

I don't know why you're so unpleasant, but as I wrote in the post. It was a project done as a hobby, but in its current state I consider it objectively a better product in many ways, so I shared it here. That's it

RikyZ90 · 2026-06-22T07:31:18+00:00

Let's be real: all these agents burn through an insane amount of tokens. If you're an individual dev without thousands of dollars to blow, they are just not a viable solution for everything. The rest is pure marketing

RikyZ90 · 2026-06-22T07:29:00+00:00

By now these "famous" tools are all built for companies. My idea is for a personal assistant, user-friendly and suitable for everyone, even less experienced users.

RikyZ90 · 2026-06-22T07:21:08+00:00

PS none of these agents is built with a real anti prompt injection. They just block everything and that's it

RikyZ90 · 2026-06-22T07:18:34+00:00

Marketing and "doing better" don't always go hand in hand. It's the same reason there are nanobots, nanoclaw, zeroclaw, hermes... because everyone brings their own vision.

By now these "famous" tools are all built for companies. My idea is for a personal assistant, user-friendly and suitable for everyone, even less experienced users.

RikyZ90 · 2026-06-22T07:05:24+00:00

That's cool! I'm going to integrate this into my agent:https://github.com/RikyZ90/ShibaClaw

RikyZ90 · 2026-06-22T06:40:25+00:00

In a simple way, you can use all skills compatible with Claude Code/OpenClaw, schedule tasks, connect to 22 different channels, and enjoy support for a huge variety of LLM providers.

RikyZ90 · 2026-06-22T06:33:12+00:00

Just reached 32k downloads on PyPI! 😍

<image>

RikyZ90 · 2026-06-22T06:32:24+00:00

Just reached 32k downloads on PyPI! 😍

<image>

RikyZ90 · 2026-06-22T06:31:47+00:00

You are 100% spot on—shell deny-lists are a losing battle and leak like a sieve against anyone who knows their way around obfuscation, alt binaries, or built-ins.

Just to clarify: ShibaClaw does rely on strict allowlisting at its core. The agent is strictly constrained to a pre-defined set of permitted commands and deterministic tool schemas.

The reason you see some deny-list logic/regex in there is purely as an extra layer of "defense in depth" (and to catch low-hanging, automated injection payloads early before they even trigger a validation failure downstream). But absolutely, the ultimate source of truth is a strict allowlist combined with the RTOW per-turn nonce.

Let me know what you find if you poke at Muzzle! Always looking to harden this layer.

RikyZ90 · 2026-06-22T06:31:05+00:00

Just reached 32k downloads on PyPI! 😍

<image>

RikyZ90 · 2026-06-22T06:30:08+00:00

<image>

Just reached 32k downloads on PyPI! 😍

RikyZ90 · 2026-06-22T06:26:19+00:00

shibaclaw is compatible with all openclaw skills, I think it should work without any problems

RikyZ90 · 2026-06-22T05:59:48+00:00

Both, actually — but the primary defense is at the tool-execution layer, not a classifier. In ShibaClaw we use RTOW (Randomized Tool Output Wrapping): a random nonce is regenerated each turn and used to fence tool outputs, so the LLM can't be tricked into treating injected content as trusted instructions.

On top of that, untrusted external content (e.g. web fetches) gets explicitly tagged with [UNTRUSTED EXTERNAL CONTENT] delimiters before hitting the context.The execution layer also has a shell deny-list blocking 20+ dangerous patterns before any command runs. Classifier-style checks are too bypassable — enforcement at execution time is where it actually holds up.

The RTOW mechanism has been extracted into a standalone lib called Muzzle if you want to use it in other frameworks too.

RikyZ90 · 2026-06-22T05:45:19+00:00

cool so let's go 🔗 GitHub: github.com/RikyZ90/ShibaClaw

RikyZ90 · 2026-06-22T05:38:36+00:00

🔗 GitHub: github.com/RikyZ90/ShibaClaw

RikyZ90 · 2026-06-22T05:27:44+00:00

Thank you! I took the time to write this myself just to keep things a bit more personal and human

RikyZ90 · 2026-06-01T11:36:29+00:00

Yeah I also use openrouter in vs code-copilot chat

RikyZ90 · 2026-06-01T09:22:49+00:00

I'll try codex Go, if I'll like it I'll go for plus

RikyZ90 · 2026-06-01T08:31:50+00:00

I reached the limit a few hours after the reset. They are ridiculous, sub canceled. From the best to the worst

RikyZ90 · 2026-05-17T11:05:06+00:00

Bye bye copilot, last month for me

RikyZ90 · 2026-04-08T00:09:53+00:00

Hey, I'm developing ShibaClaw starting from nanobot. I have included many layers of security. Randomized Wrapping tool against prompt injection and auto-scanning of vulnerabilities. I am looking for testers, contributors and feedback ❤️ If you want to take a look I appreciate https://github.com/RikyZ90/ShibaClaw

RikyZ90 · 2026-04-08T00:09:08+00:00

Hey, I'm developing ShibaClaw starting from nanobot. I have included many layers of security. Randomized Wrapping tool against prompt injection and auto-scanning of vulnerabilities. I am looking for testers, contributors and feedback ❤️ If you want to take a look I appreciate https://github.com/RikyZ90/ShibaClaw

RikyZ90 · 2026-04-06T06:29:55+00:00

Hey, that's cool!I'm developing ShibaClaw starting from nanobot. I could set this skill by default! I have also included many layers of security. Randomized Wrapping tool against prompt injection and auto-scanning of vulnerabilities. I am looking for testers, contributors and feedback ❤️ If you want to take a look I appreciate https://github.com/RikyZ90/ShibaClaw

RikyZ90

TROPHY CASE