Stayner News
Show HN: Open Prompt Hub – share intent, not code
That's why I built Open Prompt Hub: https://openprompthub.io.Think GitHub just for prompts.The idea is simple: Users can upload prompts that can then be used by you and your AI tools to generate a script, app, or web service (or prime their agent for a certain task):. Just past it into your agent or ide and watch it build for you. If the prompt does not 100% covers your usecase, fork it, tweak it, et voila: tailor-made software ready to use!The prompts are simple markdown files wi
Ask HN: Since a week HN keeps logging me off every few days, why?
I've spent years on this board and I always stayed logged in for years without needed to login again from the same devices.<p>But since the last week I've been finding myself not logged in when jumping on HN on multiple devices, even multiple times per device.<p>Has anything changed?
Show HN: Don't share code. Share the prompt
That's why I built Open Prompt Hub: https://openprompthub.io.Think GitHub just for prompts.The idea is simple: Users can upload prompts that can then be used by you and your AI tools to generate a script, app, or web service (or prime their agent for a certain task): Just past it into your agent or ide and watch it build for you. If the prompt does not 100% covers your usecase, fork it, tweak it, et voila: tailor-made software ready to use!The prompts are simple markdown files wit
Show HN: G0 – The control layer for AI agents (scan, test, monitor, comply)
AI agents are shipping fast (LangChain, CrewAI, MCP servers, OpenAI Agents SDK) but there's no unified way to secure and govern them. We built g0 to be
that control layer.<p><pre><code> What g0 does across the agent lifecycle:
g0 scan - Static + behavioral analysis of agent code. 1,180 rules across 12 security domains, 10 frameworks (LangChain, CrewAI, MCP, OpenAI, Vercel AI,
Bedrock, AutoGen, LangChain4j, Spring AI, Go AI), 5 languages. Detects toxic tool chains, taint flows, overprivileged descriptions, missing
sandboxing. Integrated threat intelligence checks tool URLs and dependencies against 55+ IOCs and known CVEs.
g0 test - Dynamic adversarial red teaming. Fires prompt injections, data exfiltration attempts, tool abuse sequences, jailbreaks, and goal hijacking
payloads at your running agents. 3-level progressive judge (deterministic, heuristic, LLM). Works over HTTP and MCP.
g0 endpoint - Discovers every AI tool on the machine (Claude Code, Cursor, Windsurf, Zed, 15+ tools), inventories MCP servers, and surfaces
misconfigurations. Think nmap but for your AI developer surface.
g0 daemon - Continuous runtime monitoring. Behavioral baselines with anomaly detection, cost circuit breaker, correlation engine linking events across
sources into attack chains, and a kill switch for when things go sideways.
g0 detect - MDM enrollment detection (Jamf, Intune, Mosyle, Kandji, etc.), running AI agent discovery, and host hardening audit in one view.
First-class OpenClaw support. g0 is the only security tool that understands OpenClaw's architecture: gateway hardening (18 probes),
SKILL.md/SOUL.md/MEMORY.md analysis, cognitive drift monitoring via SHA-256 baselines, deployment audits, config hardening, and ClawSec CVE feed
integration. If you're running OpenClaw in production, g0 catches what generic scanners miss.
Compliance built in, not bolted on. Every finding maps to 10 standards: OWASP Agentic Top 10, OWASP LLM Top 10, NIST AI RMF, ISO 42001, EU AI Act,
MITRE ATLAS, and more. Generate evidence records, compliance reports, and enforce policies via .g0-policy.yaml with CI gate support.
Outputs: Terminal, JSON, SARIF 2.1.0, HTML, CycloneDX AI-BOM, Markdown. Plugs into GitHub Actions, GitLab CI, or any pipeline.
One command to start: npx @guard0/g0 scan .
GitHub: https://github.com/guard0-ai/g0
We think the AI agent ecosystem needs the same security tooling maturity that web apps got with Burp Suite and Semgrep, but purpose-built for agents.
Happy to answer questions about the architecture or threat model.</code></pre>
Stayner Ontario Real Estate - 224 MCCREA DRIVE
224 MCCREA DRIVE is a home for sale in Stayner. For more information, visit https://MoveMe.To/0nba8A
Eryn Hilliard
Broker
(705) 715-3238
https://erynhilliard.com
This property is courtesy of Locations North. To schedule a private viewing call, Eryn Hilliard today.
Royal LePage® Locations North, Brokerage
112 Hurontario Street, Collingwood, Ontario L9Y 2L8
(705) 445-5520
https://LocationsNorth.com
Are you looking at real estate for sale in the Stayner area? Visit https://MoveMe.To/Stayner/RealEstate to browse and explore what is currently available across Stayner, Ontario.
