Show HN: Most products have no idea what their AI agents did yesterday https://ift.tt/YTx1DGB

Show HN: Most products have no idea what their AI agents did yesterday We build collaboration SDKs at Velt (YC W22). Comments, presence, real-time editing (CRDT), recording, notifications. A pattern we keep seeing: products add AI agents that write, edit, and approve things. Human actions get logged. Agent actions don't. Same workflow, different accountability. We shipped Activity Logs to fix this. Same record for humans and AI agents. Immutable by default. Auto-captures collaboration events, plus createActivity() for your own. Curious how others are handling this. https://ift.tt/GTH8Cf7 April 3, 2026 at 01:25AM

Show HN: I tested 15 free AI models at building real software on a $25/year VPS https://ift.tt/5i8TjUx

Show HN: I tested 15 free AI models at building real software on a $25/year VPS https://ift.tt/6hoSx0d April 3, 2026 at 12:13AM

Show HN: Portcullis, a review gate for curl|bash https://ift.tt/Of4r6qH

Show HN: Portcullis, a review gate for curl|bash https://ift.tt/tV9aeHd April 2, 2026 at 11:39PM

Show HN: Zerobox – Sandbox any command with file and network restrictions https://ift.tt/TBY9NvE

Show HN: Zerobox – Sandbox any command with file and network restrictions I'm excited to introduce Zerobox, a cross-platform, single binary process sandboxing CLI written in Rust. It uses the sandboxing crates from the OpenAI Codex repo and adds additional functionalities like secret injection, SDK, etc. Watch the demo: https://www.youtube.com/watch?v=wZiPm9BOPCg Zerobox follows the same sandboxing policy as Deno which is deny by default. The only operation that the command can run is reading files, all writes and network I/O are blocked by default. No VMs, no Docker, no remote servers. Want to block reads to /etc? zerobox --deny-read=/etc -- cat /etc/passwd cat: /etc/passwd: Operation not permitted How it works: Zerobox wraps any commands/programs, runs an MITM proxy and uses the native sandboxing solutions on each operating system (e.g BubbleWrap on Linux) to run the given process in a sandbox. The MITM proxy has two jobs: blocking network calls and injecting credentials at the network level. Think of it this way, I want to inject "Bearer OPENAI_API_KEY" but I don't want my sandboxed command to know about it, Zerobox does that by replacing "OPENAI_API_KEY" with a placeholder, then replaces it when the actual outbound network call is made, see this example: zerobox --secret OPENAI_API_KEY=$OPENAI_API_KEY --secret-host OPENAI_API_KEY=api.openai.com -- bun agent.ts Zerobox is different than other sandboxing solutions in the sense that it would allow you to easily sandbox any commands locally and it works the same on all platforms. I've been exploring different sandboxing solutions, including Firecracker VMs locally, and this is the closest I was able to get when it comes to sandboxing commands locally. The next thing I'm exploring is `zerobox claude` or `zerobox openclaw` which would wrap the entire agent and preload the correct policy profiles. I'd love to hear your feedback, especially if you are running AI Agents (e.g. OpenClaw), MCPs, AI Tools locally. https://ift.tt/tUSBVAc March 30, 2026 at 09:32PM

Show HN: Aphelo – A Redis-like store in C++ with Progressive Rehashing https://ift.tt/VDy37HR

Show HN: Aphelo – A Redis-like store in C++ with Progressive Rehashing https://ift.tt/6J8Yu4x April 1, 2026 at 11:33PM

Show HN: Real-time dashboard for Claude Code agent teams https://ift.tt/Mrd6jJh

Show HN: Real-time dashboard for Claude Code agent teams This project (Agents Observe) started as an exploration into building automation harnesses around claude code. I needed a way to see exactly what teams of agents were doing in realtime and to filter and search their output. A few interesting learnings from building and using this: - Claude code hooks are blocking - performance degrades rapidly if you have a lot of plugins that use hooks - Hooks provide a lot more useful info than OTEL data - Claude's jsonl files provide the full picture - Lifecycle management of MCP processes started by plugins is a bit kludgy at best The biggest takeaway is how much of a difference it made in claude performance when I switched to background (fire and forget) hooks and removed all other plugins. It's easy to forget how many claude plugins I've installed and how they effect performance. The Agents Observe plugin uses docker to start the API and dashboard service. This is a pattern I'd love to see used more often for security (think Axios hack) reasons. The tricky bit was handling process management across multiple claude instances - the solution was to have the server track active connections then auto shut itself down when not in use. Then the plugin spins it back up when a new session is started. This tool has been incredibly useful for my own daily workflow. Enjoy! https://ift.tt/g8Ap5FE April 1, 2026 at 11:24PM

Show HN: Max Headbox, a local agent that fits on a Raspberry Pi 5 https://ift.tt/9tjBhle

Show HN: Max Headbox, a local agent that fits on a Raspberry Pi 5 https://ift.tt/62WoTOA April 1, 2026 at 09:57PM