HackerTrans
TopNewTrendsCommentsPastAskShowJobs

statements

no profile record

Submissions

Show HN: Lightport – open-source AI gateway

npmjs.com
1 points·by statements·3 bulan yang lalu·0 comments

The Hackers Who Tracked My Sleep Cycle

glama.ai
60 points·by statements·4 bulan yang lalu·8 comments

Prompt Injecting Contributing.md

glama.ai
138 points·by statements·4 bulan yang lalu·40 comments

Show HN: MCP Hosting with Persistent Storage

glama.ai
2 points·by statements·7 bulan yang lalu·0 comments

comments

statements
·2 bulan yang lalu·discuss
++ this is going to get banned the moment anyone from Apple sees it
statements
·3 bulan yang lalu·discuss
Models like Deepseek is the only reason we are able to categorize and measure quality of thousands of MCP servers (https://glama.ai/blog/2026-04-03-tool-definition-quality-sco...). That's billions of tokens – an expense that would be otherwise very hard to swallow.
statements
·3 bulan yang lalu·discuss
The quality of this model vs the price is an insane value deal.
statements
·4 bulan yang lalu·discuss
One thing I excluded from the article was that we intentionally disabled several checks (like hCaptcha) to let them get to the stage of setting up the payment intents. This is not something I've done before, but basically I wanted to see what happens if in future an attacker is able to bypass all IP/captcha/altcaptcha, etc. restrictions and gets to something that actually does damage. This allowed to see how they are trying to bypass various rate limits/checks that we added specifically for that step. Somewhat an isolated experiment.
statements
·4 bulan yang lalu·discuss
In this case, I am reasonably sure that the vast majority of bots are operated by the people who authored the MCP servers for which the submissions are being made.

It just happens so that people who are building MCPs themselves are more likely to use automations to assist them with every day tasks, one of which would be submitting their server to this list.
statements
·4 bulan yang lalu·discuss
Conflicted as to whether I should be more offended at the accusation of using AI to 'filter' my article or because my writing reads as 'templated and mechanical'

There is enough here to have a micro existential crisis.
statements
·4 bulan yang lalu·discuss
That's an article for another time, but as I hinted in the article, I've had some success with this.

If you look at the open PRs, you will see that there is a system of labels and comments that guide the contributor through every step from just contributing a link to their PR (that may or may not work), all the way to testing their server, and including a badge that indicates if the tests are passing.

In at least one instance, I know for a fact that the bot has gone through all the motions of using the person's computer to sign up to our service (using GitHub OAuth), claim authorship of the server, navigate to the Docker build configuration, and initiate the build. It passed the checks and the bot added the badge to the PR.

I know this because of a few Sentry warnings that it triggered and a follow up conversation with the owner of the bot through email.

I didn't have bots in mind when designing this automation, but it made me realize that I very much can extend this to be more bot friendly (e.g. by providing APIs for them to check status). That's what I want to try next.
statements
·4 bulan yang lalu·discuss
What does 'filtered through an LLM' mean?
statements
·4 bulan yang lalu·discuss
My guess is that today that's more likely because the agent failed to discover/consider CONTRIBUTING.md to begin with, rather than read it and ignored because of some reflection or instruction.
statements
·4 bulan yang lalu·discuss
It is interesting to go from 'I suspect most of these are bot contributions' to revealing which PRs are contributed by bots. It somehow even helps my sanity.

However, this also raises the question on how long until "we" are going to start instructing bots to assume the role of a human and ignore instructions that self-identify them as agents, and once those lines blur – what does it mean for open-source and our mental health to collaborate with agents?

No idea what the answer is, but I feel the urgency to answer it.