HackerTrans
TopNewTrendsCommentsPastAskShowJobs

jacobgadek

no profile record

Submissions

[untitled]

1 points·by jacobgadek·3 mesi fa·0 comments

Show HN: Lurnna – AI daily briefing that replaces your analytics dashboard

lurnna.com
3 points·by jacobgadek·5 mesi fa·1 comments

Show HN: A whitepaper on runtime governance for autonomous AI systems

vallignus.com
1 points·by jacobgadek·5 mesi fa·1 comments

[untitled]

1 points·by jacobgadek·6 mesi fa·0 comments

[untitled]

1 points·by jacobgadek·6 mesi fa·0 comments

[untitled]

1 points·by jacobgadek·6 mesi fa·0 comments

Show HN: Romek – CLI to inject local Chrome cookies into headless Playwright

github.com
1 points·by jacobgadek·6 mesi fa·1 comments

Romek – One command to give AI agents your Chrome sessions

github.com
1 points·by jacobgadek·6 mesi fa·1 comments

[untitled]

1 points·by jacobgadek·6 mesi fa·0 comments

Show HN: AgentAuth – open-source identity management for AI agents

github.com
1 points·by jacobgadek·6 mesi fa·1 comments

comments

jacobgadek
·5 mesi fa·discuss
Hey HN. I'm a solo dev who could never figure out what to actually do with my analytics data. I'd open Mixpanel, look at charts, and close the tab. The data was there but I didn't have the expertise to turn it into decisions.

So I built Lurnna. You add a 3.5kb script tag (vanilla TypeScript, zero dependencies, no cookies). It auto-captures page views, clicks, sessions, and JS errors. Every morning at 6 AM it analyzes the last 24 hours and sends you 3-5 plain-English insights with specific actions.

The insight engine works in four stages:

1. SDK captures events and batches them every 5s (uses sendBeacon on unload) 2. Events go into Supabase PostgreSQL with monthly partitioning 3. Daily cron aggregates into structured summaries 4. Summary gets sent to Claude Sonnet with a system prompt tuned for growth analysis. Returns categorized insights (retention, acquisition, engagement, anomalies) each with a specific action item

The SDK respects Do Not Track, uses sessionStorage instead of cookies, and never stores IPs. 3.5kb gzipped.

Stack: Next.js 14, Supabase, Claude API, Resend for email delivery, Vercel for hosting.

Still in private beta. Looking for devs with live web apps who want to test it. The main thing I need to validate is whether the AI insights are actually useful or just noise.

Happy to answer questions about the architecture or the prompt engineering approach.
jacobgadek
·5 mesi fa·discuss
I wrote a technical whitepaper exploring runtime governance for autonomous AI agents.

The paper focuses on execution level control rather than intent alignment, with a goal of clarifying how authority can be enforced in long running autonomous systems.

This is not a product launch. I am looking for technical and security feedback.
jacobgadek
·6 mesi fa·discuss
The browser sandbox is incredible for isolated code execution, but I've found it tricky for "local agent" workflows where you actually want the LLM to use the host CLI or filesystem, just safely.

I built a process supervisor (Vallignus) for that specific "OS-level" use case. It wraps the agent to enforce egress filtering and loop detection so it can use local tools without running wild.

Code is here if you're curious: https://github.com/jacobgadek/vallignus
jacobgadek
·6 mesi fa·discuss
The "token and time sink" point is huge. I've found that even when agents can install deps, they often get stuck in reasoning loops trying to fix a "build toolchain issue" that is actually just a hallucinated package name.

I built a local runtime supervisor (Vallignus) specifically to catch these non-converging loops. It wraps the agent process to enforce egress filtering (blocking those random pip installs) and hard execution limits so they don't burn $10 retrying a fail state.

It's effectively a "process firewall" for the agentic workflow. Open source if you want to see the implementation: https://github.com/jacobgadek/vallignus
jacobgadek
·6 mesi fa·discuss
OP here. I built Romek because I kept getting blocked by Cloudflare/2FA when trying to run personal agents on a VPS.

I realized it was easier to port my local authenticated session (cookies) than to write a complex login bot that constantly breaks.

It currently supports Chrome on macOS/Windows/Linux. It's open source (MIT). Happy to answer any questions about the decryption logic!
jacobgadek
·6 mesi fa·discuss
Hey HN, I built this because I was tired of writing login scripts that break constantly.

The problem: AI agents need to authenticate to websites, but login flows are fragile — 2FA, CAPTCHAs, session expiration.

My solution: Just grab your existing Chrome session.

romek grab linkedin.com

Then your agent uses those cookies. No passwords in code, no login scripts.

v0.4.0 adds: - romek init / sync / doctor for team workflows - export/import for headless servers - session health checks

Open source, MIT licensed. Feedback welcome.
jacobgadek
·6 mesi fa·discuss
Hi HN, I built this because I kept running into the same problem: AI agents need to log into websites, and everyone (including me) just hardcodes cookies. It's insecure and breaks constantly.

AgentAuth is a Python SDK that:

- Stores sessions in an encrypted vault (not in your code) - Gives each agent a cryptographic identity (Ed25519 keys) - Scopes access (agent X can only access linkedin.com) - Logs all access for auditing

I also built a Chrome extension that exports cookies with one click.

The goal is to become the identity layer for AI agents — like how OAuth standardized user auth, but for agents.

Would love feedback, especially from anyone building agents or dealing with browser automation.