Posted by ozkatz 3 days ago
Version control and isolation will probably stay useful, though, more for distributed development and workflow reasons than for safety.
The problem is you start getting comfortable and tired of your workflow getting interrupted when the agent needs more/repeated access. Gradually the permission scope increases, or you decide to take the guards off completely. At this point you have a non-deterministic black box with internet access doing things to your computer. Maybe the agent gets confused and force-pushes git, maybe you load load a malicious plugin, or MCP to github and ingest something hostile. The internet isn't getting kinder, it's basically all-out war behind the scenes, and having your agent do online research is an attack vector. Security is layered, and sandboxing is a layer you can add to mitigate some issues and have piece of mind.
TBH I didn't look too closely at the featured product because I have my own solution already, but it sounds like a versioning filesystem is integrated, which can be really handy. Filesystem snapshots are fast and cheap compared to traditional backup/restore operations. Git is a nice layer for text files, but it's slow and not very good for binary stuff, so if you're working with images or 3d models etc, a versioning FS is really useful.
There are lots of agent use cases beyond individual coding. Maybe you're building a multi-tenant product that let's user agents do stuff and you need an undo feature. That's probably a good case for a sandbox with versioning FS. Maybe you have an agent handling contractual transactions that can't afford to oops. LLM agents are an entirely new computing interface, so we should imagine wide variety of use cases, some of which would likely benefit from a sandbox environment that versions data.
Not sure how I feel about it using on your hosted service, while your home page is asking me for analytics data and only the cli and sdk are open source.
I get providing a hosted service, but I don't understand how it makes it easier for agents to consume unless you're hosting an MCP? My understanding is an agent skill and a cli tool is all an agent needs?
Before I invest my time into something like this I'll need to know what it'll end up costing in the end. Perhaps it's just that "private previews" aren't for me. Good luck!
Not sure what else we can do in this world other than tightly control outbound requests and provide enough visibility into those requests for a human|agent to try and undo changes.
Happy to hear your thoughts - what would you like to see us take this?
I'd love to learn more on how egress can be handled securely in sandboxes, and in general also ingress as this has some security impact - as soon as you allow reading from an external system you open up a new threat vector. Curious to understand whether you have any strategy for network access?
This is metadata only as the objects themselves are immutable.
I increasingly feel the impact of landing on the frontpage of HN is not as pronounced as it used to be. The demographic shift of HN is also noted, it has a lot more "reddit" vibe than I remember.
Now I see these things and its more likely than not that it was spit out by an agentic tool with little to no understanding of the code, and hardly learning or effort took place. Feels cheap and a waste of time. Why spend my time looking at something that someone made in a few hours so they could up their fake portfolio?
Its great to find real development out there but these types of posts eg "Show: random agentic tool gibberish" feel cheap and flaccid now. Nothing impressive
GCs, blogs, and small chatrooms are the way.
perhaps the biggest hit is the trust, now people will just jump to conclusion and say your comment is AI and overall the presence that I used to feel from before the AI days is not there.
its no longer rewarding and ironically i've started to engage a lot less and seek human connections outside so perhaps there is an upside.
I also see a lot of people cutting back on instagram and social media use. AI appears to be slowly driving people off the internet and towards analog real human connection but its very subtle and too little to celebrate
I think it was bound to happen. The open internet is like public infrastructure with no janitor. People rant on it, people lie on it, people push zealous activism on it, people send bots onto it. The amount of work it would take to effectively moderate this stuff wouldn't make it economically viable to run any site. You'd need a full time staff just to police this stuff.
Small groups are small enough to be moderated by everyone in the group. It might feel sad (it certainly feels sad to me), but I think we should realize we just happened to be on the internet in a weird moment where a high bar was needed to get onto it that happened to align around norms of good discussion. I'm struggling with this transition (because it's hard as an adult to find new places to socialize), but need to ween myself off this site because it's obvious the quality has dipped too low to get much out of it.