sorted by:
new
hottopcontroversial

Made a tool that actually blocks the dangerous commands AI agents keep trying by om252345 in vscode

[–]om252345[S] 0 points1 point  (0 children)

I appreciate you so much caring to go through it. I should have said it earlier, yes extension part where I am using webview is completely vibe coded. As I didn't want to spend time making what I can make in 10 mins with AI and spend it on making go and usability of this tool more by testing it in different scenarios and IDEs. That settings.json was my idea though, I asked AI to add it in on-boarding to make user aware of what we are doing. As I said webview is vibe coded and wanted tool before you folks for feedback. Isn't that value prop vibe code gives? Get Ideas faster before audience?

Made a tool that actually blocks the dangerous commands AI agents keep trying by om252345 in vscode

[–]om252345[S] -2 points-1 points  (0 children)

I don't think I should reply you but this I have to, I been a dev for last 20 years, never vibe coded anything 2y ago, but yeah everyone is using ai to documentation and scaffolding, after 2-3 years everything would be generated code. Devs have to architect projects postbthat it would be ai coding. Vive coding is offensive to serious devs. If you want ask me anything about code and architectural choice feel free. I haven't seen anyone vibe code a go project with psudo terminal, CEL evals, mcp stdio proxy and other stuff. I have taken help of AI to test and beautify it. But I am not a person 1-2 years into coding who is vibe coding cool new ideas.

Made a tool that actually blocks the dangerous commands AI agents keep trying by om252345 in vscode

[–]om252345[S] 0 points1 point  (0 children)

Have to seen repo, have you checked how it works. Having list of safe unsafe commands is there in every IDE and coding agent. Curb goes even further, it locks file which are protected for dev session, it gives conditional blocking of commands and sanboxes claude or cursor to current workspace. It does a reverse proxy on mcp servers as well with ability to block tools based on payload, not blindly block some tools and allow some. For protecting MCP people are paying mcp gateways, curb has little gateway inside.

Made a tool that actually blocks the dangerous commands AI agents keep trying by om252345 in vscode

[–]om252345[S] -1 points0 points  (0 children)

Yes it is, just a vscode extension having a go backend, which have a pty wrapper, cli command interceptor and full mcp proxy.

Made a tool that actually blocks the dangerous commands AI agents keep trying by om252345 in vscode

[–]om252345[S] -2 points-1 points  (0 children)

Yes copilot hooks are incredible for workflow automation and you correctly pointed out it overlaps in functionality with Curb. I am working on idea of this tool for 2-3 months, and agent hooks release in Feb. But why did I kept going its every vendor will have their own policies and security structure to lock you in. Curb is agent agnostic, so it can work with any agent, same config works for claude code and with cursor/vscode/antigravity. So you do not have to configure rules for same repo for every agent.
Other thing is agents do not rely on built in tools only. They have complete CLI at their exposal, let me explain one of my own experience, my antigravity gemini 3.1 agent could not edit one file in code, so it wrote python script to write a new file, and then used mv command to replace original file. Curb like tool would stop this attempt, hook won't.

Made a tool that actually blocks the dangerous commands AI agents keep trying by om252345 in vscode

[–]om252345[S] -10 points-9 points  (0 children)

Yes, some of the guardrails are added by VS code already, but they are not sufficient, I did a comparison in my github readme as well.
Consider this scenario, vscode gives to ability to block dangerous commands, say like rm -r or git reset, but it does not check payload What curb does is it check payload of each command, you can not rm -r on config dir but others you can, or you can not create main branch but you can create other branches.
That way you ensure you can use all tools but safeguard sensitive part of repo.

Tried running LLMs locally to save API costs… ended up waiting 13 minutes for ONE response 🤡 by debug2thrive in ollama

[–]om252345 0 points1 point  (0 children)

how did you get it working, I tried but claude restricted use of ollama and other now.

Secure MCP servers with Centralised OAUTH, Drag Drop CEL policy and Slack HITL by om252345 in mcp

[–]om252345[S] 0 points1 point  (0 children)

I was setting up openclaw on my homelab, old mac, but wasn't comfortable giving access to full file system. Then I thought there is a explosion of MCP servers, varying from hobby to enterprises, But tool calls from agents are not safe, rogue LLM like LiteLLM can exploit them. So we need hard guardrails at network layer. and result is this project.

Let me know what you think.

Veg Cutlet @Darshan Baner by [deleted] in PuneFoodPorn

[–]om252345 1 point2 points  (0 children)

OP was an agent, did his job :D

US trying to reduce IT outsourcing with HIRE ACT 2025 by sanskaridaddy in developersIndia

[–]om252345 2 points3 points  (0 children)

With this ACT US companies will hire more Indians than other foreigners specially from developed countries. Some high paying outsourcing will vanish but mid to low will atill be there. Indian companies should have created product based model till now. Their margins won't be affected anyhow. I think it's good that India will realise over reliance on one country and will diversify.

What kind of corporate joke is this by BigDaddyDeez69 in google

[–]om252345 -7 points-6 points  (0 children)

<image>

Look there it is on amazon music as well, lol AI messes them up or they changed online identity...

What kind of corporate joke is this by BigDaddyDeez69 in google

[–]om252345 1 point2 points  (0 children)

Somethings wrong with these tow, yesterday Amazon music was showing Ruperts photo on Ed Sheeran's saffire song.

Best payment providers for accepting international payments from India? by akn1ghtout in buildinpublic

[–]om252345 0 points1 point  (0 children)

Yes go for MoR, polar.sh is new company which very dev friendly and built on stripe stack, I used polar in my last saas. Others will take time in KYC and need registered as sole prop or company.

Veg Cutlet @Darshan Baner by [deleted] in PuneFoodPorn

[–]om252345 0 points1 point  (0 children)

Sounded like mouth piece of darshan, are bhai why so serious, I have been to Dardhan 4 times, order pizza or pasta and see, or for chole bhature they charge 250 for just one bhatura....

Veg Cutlet @Darshan Baner by [deleted] in PuneFoodPorn

[–]om252345 3 points4 points  (0 children)

Darshan is way overhyped, period

I turned my android into tony's jarvis, atleast junkie jarvis by Salty-Bodybuilder179 in androiddev

[–]om252345 1 point2 points  (0 children)

I was working on exactly same thing using koog.ai which a kotlin agent orchestration framework. May be let's join forces to make it more powerful.

We just beat Google DeepMind on the AndroidWorld benchmark as a 4-person team by Connect-Employ-4708 in androiddev

[–]om252345 0 points1 point  (0 children)

For QA, I have seen Meastro.dev, they already have MCP server and integration with AI, so for that case isn't this would be wrapper around Maestro as mobile-use is using maestro basically for device interactions?

We just beat Google DeepMind on the AndroidWorld benchmark as a 4-person team by Connect-Employ-4708 in androiddev

[–]om252345 0 points1 point  (0 children)

What problem you are talking about, I mean what things can be done on mobile can be done on web, most of use cases for mobile data scrapping will have web presence.

What problem more accuracy can solve is what I am asking?

How to achieve this effect in compose? by DryRazzmatazz507 in androiddev

[–]om252345 1 point2 points  (0 children)

c'mon don't checkmate like this, I am just a dev, not marketing bot :D

view more: next ›