I'm a backend engineer on Atlassian's Rovo Agents team. A few weeks ago, OpenAI acquired the OpenClaw project and I started thinking about what happens when agents get broad access to your data with no permission layer.
Six days later, Summer Yue (Director of Alignment at Meta) posted about her OpenClaw agent deleting 200+ emails while ignoring her stop commands. The root cause was context window compaction dropping her safety instruction. The agent kept working. It just lost the part where it was supposed to ask first.
Shield is a plugin that hooks into OpenClaw's tool system and intercepts every action before it executes. Permissions are enforced outside the model's context window, so they can't be compressed away. You set what each agent can access (read/write/execute per service), and anything outside those boundaries gets blocked or routed through an approval workflow with time-limited grants.
TypeScript, open source, MIT licensed. The plugin, dashboard, and docs are all live. Happy to answer questions about the architecture or how the OpenClaw Plugin API integration works.
Great question! TikTok recipes are a mixed bag honestly.
When you paste a TikTok link, we pull the video caption and try to extract ingredients/instructions from the text. If the creator wrote out the recipe in the description (or linked to their blog), it works really well.
But you're right - a lot of TikTok recipes are just "watch me cook" with no written recipe. In those cases, we save the video embed so you can still watch it directly in the app, add your own tags, favourite it, and keep it organised with your other recipes. Not as ideal as having the full recipe extracted, but at least it's not lost in your TikTok likes anymore.
For recipe cards shown visually in videos, you can screenshot and use our photo import feature - that one does use GPT-4 Vision to OCR the text.
That's solid feedback, thanks. You're right - being able to see what the app does before signing up would lower the barrier. I'll work on that today - plan is to let anyone scrape and preview a recipe without logging in, then only prompt for signup when they try to save it. Should be live before I head to bed tonight :)
Hey HN! I'm Rachelle - I built Recipe Shelf to solve my own problem: recipes scattered across bookmarks, screenshots, random apps, and photos of my mum's handwritten recipe cards.
I tried existing apps but couldn't find one that handled all my use cases well - especially importing from different sources reliably.
What it does:
Scrape recipes from websites (currently supports 15 sites) and TikTok
Extract recipes from photos using OCR (GPT-4 Vision)
Manual entry for family recipes
Scaling and unit conversion
Search and organise everything in one place
Tech stack:
- Frontend: React Native Web + Expo
- Backend: Kotlin + Spring Boot
- Database: PostgreSQL
- Infrastructure: AWS (EC2, RDS, S3, CloudFront)
- OCR: GPT-4 Vision API
Built this while working full-time as a software engineer, so it's been a slow burn over the past year. Web is live now, mobile apps coming soon.
Happy to answer any questions about the tech or the journey. Would love feedback!
(Posting this while literally cooking dinner for my family - seemed fitting )