Rendered at 14:26:24 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
miltieIV2 5 minutes ago [-]
No way to submit bug reports other than email - I'll forward this.
How about at least a GitHub stub repo for Issue reports?
Lot's of permissions (but missing "Full Disk Access" in the UI setup flow)
I didn't know it also needed FDA until I did "ash status".
Why is there a Login?
GitHub login broken - 404.
No Source - This is a security tool that can't be audited.
You had your 5 minutes on HN, but you'll need the community for Linux and Windows.
Yeah, overloaded name - how about AgSh.app / agsh?
It's not too late to fix it.
tonyekh 19 minutes ago [-]
This looks cool
nxtfari 10 hours ago [-]
I believe you’re late to the “ash shell” name by about 36 years
Great tool! I've witnessed numerous cases where novice users lost critical data assets by recklessly granting proxies/AI agents excessive permissions without understanding the security implications.
socialinteldev 10 hours ago [-]
the network restriction question is the interesting one for agent sandboxing — the real risk isn't the agent reading files it shouldn't, it's exfiltrating data through api calls to attacker-controlled endpoints. for agent-to-agent payment protocols like x402 the question gets weird: the agent needs outbound to pay for data, but you want to allowlist which endpoints it can call. per-process network policy + endpoint allowlisting seems like the right primitive here
ThroneCreator 16 hours ago [-]
One thing that comes to mind is whether the sandbox can restrict outbound network access per process or per command. That could be useful for preventing agents from silently exfiltrating data while still allowing limited API calls.
2 hours ago [-]
Muhammad523 16 hours ago [-]
There's a shell with the exact same name for Unix
matthewsinclair 13 hours ago [-]
And there’s also the Ash framework for Elixir.
jakejmnz 15 hours ago [-]
Looks cool, I'll give it a shot. Is this any different from /sandbox command?
No Source - This is a security tool that can't be audited. You had your 5 minutes on HN, but you'll need the community for Linux and Windows.
Yeah, overloaded name - how about AgSh.app / agsh? It's not too late to fix it.
https://en.wikipedia.org/wiki/Almquist_shell