Hacker News
Show HN: CanaryAI – Claude Code Security Monitoring Tool
AI coding agents are powerful — but they run real commands on your machine. CanaryAI watches what they do and alerts you when something looks off: reverse shells, credential theft, persistence mechanisms, data exfiltration, and more.
It works by scanning Claude Code session logs in real time, applying a set of detection rules, and surfacing alerts in a native macOS menu bar app.
CanaryAI never blocks or interferes with your agent. It observes and reports.
https://github.com/jx887/homebrew-canaryai
Comments URL: https://news.ycombinator.com/item?id=47190367
Points: 1
# Comments: 0
Pure Rust, zero dependencies AI models, runs locally, free forever
Article URL: https://huggingface.co/qoranet
Comments URL: https://news.ycombinator.com/item?id=47190360
Points: 1
# Comments: 1
Show HN: Circuitchat, a Tor-first encrypted messaging program using Noise
Article URL: https://github.com/uncognic/circuitchat
Comments URL: https://news.ycombinator.com/item?id=47190353
Points: 1
# Comments: 0
Samsung Galaxy update removes Android recovery menu tools, including sideloading
Article URL: https://9to5google.com/2026/02/27/samsung-galaxy-update-android-recovery-menu-removed/
Comments URL: https://news.ycombinator.com/item?id=47190285
Points: 3
# Comments: 0
OpenAI Reaches A.I. Agreement With Defense Dept. After Anthropic Clash
Bird Losses Are Accelerating
Article URL: https://www.nytimes.com/2026/02/26/climate/bird-declines.html
Comments URL: https://news.ycombinator.com/item?id=47190187
Points: 5
# Comments: 0
India disrupts access to popular developer platform Supabase with blocking order
Article URL: https://techcrunch.com/2026/02/27/india-disrupts-access-to-popular-developer-platform-supabase-with-blocking-order/
Comments URL: https://news.ycombinator.com/item?id=47190176
Points: 1
# Comments: 0
A Day in the Life of an Enshittificator [video]
Article URL: https://www.youtube.com/watch?v=T4Upf_B9RLQ
Comments URL: https://news.ycombinator.com/item?id=47190120
Points: 5
# Comments: 1
We may Soon have City-Spanning 900 MHz Mesh Networks (2021)
Article URL: https://cheapskatesguide.org/articles/900mhz-mesh.html
Comments URL: https://news.ycombinator.com/item?id=47190092
Points: 1
# Comments: 0
System prompt change Claude's reasoning depth – side-by-side comparison tool
Article URL: https://claude.ai/public/artifacts/eba2a270-dd61-4f0c-a276-34a53e604f13
Comments URL: https://news.ycombinator.com/item?id=47190089
Points: 2
# Comments: 1
Build your own Command Line with ANSI escape codes (2016)
Article URL: https://www.lihaoyi.com/post/BuildyourownCommandLinewithANSIescapecodes.html
Comments URL: https://news.ycombinator.com/item?id=47190088
Points: 1
# Comments: 0
The Enshittificator [video]
Article URL: https://vimeo.com/1168468796
Comments URL: https://news.ycombinator.com/item?id=47190077
Points: 3
# Comments: 0
The Mountain Eagle Is Now Online
Article URL: https://www.mountaineagle.net/articles/display/?entry_short=the-mountain-eagle-is-now-online
Comments URL: https://news.ycombinator.com/item?id=47189942
Points: 1
# Comments: 1
German Tank Problem
Article URL: https://en.wikipedia.org/wiki/German_tank_problem
Comments URL: https://news.ycombinator.com/item?id=47189922
Points: 1
# Comments: 0
Latency
Article URL: https://cheat.sh/latency
Comments URL: https://news.ycombinator.com/item?id=47189914
Points: 1
# Comments: 0
Show HN: Agents-lint – detect stale paths and context rot in AGENTS.md files
AGENTS.md (and CLAUDE.md, GEMINI.md, .cursorrules) has become the standard way to tell AI coding agents how your repo works. It's now in 60,000+ repos. Codex, Claude Code, and Gemini CLI read these files before every task.
The problem: nobody keeps them up to date.
Paths get renamed. npm scripts change. Framework patterns go stale. The file that was accurate when you wrote it in September starts giving your agents wrong instructions by December — without a single commit to AGENTS.md.
An ETH Zurich study presented at ICSE 2026 put numbers on this: stale context files reduced agent task success by 2–3% while increasing token costs by over 20%.
agents-lint is a zero-dependency CLI that catches this automatically:
npx agents-lint It runs five independent checks: 1. Filesystem — every path mentioned in your file is verified to exist 2. npm scripts — every `npm run ` is verified against package.json (workspace-aware) 3. Dependencies — deprecated packages (moment, request, tslint) are flagged 4. Framework staleness — Angular NgModules in Angular 14+, ReactDOM.render() in React 19, getInitialProps in Next.js App Router, CommonJS in ESM projects 5. Structure — recommended sections, bloat (>15k chars adds 20% token cost), unresolved TODOs, old year references
Every run produces a freshness score (0–100). The real value is adding it to CI with a weekly schedule — because context rot happens even when the file hasn't changed:
schedule: - cron: '0 9 * * 1' # Every Monday That weekly schedule is the whole point. Your AGENTS.md can rot without a single commit to it.
