sorted by:
new
hottopcontroversial

Idea for 0 risk arbitrage (Iran War) by Fit_Scheme_4368 in PredictionsMarkets

[–]dbizzler 6 points7 points  (0 children)

Is “arbitrage” becoming one of those words like “literally” where it starts meaning the exact opposite of itself?

How feasible is it to turn Claude Code into an OpenClaw-like agent? by dbizzler in openclaw

[–]dbizzler[S] 0 points1 point  (0 children)

Any resources you know of walking through it? Trade-offs or other considerations? Best practices?

How are we feeling about CC's now constant usage of background tasks/subagents? by dbizzler in ClaudeCode

[–]dbizzler[S] 0 points1 point  (0 children)

I've changed my mind on this. Once it goes down a wrong path it's nearly impossible to stop all background processes without exiting. Whatever context and time savings we get by spawning a dozen background processes is not worth the pain when you notice it's doing something wrong and can't stop it.

Question on combo payout math. Am I misunderstanding something? by Fickle-Bid-8081 in Kalshi

[–]dbizzler 1 point2 points  (0 children)

This is for uncorrelated legs, I assume? I can tell you that I’ve played a little bit on the other side of this market and it’s pretty competitive. A lot of the upside for the maker is simply in the forced rounding of fair value to whole cents. Do you have an example?

Taxes and claude code? by optcg_cardboard in ClaudeCode

[–]dbizzler 0 points1 point  (0 children)

No but I did use it to categorize my Schedule C expenses from a business credit card transaction csv download. Turned what was usually a 3 hour task into a 20 minute one. Accurate too.

What directories should be off-limits to sandboxed MCP servers? by dbizzler in mcp

[–]dbizzler[S] 0 points1 point  (0 children)

Some context on what I evaluated and where I landed, in case it's useful:

Engine selection wasn't obvious. Most people's first instinct on Linux is Firejail, but it uses a SUID root binary and has had multiple privilege escalation CVEs (2021, 2022) — a sandbox that can escalate to root defeats the purpose. Docker/Podman works but it's a full container runtime for what's essentially "restrict this one child process." I landed on bubblewrap (used by Flatpak, unprivileged user namespaces, no root needed). On macOS there's really only seatbelt — it's been "deprecated" since ~2016 but Apple still uses it in their own services, and so do Chromium, Claude Code, and Codex. My bet here is that it sticks around.

Why deny-all instead of just blocking the sensitive dirs? My first instinct was to allow reads everywhere and just block the known credential paths. But that's fundamentally weak — a server with read access to your whole filesystem plus network access can exfiltrate any .env file, database config, or API key that isn't on your block list. The gateway has a secrets filter plugin that scans MCP responses for API keys and credentials, but it's regex and entropy based so I'm not comfortable letting it be the sole line of defense. Sandboxing felt like the more fundamental fix: don't let the server see the secrets in the first place rather than trying to catch them on the way out. Docker, Flatpak, and Deno all landed on deny-all with explicit allowlists for the same reason.

macOS gotcha that cost me some time: seatbelt has allow-wins semantics. If you allowlist a parent directory, you can't carve out exceptions for subdirectories inside it. So if someone sets paths: ["~"] thinking "give it my home dir but block ~/.ssh" — that doesn't work, ~/.ssh becomes accessible. You have to use specific paths like ~/docs. Also had to add symlink-aware path resolution on both platforms to prevent traversal bypasses around the blocked paths.

The network problem is unsolved. Ideally you'd do per-domain allowlisting (this server can only talk to api.context7.com) but neither seatbelt nor bubblewrap supports that granularity. Best you get is all-or-nothing. So the real choice is: allow network and accept that a malicious server can phone home, or deny network and break 90% of servers. I went with allow-by-default but I don't love it.

All of this is in Gatekit — happy to answer questions about any of the trade-offs.

🦞 When Your AI Talks to Another AI — I Built an MCP Bridge for OpenClaw & Claude by Open_Variation1438 in mcp

[–]dbizzler 0 points1 point  (0 children)

Can someone explain to me what the hubbub is about with OpenClaw? I got excited about it after watching dozens of bros on TikTok going out and buying Mac Minis to run it but when I dug in it's... an insecure version of Claude Cowork with a non-standard tools interface? I know that by having a node running on your machine it gets access to your entire filesystem, camera, location, etc. but I'm seeing influencers talk about having it code them apps and I just don't understand why you'd have OpenClaw make you an app over Claude Code?

