HackerTrans
TopNewTrendsCommentsPastAskShowJobs

hammer32

no profile record

Submissions

Show HN: MacMind – A transformer neural network in HyperCard on a 1989 Macintosh

github.com
159 points·by hammer32·3 months ago·42 comments

Show HN: AgentBridge – Let AI agents control Classic Mac OS thru a shared folder

github.com
3 points·by hammer32·4 months ago·2 comments

Show HN: Agent Gate – Execution authority for AI agents, vault-backed rollback

github.com
1 points·by hammer32·5 months ago·1 comments

comments

hammer32
·3 months ago·discuss
The training loop is heavy on floating-point math and string parsing, so it should exercise the JIT nicely. I'd love to hear how it performs!
hammer32
·3 months ago·discuss
Thanks! The precision was a happy surprises, HyperTalk uses Apple's SANE library, which gives you 80-bit extended precision. The interpreter speed and the lack of arrays were a challenge. Rediscovering what HyperCard could do was half the fun of this project.
hammer32
·3 months ago·discuss
Building this definitely felt like constructing a lightsaber from spare parts: slow, deliberate, but it works and you understand every piece of it.
hammer32
·3 months ago·discuss
HyperTalk is an interpreted scripting language. The scripts are stored as plain text inside the stack and interpreted at runtime. It's kind of like a Visual Basic form where the UI and the code live in the same file. You can open any script, read it, edit it and immediately run the newly edited script.
hammer32
·3 months ago·discuss
The stack is the code. You can view it directly for each button or examine the per-page script. As far as I know there isn't a compiler that lets you write standalone code and turn it into a stack. The stacks are dropped into Disk Copy disk images to preserve their resource forks. Both modern macOS and Git both strip resource forks, so the disk image is the only reliable container for distribution.
hammer32
·3 months ago·discuss
Exactly. Working in a constrained environment invites innovation.
hammer32
·3 months ago·discuss
Thank you! The constraints made it interesting. HyperCard doesn't have arrays, so the entire model, weights, activations, gradients, is stored as strings in hidden fields. All of the matrix math is done with "item i of field".
hammer32
·3 months ago·discuss
Yup, that would have been easier. It's been decades since I've done anything with HyperCard. I had to re-take the built-in intro course again :)
hammer32
·3 months ago·discuss
More of a copy-paste process. The scripts are written as .txt files in Nova on my Mac Studio, then pasted one at a time into HyperCard's script editor on the classic Mac. The files are kept separate because SimpleText has a 32 KB text limit.
hammer32
·3 months ago·discuss
Thanks! The quickest way to try it is the HyperCard Simulator link someone just posted in this thread: https://hcsimulator.com/imports/MacMind---Trained-69E0132C — go to the Inference card, click New Random to fill in 8 digits, then click Permute. The model predicts the bit-reversed permutation of all 8 positions. The pre-trained stack gets all inputs correct.
hammer32
·3 months ago·discuss
I had no idea your simulator existed. No XCMDs, correct; everything is pure HyperTalk. I just ran a few training steps and they complete in a second or two. Thank you for importing it!
hammer32
·3 months ago·discuss
Right? Backprop was published in 1986, a year before HyperCard shipped. Attention is newer, but a small model like this was buildable.
hammer32
·4 months ago·discuss
I built a system that lets AI agents (like Claude) interact with Classic Mac OS System 7 through OS 9 on real hardware and emulators.

The architecture is simple: AgentBridge is a native Mac app that polls an inbox folder for text-file commands, executes them via the Mac Toolbox, and writes responses to an outbox folder. An MCP server on the modern side reads and writes those files. The shared folder can be a NAS, an emulator's host directory, or anything else both sides can access.

No SSH. No screen capture. No input injection at the host level. No system extensions or modifications. AgentBridge is just a regular Mac application, the only interface between the AI and the Mac is a folder full of text files.

The protocol is intentionally minimal: line-oriented key-value pairs, CR line endings, MacRoman encoding, parseable in ~50 lines of C with zero dynamic memory allocation. Commands cover window enumeration, app launching, menu selection, mouse/keyboard input, clipboard access, file browsing, and process listing.

The whole pipeline is verified working end-to-end: Claude Desktop -> MCP server -> Synology NAS -> AgentBridge on a Mac -> launches AppleWorks and types into a document.

Some fun bugs I hit along the way: a short overflow that silently prevented the text buffer from ever being populated (the 32KB max message size overflowed a 16-bit signed parameter to -32768, causing an early return), and PostEvent delivering keyboard events to AgentBridge's own event queue instead of the frontmost app under cooperative multitasking.

Built with Retro68 (GCC cross-compiler for 68k/PPC Macs). The MCP server is GPLv3 TypeScript; the Mac app is closed-source with pre-built binaries available. The protocol itself is open for anyone to implement.
hammer32
·5 months ago·discuss
AI agents (Claude Code, LangChain, CrewAI, MCP) all follow the same pattern: agent outputs a structured tool call, client code executes it. That gap between proposed and executed is a natural interception point, and almost nobody is building the control layer that sits in it.

Content guardrails (NeMo, LlamaGuard) control what models say, not what agents do. Agent sandboxes scope directories but don't back anything up. Checkpoint tools provide rollback, but the agent can delete the checkpoints. OPA evaluates policy in microseconds, but nobody has bridged it to AI agent frameworks yet.

Agent Gate sits in that gap. It classifies tool calls against pre-computed policy, enforces directory boundaries, and vault-backs every destructive target to an agent-unreachable location before the action proceeds. If the backup fails, the action is blocked.

Live tested with Claude Code in fully autonomous mode via PreToolUse hooks. 18/18 tests passing. The vault creates per-operation timestamped snapshots, so multiple overwrites of the same file produce separate recovery points.

Background: I spent years in nuclear command and control where Permissive Action Links verified authorization, not judgment, before any action could proceed. Same architectural principle applied here.

Honest about the limitations: the bash parser is naive, shell expansion isn't evaluated, and this is a safety net for well-intentioned agents, not a security boundary against adversarial escape. More detail in the README.

Python, YAML policy definitions, Apache 2.0. Roadmap includes MCP proxy integration and OPA/Rego support.

Happy to answer questions about the architecture.