HackerLangs
TopNewTrendsCommentsPastAskShowJobs

luisfdias

1 karmajoined il y a 3 mois
PMM at hoop.dev (open-source infrastructure access governance)

Submissions

Show HN: Free and open source risk summary for AI sessions made in 5 days

github.com
1 points·by luisfdias·avant-hier·1 comments

Show HN: Open-source control layer for AI safely access production

github.com
2 points·by luisfdias·il y a 2 mois·0 comments

comments

luisfdias
·avant-hier·discuss
Yesterday @andriosr shared Fence, the first side project from the hoop.dev team. Today we're launching the second one: Risk Summary.

This one was born when we were at our offsite. We were talking about problems our customers see that shouldn't live inside hoop.dev but are adjacent to our product and this one was relevant: what's actually in your AI coding session logs? Every paste, config, and stack trace your agent read is sitting in a file on your disk. Our thinking is that nobody wants to open it, but they should have the ability to know.

hoopRS runs one command, and you get your report: Entity types, counts, and severities. But never the values. So you can share the scan without leaking anything.

Currently hoopRS reads Claude Code, Cursor and OpenCode sessions. And it's free. No signup walls, no trials.
luisfdias
·il y a 3 mois·discuss
+1 on vaults. One step further: credentials that never land in the runtime environment at all. App authenticates to a gateway via workload identity, gateway proxies the call, process never sees the secret. Makes env enumeration useless even with valid admin access (I work on an open-source tool in this space, so I'm biased).