HackerTrans
TopNewTrendsCommentsPastAskShowJobs

amaldavid

39 karmajoined 9 वर्ष पहले

Submissions

Show HN: Pagecast – Publish Markdown/HTML Reports to Cloudflare Pages

github.com
54 points·by amaldavid·23 दिन पहले·13 comments

What TTS Throws Away

amaldavid.com
4 points·by amaldavid·पिछला माह·0 comments

Show HN: Terminal Arcade – Side quests when agents are cooking

twitter.com
5 points·by amaldavid·2 माह पहले·1 comments

Show HN: A bilingual guide to Thaayam, a Tamil board game

amal-david.github.io
11 points·by amaldavid·3 माह पहले·2 comments

Show HN: KeyLeak Detector – Scan websites for exposed API keys and secrets

github.com
30 points·by amaldavid·8 माह पहले·7 comments

comments

amaldavid
·3 दिन पहले·discuss
Been through the exact same issues and built a publishing workflow over cloudflare a few weeks back and did decent reception from HN as well

you can check it out here: https://github.com/Amal-David/pagecast
amaldavid
·3 दिन पहले·discuss
I had built something similar over cloudflare and primarily agent first

you can check it out here: https://github.com/Amal-David/pagecast
amaldavid
·19 दिन पहले·discuss
When you re-sync a URL, the slug's staged content is deleted and rewritten, not versioned as of now
amaldavid
·19 दिन पहले·discuss
This is quite interesting, let me ponder over this a bit. I think I can expose an MCP and also make the admin to be hosted directly in cloudflare workers/pages and make it a remote MCP.

Will need to handle auth though since the dashboard will be public.
amaldavid
·19 दिन पहले·discuss
Have added password support now
amaldavid
·22 दिन पहले·discuss
Thanks for the unfiltered feedback!

Yes, the readme and no screenshot was something that I meant to cleanup and add and are already live now.

Agent reports vs small static sites -> It was supposed to mean markdown files as plans gets shared between teams which is what CC mentioned as agent reports.

Yes, code is definitely cheap. Built it as an utility for myself and dogfooding it with my team. Had put it out with the thought that others might find it useful.

Point in time, a lot of it is available vanilla with cloudflare cli but natively enabling passwords, private team dashboard are something that am considering. Passwords are already live as we speak.

Will improve this as i get more feedback and time to spend on this.
amaldavid
·22 दिन पहले·discuss
publishing workflow yes, i wanted to have a way to manage published urls and update existing urls with a small dashboard as well since we end up doing it repeatedly.
amaldavid
·22 दिन पहले·discuss
yes, it is possible. Will be adding that and full website above <25mb publishing also soon
amaldavid
·2 माह पहले·discuss
Just noticing this, i have covered all the rules in the guide. It's not as complicated as Mahjong. Much simpler and as mentioned earlier it is regional to south India
amaldavid
·8 माह पहले·discuss
Gitleaks is too good to be compared to this, the only areas where keyleak is comparable is it does runtime detection where sometimes your build process injects secrets via env vars into the bundle or any of your responses expose a config file or secrets.
amaldavid
·8 माह पहले·discuss
Yep, Github does a wonderful job flagging secrets most times but irrespective of that this is happening in some sites. This was built out of personal curiosity and I had put it out for public because I myself was not aware if this will be actually useful and if so in what form. People do YOLO to prod, we have more kids building AI wrappers than I can count, and somewhere in that chaos secrets slip through the cracks.

Ideally I would have loved this to be a chrome plugin or part of the CI/CD pipeline or put it out as an adversary agent for all of these new vibe coded apps but don't think I'm that vested into the idea yet. Thanks for being gentle :)
amaldavid
·8 माह पहले·discuss
Well, when i meant "personally" not in the app I manage. I have a quirk of checking sites to understand what they are using and how they are using and have stumbled upon sites with exposed Gemini, Google Maps, OpenAI keys etc.

https://news.ycombinator.com/item?id=45741569 - It was also partly inspired by this as I have seen legacy sites making these mistakes quite often.

With all the vibe coded apps that are getting launched or were launched early, there are enough holes to plug. This is just an attempt to help individuals or orgs to ensure they are not exposed. Just pushed it out what I had in mind based on my experience.

And I agree with you that an adversary approach won't work if we can't fix the underlying problem but the world has changed with enough vibe coded apps that are getting shipped everyday and very little of them care or know about security.