Show HN: MCP Security Scanning Tool for CI/CD
Show HN (score: 11)Description
More from Show
Show HN: Cupcake – Better performance and security for coding agents (via OPA)
Show HN: Cupcake – Better performance and security for coding agents (via OPA) We're releasing early efforts on coding agent governance with Cupcake [1] - an open-source policy enforcement layer with native integrations. You write rules in policy-as-code (OPA/Rego), and Cupcake integrates them into the agent runtime via Hooks.<p>See it in action (Desktop only): <a href="https://cupcake-policy-studio.vercel.app/example-policies/security/protecting-paths?harness=claude-code&format=rego" rel="nofollow">https://cupcake-policy-studio.vercel.app/example-policies/se...</a><p>Help us build: <a href="https://github.com/eqtylab/cupcake" rel="nofollow">https://github.com/eqtylab/cupcake</a><p>We are EQTY Lab, our mission is verifiable AI (identity, provenance, and governance). With the rise of capable agents like Claude Code, it became immediately clear that those deploying these agents need the ability to conduct their own alignment and safety controls. We can’t rely solely on the frontier labs.<p>This is why we created the feature request for Hooks in Claude Code [2], and pivoted away from filesystem and OS-level monitoring once those hooks were implemented. Hooks provide the critical points we need:<p>* Evaluation: Checking agent intent and actions.<p>* Prevention: Stopping unsafe or unwanted actions.<p>* Modification: Adjusting the agent's output before execution.<p>Policy-as-Code with OPA/Rego - While many agent security papers suggest similar policy architectures using invented DSLs, Cupcake is fundamentally built on Open Policy Agent (OPA) and its policy language, Rego [3].<p>We chose Rego because it is:<p>* Industry-Robust: Widely adopted across enterprise DevSecOps and cloud-native environments.<p>* Purpose-Built: Offers unique, mature advantages for defining, managing, and enforcing policy as code.<p>* Enterprise-Oriented: This makes Cupcake compatible with existing enterprise governance frameworks.<p>Cupcake is released under the Apache-2.0 license. We will formalize a path to v1.0.0 in Q1 of 2026. This is an early preview version. The goal with Cupcake is not suppression, but to ensure an agent is able to drive fast without crashing. To collaborate, or join forces: ramos at eqtylab dot io.<p>[1] <a href="https://github.com/eqtylab/cupcake" rel="nofollow">https://github.com/eqtylab/cupcake</a><p>[2] <a href="https://github.com/anthropics/claude-code/issues/712" rel="nofollow">https://github.com/anthropics/claude-code/issues/712</a><p>[3] <a href="https://www.openpolicyagent.org/" rel="nofollow">https://www.openpolicyagent.org/</a>
Show HN: I got tired of switching AI tools, so I built an IDE with 11 of them
Show HN: I got tired of switching AI tools, so I built an IDE with 11 of them Each AI has strengths - Claude reasons well, Gemini handles long context, Codex integrates with GitHub. But switching between them means losing context.<p>Built HiveTechs: one workspace where Claude Code, Gemini CLI, Codex, DROID, and 7 others run in integrated terminals with shared memory.<p>Also added consensus validation - 3 AIs analyze independently, 4th synthesizes.<p>Real IDE with Monaco editor, Git, PTY terminals. Not a wrapper.<p>Looking for feedback: hivetechs.io
Show HN: Powerful Visual Programming Language (Book)
Show HN: Powerful Visual Programming Language (Book) Throughout my 30+ software development career, after spending many sleepless nights digging up through enormous codebases to understand logic or fix a bug, I was thinking: "There must be a better, visual way to represent program rather than text". However, no usable visual programming language popped up on horizon for the whole duration of 30+ years of my career. Therefore, I decided to take matters in my own hands, creating new visual programming language called "Pipe". A book about this language was published recently. The book is available for free on Amazon Kindle and Apple iBooks.<p>Language Pipe has a level of sophistication and power comparable to existing most powerful textual languages and therefore, it has a very high chances to successfully compete with text-based programming. The book provides full and comprehensive language specification. On top of that, the book contains many features and ideas planned for future versions of the language.<p>Pipe implements many novel concepts and unique features. As a result, multiple patent applications have already been filed and pending. The published book contains complete language specification, including graphical notation of all its elements and full API specification for code integration. Pipe has the following features:<p>* General-purpose visual language.<p>* Compact but powerful language.<p>* Complete and detailed language specification.<p>* Practical visual language.<p>* API specification for integration with non-visual languages.<p>* Statically-typed language.<p>* Long-term plans for future versions.<p>* Augmentation of AI code generation.<p>* Language for the next generation of low-code systems.<p>The problem of AI code generation is that it is very difficult to prepare complete and precise input specifications, especially in case of a large project. The solution is generating code only for base-level components easily explainable to AI, completing the rest of application via manual coding. That, however, undermines the goal of leveraging AI to remove the need for human programming. Pipe provides an alternative to textual coding by encapsulating AI-generated components within visual blocks for building the rest of application as graphical workflows via an intuitive drag-and-drop interface. As a next level of Pipe evolution, AI will be generating complete visual workflows directly, making it much easier to understand and modify generated logic.<p>Usage of a general-purpose visual programming language Pipe to connect blocks containing AI-generated code can inspire the next generation of extremely versatile low-code platforms, as AI code generation followed by visual integration of generated components is a very powerful low-code framework. Users will be able to generate new components using AI and that solves the problem of limited customization in existing low-code platforms where components are mostly predefined. On top of that, common visual programming language Pipe will ensure portability of low-code projects between different platforms.<p>Please find PDF with book preview here: <a href="https://www.pipelang.com/sample/sample.pdf" rel="nofollow">https://www.pipelang.com/sample/sample.pdf</a>
Show HN: A benchmark + latency sim for LLM db queries: ClickHouse / Postgres
Show HN: A benchmark + latency sim for LLM db queries: ClickHouse / Postgres
No other tools from this source yet.