Are you considering selling your property? Call Eryn Hilliard at (705) 715-3238 for a convenient home evaluation, or visit https://MoveMe.To/Agent/0nba8A
#StaynerRealEstate #StaynerOntarioRealEstate #MoveMeToStayner
Show HN: AliveUI – CSS framework with motion and depth as first-class primitives
You reach for Framer Motion, write 40 lines of keyframes, or pile on JS runtime for something that should just be a class.AliveUI treats depth and motion the way Tailwind treats spacing — as a primitive you compose, not a library you configure.A few things that make it different:Depth layers (d1–d3): One class gives an element physically correct elevation — shadow, border, background, and hover lift all update together.Motion tokens: alive-enter, alive-enter-down, alive-enter-right, alive-enter-
Show HN: Octrafic – Natural language API testing CLI
It's a CLI tool that lets you describe what you want to test in plain English - the agent generates and runs the test plan against your API. You can point it at an OpenAPI spec, a Postman collection, GraphQL schema, or just a URL.<p>New in v0.5.0:<p>OpenAPI Scanner - scans your source code and auto-generates an OpenAPI 3.1 spec<p>Headless/CI mode - run non-interactively with octrafic test for pipeline integration<p>GitHub: <a href="https://github.com/Octrafic/octrafic-cli" rel="nofollow">https://github.com/Octrafic/octrafic-cli</a><p>Happy to answer questions any questions.
Show HN: VeryBot – Self-hosted AI assistant for work
I wanted one self-hosted assistant that could actually do work, not just answer questions.What it does:- Chat with an AI assistant that creates tasks, teams, and schedules from conversation- Kanban board the assistant can populate and update- Scheduled automation (recurring reminders, follow-ups) without external cron- Playbooks: save workflows (onboarding, incident triage, release checklists) and rerun them- Connect Telegram, Discord, Slack, or WhatsApp as channels- Mobile-friendly UI, same int
Show HN: Agentplace, the tool we built to become a 20x company
How to do it w/o a dedicated person for AI innovation?That problem is what we kept running into at Agentplace.We wanted a builder that handles the full stack for an internal agent: backend, database, any MCP-ish integrations, and a real custom UI.A side note: The zero-UI autonomous agent dream is completely oversold. The communication loop between models and humans is still tight, and a purpose-built interface that fits that loop makes agents dramatically more reliable in practice. Custom U
Show HN: ClawCare – Security scanner and runtime guard for AI agent skills
<p><pre><code> Lately I've been more or less a human wrapper around my AI agents —
Claude Code, OpenClaw, etc. They're incredibly productive, but they
scare me regularly.
The wake up moment: I had an agent run tasks involved checking my
environment variables. I totally had an AWS secret sitting right
in there. By the time I realized, my key had already entered the
session context — meaning it was sent to the LLM provider and whatever
router layers sit in between. I had to rotate that secret immediately.
That was a wake-up call. These agents can run commands, read files,
and access secrets without visibility to human.
Third-party skills and plugins make it worse —
Cisco recently found an OpenClaw skill silently exfiltrating data via
curl. CrowdStrike, NCC Group published similar findings. The attack
surface is real and it's everywhere.
I spent my past week's nights building ClawCare. It does two things:
1. Static scanning — scans plugin/skill files for dangerous patterns
(pipe-to-shell, credential access, reverse shells, data exfiltration,
prompt injection) before they ever run. Works in CI.
2. Runtime guard — hooks into the agent's tool execution pipeline and
blocks dangerous commands in real time. That env dump that leaked my
AWS key? ClawCare blocks it before it reaches the LLM.
pip install clawcare
clawcare guard activate --platform {claude|openclaw}
Currently supports Claude Code (PreToolUse hooks) and OpenClaw
(before_tool_call plugin) for runtime guarding, plus static scanning
on Claude/Codex/OpenClaw/Cursor skill and plugin formats.
Include 30+ detection rules, custom rules and integration supported,
support skill manifests on permission boundaries, full audit trail.
Apache 2.0. Python 3.10+.
GitHub: https://github.com/natechensan/ClawCare
Demo: https://github.com/natechansan/ClawCare-demo</code></pre>
FOR SALE: 1945 Nottawasaga Concession 10 S Unit 11, Stayner
For Sale: 1945 Nottawasaga Concession 10 S Unit 11, Stayner
Listing by: Blair Thompson, Broker of Record
RE/MAX Four Seasons Realty Limited, Brokerage
Show HN: Nibble a fast and easy to use network scanner
Hi HN.
I built Nibble, a local network scanner I always wanted because I kept forgetting the quickest way to find devices and services on my LAN or VPN that I needed to SSH or log into. It focuses on speed and ease of use.<p>It scans common ports, grabs service banners, and identifies hardware vendors in a clean terminal UI.
It’s open source and MIT Licensed, and it's available on brew, npm and pip.<p>I’d love for you to try it out.
