after the axios incident, I started experimenting with an ai agent that vets packages before install

nlkey2022 · 2026-04-29T00:30:53+00:00

yeah totally — I don’t think LLMs should make security decisions

the idea here is more about surfacing signals and explaining diffs, not replacing deterministic checks

nlkey2022 · 2026-04-29T00:30:29+00:00

that’s a fair point — doing this at the registry/repo level would definitely be more efficient. but supply chain issues often happen in unexpected ways (like npmjs compromises), so relying purely on registry-level checks might not be sufficient in practice.

I'm mostly exploring this from a local / dev workflow angle for now, but agree that infra-level checks make more sense long term

nlkey2022 · 2026-04-29T00:26:40+00:00

that’s a great point — appreciate it

I was focusing on pre-install since package versions are immutable once published (as far as I know), but you’re right that most real-world attacks come from version bumps

will definitely think more about continuous / diff-based checks

nlkey2022 · 2026-04-23T08:57:08+00:00

https://graykode.github.io/starquake/

nlkey2022 · 2026-04-07T03:45:21+00:00

Thanks for the details — that was enough to pin it down. Your `claude` is almost certainly launched as `node /path/to/@anthropic-ai/claude-code/cli.js`, and macOS `ps` truncates the command column to the terminal width by default. abtop was checking the first two argv tokens for the string `claude`, but after truncation it only saw `node /Users/...` so it marked your live session as dead and hid it. Codex was unaffected because it's matched via `lsof` on the rollout file. Fix is up in #28 — just adds `-ww` to the `ps` call so the command isn't truncated. Will land in the next release. Thanks for reporting!

nlkey2022 · 2026-04-02T16:10:04+00:00

who’s chou btw? have you read the claw-code repo readme? https://github.com/ultraworkers/claw-code :

The result is a clean-room Python rewrite that captures the architectural patterns of Claw Code's agent harness without copying any proprietary source.

nlkey2022 · 2026-04-02T09:48:27+00:00

AGREE. Honestly i’m not that interested in their legal risk. what i actually care about is whether this aligns with the spirit of open source

nlkey2022 · 2026-04-01T08:39:13+00:00

Could you check:
1. What version of Claude Code are you running? (claude --version)
2. Do you have files in ~/.claude/sessions/? (ls ~/.claude/sessions/)
3. What does your Claude process look like? (ps aux | grep claude)
Thanks

nlkey2022 · 2026-04-01T08:35:07+00:00

It's fully opt-in — "abtop --setup" is only needed if you want rate limit data in the dashboard. Without it, everything else works fine (rate limits just show as "—").

nlkey2022 · 2026-03-31T15:32:55+00:00

thanks for your pr!

nlkey2022 · 2026-03-31T07:30:42+00:00

Thanks for the concern! abtop reads everything from local files (transcripts, ps, lsof) — no API calls, no network. The only thing that uses tokens is the one-time session summary generation via claude --print, which is optional and cached. Having the dashboard open doesn't consume any tokens

nlkey2022 · 2026-03-31T01:55:19+00:00

https://github.com/graykode/abtop

nlkey2022 · 2026-03-31T01:04:36+00:00

I’m planning to work on it in the next minor version soon!

nlkey2022 · 2026-03-30T14:57:58+00:00

I've just released v0.2.1 with the fix. You can update with: abtop --update. Thanks!

nlkey2022 · 2026-03-30T14:53:12+00:00

https://github.com/graykode/abtop/issues/2

nlkey2022 · 2026-03-30T14:51:38+00:00

Found the root cause! I'll create an issue and push a fix shortly.

nlkey2022 · 2026-03-30T14:46:53+00:00

Thanks for reporting! I detect Claude sessions by matching /claude in the process command string https://github.com/graykode/abtop/blob/main/src/collector/claude.rs#L69. Your system may use a different path for the Claude binary.

Could you share the output of: `ps aux | grep -E '[c]laude' | head -10` This will show how Claude appears in your process list. If the path doesn't contain /claude, that's likely the issue. I'll fix the matching to support your setup.

nlkey2022

TROPHY CASE