When multiple agent config files exist (AGENTS.md + CLAUDE.md, etc.), it also cross-checks them for conflicting instructions — e.g. one file says `npm run test`, the other says `npm run test:unit`.
What I found when testing on real repos: absolute home-directory paths that only work on the author's machine, monorepo commands copy-pasted into single-package projects, and framework references to APIs removed two major versions ago. All silently misleading agents on every task.
Landing page: https://giacomo.github.io/agents-lint/ npm: https://www.npmjs.com/package/agents-lint
Would love feedback — especially if you find unexpected issues in your own AGENTS.md.
Comments URL: https://news.ycombinator.com/item?id=47189911
Points: 1
# Comments: 1
Show HN: Recall – Persistent Memory for Claude Code via MCP Hooks
Hi HN,
A while back I posted about recall MCP - https://news.ycombinator.com/item?id=45516584 Since then I updated a series of times and received quite a good amount of positive response. I decided to take it a step further and make it an actual product. It has been a super interesting journey.
I built Recall because I was spending 10+ minutes every Claude Code session re-explaining my project. Architecture, conventions, past decisions — all gone after a session restart or context compaction.
Recall is an MCP server that gives Claude Code persistent memory. It works by running four lifecycle hooks:
- session-start: fetches relevant memories and injects them as context - observe: captures key events (git commits, file changes, decisions) silently after Write/Edit/Task operations - pre-compact: saves critical state before Claude's context window gets summarised (this is the most valuable hook — compaction kills nuance) - session-end: records a session summary
Install as a native Claude Code plugin:
/plugin install recall@claude-plugins-official /recall:setup ← connects your API key The plugin bundles the MCP server config, all 4 hooks, and auto-updates itself in the background. Alternatively, hooks-only install is still available for those who prefer it:
curl -fsSL https://recallmcp.com/install-hooks | bash Hooks are pure bash + curl. No daemon, no npm packages, no background processes. Every hook exits 0 on errors so it never blocks Claude.
Memory is stored in Redis with semantic search via embeddings (Voyage AI, Cohere, OpenAI, or others). Each tenant gets isolated storage with AES-256-GCM encryption.
Some features that might be interesting to this audience:
1. Native Claude Code plugin — ships as a proper plugin installable with `/plugin install recall@claude-plugins-official`. Bundles MCP server config + all 4 hooks. Auto-updates in the background.
2. Webhook ingestion — route GitHub/Stripe/any webhook into a Claude session. Your AI becomes event-aware.
3. Self-hosted — `curl -fsSL https://install.recallmcp.com | bash` gives you a Docker Compose stack with Redis + Recall. $12/mo license, air-gapped compatible.
4. Team sharing — one Claude learns, all team Claudes know. Workspace-scoped with selective sharing.
Open source (MIT): https://github.com/joseairosa/recall Hosted: https://recallmcp.com (free tier: 500 memories)
Technical details: TypeScript, Express 5, Redis/Valkey adapters, Drizzle ORM for billing/teams on PostgreSQL, StreamableHTTP MCP transport. 16 consolidated MCP tools exposed.
Happy to discuss the architecture, MCP protocol integration, or the memory/embedding strategy.
Comments URL: https://news.ycombinator.com/item?id=47189906
Points: 1
# Comments: 0
The Reason Anthropic Wants Guardrails
Article URL: https://www.theatlantic.com/ideas/2026/02/anthropic-pentagon-ai/686172/
Comments URL: https://news.ycombinator.com/item?id=47189900
Points: 1
# Comments: 1
Ask HN: How do products get priced after the bubble bursts?
For those who remember dot com, any insight into how product pricing changes after a bubble starts to burst?
Trying to think through what it’ll cost to use those that remain standing before making them core to my business.
I’m in my mid-30s. Only thing close to this i remember is the shift of the darlings of the 2010s from growth to profitability. And more than anything I experienced that through less refunds. But that really only occurred after the winners had locked you in (Amazon, Google, DoorDash, etc) and growth ramped down. The dot com bubble burst before winners were crowned and I expect the wave of gen AI will be similar.
Comments URL: https://news.ycombinator.com/item?id=47189893
Points: 1
# Comments: 0
Joint Statement from OpenAI and Microsoft
Article URL: https://openai.com/index/continuing-microsoft-partnership/
Comments URL: https://news.ycombinator.com/item?id=47189861
Points: 2
# Comments: 0