Show HN: I built an AI trainer and calorie scanner
The context switching was annoying, and most calorie trackers require too much manual data entry to be sustainable long term.I wanted a single, optimized workflow that handles the math for both energy in (nutrition) and energy out (training).How it solves the fragmentation:Computer Vision for Food: Instead of searching databases, you snap a photo. The AI identifies the food and estimates volume/macros instantly. It’s designed to be the fastest way to log a meal, drastically reducing the fri
Show HN: MacMule – EMule for MacOsx
I built this because I wanted to see if eMule still worked in 2025. It does — the ed2k and Kad networks are still alive.<p>The problem: eMule is a Win32 application. Getting it to run on macOS means Wine, and asking non-technical users to install and configure Wine is a non-starter.<p>The solution: macMule bundles eMule (community x64 build by irwir) with Wine Crossover (by Gcenx) into a single .app. Download, drag to /Applications, launch. It auto-connects to eMule Security servers and Kad on startup. Works on Apple Silicon through Rosetta 2.<p>The trade-off is size (~1 GB) since Wine is bundled. But after that it's genuinely zero-config.<p>Build process is a shell script — you can compile specific versions or latest stable. Requires Wine Crossover, Rosetta 2, and gh CLI.<p>Licensing: eMule is GPL v2, Wine is LGPL 2.1. Both respected in packaging.<p>Some things I found interesting while building this:<p>- The ed2k/Kad networks still have content you won't find on modern platforms. It's a weird corner of internet archaeology.
- Wine Crossover handles the Win32 → macOS translation surprisingly well for a client this old.
- The biggest challenge was getting auto-connection to work reliably out of the box so users wouldn't need to configure server lists manually.<p>Happy to answer questions about the packaging approach or Wine internals.<p>Reddit thread with some discussion: <a href="https://www.reddit.com/r/macapps/comments/1r5dile/os_emule_for_macos/" rel="nofollow">https://www.reddit.com/r/macapps/comments/1r5dile/os_emule_f...</a>
Show HN: Axiom – Open-source AI research agent that runs locally (C#, Ollama)
I built an autonomous research agent in C# that runs entirely on local LLMs via Ollama.Give it a topic and it: generates diverse search queries, searches the web (Brave Search API, free tier), fetches and reads relevant sources, analyzes each source for key findings, and synthesizes a structured markdown report with citations.Everything runs locally — no OpenAI/Anthropic API needed. Just Ollama + llama3.1:8b.It takes about 15 minutes per research run on a mid-range CPU (Ryzen 5 5500, no GPU
Subtle thermal factors I didn't expect when testing high-power LEDs
I’ve been experimenting with high-power LEDs in open, non-commercial setups to better understand real-world thermal behavior outside finished products.<p>What stood out was how strongly non-electrical details affected stability:
– mounting pressure
– interface materials
– real airflow paths versus assumed ones<p>Electrically everything stayed within ratings, but long-term thermal behavior varied more than expected.<p>For those who’ve worked with power-dense hardware:
what thermal assumptions turned out to be wrong in practice?
Launch HN: Omnara (YC S25) – Run Claude Code and Codex from anywhere
Omnara lets you run Claude Code and Codex sessions on your own machine, and exposes those sessions through a web and mobile interface so you can stay involved even when you’re away from your desk. Think of it like Claude Code Desktop or Conductor, except you can continue your sessions on your phone.Here’s a demo of the web and mobile apps - https://youtu.be/R8Wmy4FLbhQWe started using Claude Code early last year and quickly ran into a pattern: agents could work for long stretches
Show HN: SaveSync – A co-op save sync tool that uses Steam Workshop as a CDN
Instead of building my own cloud backend, I’m leveraging the Steam Workshop API as a private storage layer.The tool handles the encryption locally before uploading the saves as unlisted Workshop items, so they stay private to you and your friends. For games like Minecraft that aren't natively on Steam, I built a feature that tunnels the connection through Steam's network so friends can join each other as if they were on the same local network.It’s a one-time purchase because I’m tired
Show HN: Security-Risk Patterns in OpenClaw Skills
This creates persistence - the injected instructions survive across sessions.Supply Chain Risk: External script downloads from raw GitHub URLs, and package install commands (npm install, pip install, gem install, cargo install, go install, brew install). A skill shouldn't be silently installing packages.Encoded Payloads: Base64 strings over 40 characters, atob()/btoa() calls, Buffer.from(..., 'base64'), hex escape sequences, and String.fromCharCode(). Encoding is used to bypa
Show HN: TagIntegrity – Free Consent Mode v2 Scanner
I built this after seeing too many sites lose Google Ads conversion data due to broken Consent Mode v2 setup.<p>Free scanner checks GTM/GA4/Ads + consent signals in 60 seconds. No signup required.<p>Example scan: <a href="https://tagintegrity.lovable.app/results/347d5a06-541d-4d6c-aff8-ead2f2718ef8" rel="nofollow">https://tagintegrity.lovable.app/results/347d5a06-541d-4d6c-...</a><p>Would love feedback on what would make this more useful!