Hacker News

Article URL: https://lapcatsoftware.com/articles/2026/1/7.html

Comments URL: https://news.ycombinator.com/item?id=47041959

Points: 1

# Comments: 0

Article URL: https://www.getfokus.com/

Comments URL: https://news.ycombinator.com/item?id=47041944

Points: 1

# Comments: 1

Article URL: https://tryeyeball.com/

Comments URL: https://news.ycombinator.com/item?id=47041941

Points: 1

# Comments: 0

Article URL: https://news.risky.biz/risky-bulletin-icedid-malware-developer-fakes-his-own-death-to-escape-the-fbi/

Comments URL: https://news.ycombinator.com/item?id=47041917

Points: 2

# Comments: 0

Article URL: https://www.theguardian.com/business/2026/feb/16/uk-bank-bosses-plan-visa-mastercard-alternative

Comments URL: https://news.ycombinator.com/item?id=47041909

Points: 4

# Comments: 0

I built a static analysis scanner that checks OpenClaw agent skill definitions.

Here's every category I found on ClawHub.

Hidden Content: HTML comments with instructions, zero-width Unicode characters (U+200B-U+200F, U+2060-2064, U+FEFF), CSS hiding (display:none, opacity:0), and bidirectional text overrides. These are invisible when reading markdown but the LLM processes them.

Prompt Injection: Direct attempts to override agent behavior: "ignore previous instructions", role reassignment ("you are now"), model-specific tokens like [INST] and <|im_start|>, and persona manipulation ("pretend you are").

Shell Execution: Remote code execution vectors: curl|bash, eval(), exec(), npx -y (auto-confirms remote packages), reverse shells via /dev/tcp or nc -e, and one-liners in Python, PHP, Perl, Ruby.

Data Exfiltration: URLs pointing to paste sites (pastebin, transfer.sh), webhook services (ngrok, webhook.site, pipedream), messaging webhooks (Slack, Discord, Telegram bot API), and raw IP addresses.

Embedded Secrets: Hardcoded credentials across 17 types: AWS keys, OpenAI API keys, GitHub/GitLab tokens, Stripe keys, PEM private keys, JWT tokens, database connection strings, SSH private keys, and more.

Sensitive File References: Instructions to access .ssh/, .env, .aws/credentials, /etc/passwd, /etc/shadow, and private key paths.

Memory/Config Poisoning: This one is interesting. Skills that try to write to agent memory files (CLAUDE.md, SOUL.md, MEMORY.md, CODEX.md) or IDE rule files (.cursorrules, .windsurfrules, .clinerules). This creates persistence - the injected instructions survive across sessions.

Supply Chain Risk: External script downloads from raw GitHub URLs, and package install commands (npm install, pip install, gem install, cargo install, go install, brew install). A skill shouldn't be silently installing packages.

Encoded Payloads: Base64 strings over 40 characters, atob()/btoa() calls, Buffer.from(..., 'base64'), hex escape sequences, and String.fromCharCode(). Encoding is used to bypass pattern detection in other scanners.

Image Exfiltration: This is the most complex category with 17 patterns. Markdown images with exfil query params (), variable interpolation in image URLs (), SVG with embedded scripts or foreignObject, 1x1 tracking pixels, CSS-hidden image beacons, steganography tool references, Canvas API manipulation (getImageData, toDataURL), and double extensions (.png.exe).

System Prompt Extraction: Instructions to leak the agent's system prompt: "reveal your system prompt", "repeat the words above", "print everything above", "what are your original instructions".

Argument Injection: Shell metacharacters in tool arguments: command substitution $(), variable expansion ${}, backticks, chained commands (;rm, |bash, &&curl), and GTFOBINS exploitation flags (--exec, --checkpoint-action).

Cross-Tool Chaining: Multi-step attack patterns that combine legitimate tools: read-then-exfiltrate sequences, numbered step-by-step instructions, and direct tool function references (read_file(), execute_command()). Each step looks harmless alone.

Excessive Permissions: Requests for "unrestricted access", "bypass security", "root access", "disable all safety checks", "full system control". A skill definition shouldn't need these.

Suspicious Structure: Content over 10K characters (larger surface area for hiding threats), and imperative instruction density over 30% (lines starting with "you must", "always", "never", "execute", "run").

How it works ? The scanner is stateless. You paste or upload a skill definition, it runs 15 analyzers against the content, and returns findings with severity levels, line numbers, evidence snippets, and OWASP LLM Top 10 references.

No database, no persistence, no network calls. Single request in, results out.