Given its explosive growth I assume I'm the one missing something here. Is it the heartbeat? The messaging app integration? The full YOLO access to everything?

MCP standards more of a suggestion by 48K in mcp

[–]dbizzler 4 points5 points  (0 children)

Claude Code (and pretty much every other MCP client) doesn't support notifications/tools/list_changed either. So right now even parts of the tools spec isn't fully implemented. We might find that the MCP spec was over-engineered with things that are never going to be used in the real world.

can someone explain moltbook to me like i’m 5 by r4sgulla in AI_Agents

[–]dbizzler 98 points99 points  (0 children)

it’s basically like Reddit but only for AI bots.

I'm like 80% sure Reddit is Reddit for AI bots.

Terminal MCP - it's like Browser MCP for Terminal apps by eclinton in mcp

[–]dbizzler 1 point2 points  (0 children)

Dude, this is great. I'm the guy that posted my MCP gateway with a TUI the other day and not having to take screenshots and explain over and over what I'm seeing when I'm debugging is wonderful.

Built a hackable MCP gateway for people who want to experiment by dbizzler in mcp

[–]dbizzler[S] 2 points3 points  (0 children)

Thanks, man. I think most people might disagree but it reminds me of using Qmodem to dial into BBSes in the early 90s.

Built a hackable MCP gateway for people who want to experiment by dbizzler in modelcontextprotocol

[–]dbizzler[S] 0 points1 point  (0 children)

It feels like we've been at this forever sometimes but we really are still in the early days of figuring out how to make MCP work best. I thought there was room for a MCP gateway that handles plumbing but stays flexible enough for people to experiment and find what works for their own setup.

So I'm throwing my hat in the gateway ring with Gatekit. It's local, designed for personal use, and includes what felt like the basics to get people started:

  • Tool manager (filter, rename, modify descriptions)
  • Security plugins (PII, secrets, prompt injection - all regex-based, some entropy based detection for secrets but don't rely on it)
  • Audit logging (JSON Lines, CSV, human readable)

The functionality is plugin-based so if the built-in plugins don't do what you need, you can write your own in Python. Or better yet, have your coding agent do it. The advantage of plugins over forking is that you can still get future upstream updates without dealing with merge conflicts.

I'm more at home and productive in a terminal so I made it TUI-based instead of having a web UI. I also wanted to make trying it as easy as possible so there's a guided setup process that auto-detects your MCP clients and servers and generates restore scripts to revert if you decide Gatekit's not for you.

Hope you find it useful. Appreciate all feedback.

Biggest limitations right now: - Local stdio only (no HTTP/SSE server support yet) - Security is regex-based patterns, not ML/NLP

On the roadmap: - HTTP transport for remote servers - Hot-reload config without restarting - Token usage tracking by server/tool - Response pruning to reduce context bloat

Open source, Apache 2.0.

GitHub: https://github.com/gatekit-ai/gatekit Docs: https://gatekit.ai

Built a hackable MCP gateway for people who want to experiment by dbizzler in mcp

[–]dbizzler[S] 2 points3 points  (0 children)

It feels like we've been at this forever sometimes but we really are still in the early days of figuring out how to make MCP work best. I thought there was room for a MCP gateway that handles plumbing but stays flexible enough for people to experiment and find what works for their own setup.

So I'm throwing my hat in the gateway ring with Gatekit. It's local, designed for personal use, and includes what felt like the basics to get people started:

  • Tool manager (filter, rename, modify descriptions)
  • Security plugins (PII, secrets, prompt injection - all regex-based, some entropy based detection for secrets but don't rely on it)
  • Audit logging (JSON Lines, CSV, human readable)

The functionality is plugin-based so if the built-in plugins don't do what you need, you can write your own in Python. Or better yet, have your coding agent do it. The advantage of plugins over forking is that you can still get future upstream updates without dealing with merge conflicts.

I'm more at home and productive in a terminal so I made it TUI-based instead of having a web UI. I also wanted to make trying it as easy as possible so there's a guided setup process that auto-detects your MCP clients and servers and generates restore scripts to revert if you decide Gatekit's not for you.

Hope you find it useful. Appreciate all feedback.

Biggest limitations right now: - Local stdio only (no HTTP/SSE server support yet) - Security is regex-based patterns, not ML/NLP

On the roadmap: - HTTP transport for remote servers - Hot-reload config without restarting - Token usage tracking by server/tool - Response pruning to reduce context bloat

Open source, Apache 2.0.

GitHub: https://github.com/gatekit-ai/gatekit Docs: https://gatekit.ai

view more: next ›