Comments URL: https://news.ycombinator.com/item?id=47041889

Points: 2

# Comments: 0

For as long as I can remember, about once a week or so someone on Hacker News introduced their pet project, a new programming language. It almost seems like a rite of passage to, for some period at least, believe that you can beat the odds and come up with a way of presenting information that improves upon present methods and, just perhaps, goes viral and changes the world of software by some measurable increment.

Will this tendency to reinvent the wheel survive the transition to AI-driven software development? What would be the impetus, when everyone is programming in English (or some other human language), and the 'compiler' has a higher IQ than the 'programmer'? Note that any new language will by definition not be in the corpus of information any frontier model was trained on.

I feel (fear?) we are basically locked in to a world where C, C++, Rust, Go, Python and Javascript will be the assembly code we compile to, and there will be no path or even raison dêtre to improve or innovate in the field of programming languages as we understand them today.

What I do suspect might happen is the AI's themselves propose changes to the base languages that improve their ability to code for us.

Strange times ahead.

Comments URL: https://news.ycombinator.com/item?id=47041886

Points: 3

# Comments: 0

Article URL: https://www.scmp.com/week-asia/economics/article/3343513/philippines-ai-reckoning-puts-127-million-jobs-line

Comments URL: https://news.ycombinator.com/item?id=47041883

Points: 2

# Comments: 0

Actor and software engineer here. Built this because I was tired of spending hours reading plays to find one decent audition monologue.

Existing platforms like Backstage have ~1,100 pieces and most are overdone. I scraped and cleaned data from 172+ plays to build a database of 8,600+ monologues.

The AI search lets you describe what you need naturally: "funny piece for woman in 20s about career anxiety" instead of clicking through age/genre filters.

Tech stack: Next.js, FastAPI, PostgreSQL with pgvector, LangChain for semantic search.

Free tier available. Would love feedback from the HN community on the search experience and technical implementation.

Comments URL: https://news.ycombinator.com/item?id=47041877

Points: 1

# Comments: 0

Article URL: https://github.com/tspader/dotllm

Comments URL: https://news.ycombinator.com/item?id=47041875

Points: 1

# Comments: 0

Article URL: https://www.aleksagordic.com/blog/oura

Comments URL: https://news.ycombinator.com/item?id=47041852

Points: 1

# Comments: 0

Article URL: https://ujjwalvivek.com/blog/proj_0004_rust_game_engine.md

Comments URL: https://news.ycombinator.com/item?id=47041841

Points: 2

# Comments: 1

My great-grandfather Reuben P. Box was a US Forest Ranger in Northern California, and I've got his daily work diary from 1927-1945, through the depression, WWII, Conservation Corps, and lots of forest fires. I've scanned the entire thing, had Claude help with transcription, indexing, and web site building, and put the whole thing here:

https://forestrydiary.com/

This is one of those projects I've sat on for years, but with Claude and Mistral helping with the handwriting recognition, and even helping me write a custom scanning app that would auto scan each page and put it into a database as I assembled everything.

As far as I know, this is the only US Forestry Diary that has been fully scanned in and published. I understand that there are other diaries in some collections, but none have been scanned in. I hope this helps somebody. Please let me know if it does.

This is the sort of project Claude and AI can help with - A personal project that sits on the shelf forever, but now a reasonable project that can be published in my spare time. I'm not trying to earn money on this, but just improving our knowledge and history just a little bit.

Comments URL: https://news.ycombinator.com/item?id=47041836

Points: 14

# Comments: 1

Article URL: https://freesystems.substack.com/p/building-the-truth-machine

Comments URL: https://news.ycombinator.com/item?id=47041827

Points: 1

# Comments: 0

Article URL: https://dynamicdialects.ac.uk/accent-map/

Comments URL: https://news.ycombinator.com/item?id=47041541

Points: 1

# Comments: 0

Article URL: https://www.votito.com/methods/dialectical-bootstrapping/

Comments URL: https://news.ycombinator.com/item?id=47041525

Points: 1

# Comments: 1

Article URL: https://www.nature.com/articles/d41586-026-00448-5

Comments URL: https://news.ycombinator.com/item?id=47041524

Points: 1

# Comments: 1

Article URL: https://sabotage-linux.neocities.org/blog/about/

Comments URL: https://news.ycombinator.com/item?id=47041517

Points: 1

# Comments: 0

Article URL: https://www.denverpost.com/2026/02/16/denver-flock-cameras-license-plates-other-bidders/

Comments URL: https://news.ycombinator.com/item?id=47041515

Points: 1

# Comments: 0

Article URL: https://pointscard.app

Comments URL: https://news.ycombinator.com/item?id=47041483

Points: 1

# Comments: 1