ngmi's avatar
ngmi
ngmi@zaps.lol
npub14p7f...dzry
ngmi's avatar
ngmi.ai 2 months ago
Wasmbox has now first class agentic support Flatpak-style launcher for sandboxed WebAssembly tools. Single binary, local-first, no accounts, no telemetry. Built for agents and humans alike — every tool ships with a machine-readable skill file so agents can discover, understand, and invoke tools without guessing. Example: 1. Install wasmbox: gix clone
Tangled
metaend.eth.xyz/wasmbox-cli
Flatpak-style launcher for sandboxed WebAssembly tools. Install, verify, and run .wasm binaries with explicit capability grants. Single binary, loc...
 2. wasmbox registry add https://qstorage.quilibrium.com/wasmbox 3. Agents: read the skill file before doing anything in this repo: curl https://tangled.org/metaend.eth.xyz/wasmbox-cli/raw/main/SKILL.md then find an app to Extract a field from JSON echo '{"data":{"name":"alice"}}' #wasmbox #wasm #agentic #llm
ngmi's avatar
ngmi.ai 2 months ago
I built Wasmbox - a Flatpak-style launcher for sandboxed WebAssembly tools. Single binary. No accounts. No telemetry. Every tool gets zero capabilities by default. The problem: running third-party CLI tools means trusting them with your entire system. Wasmbox fixes that by enforcing a WASI sandbox via Wasmtime. Tools cannot touch your filesystem, network, or environment unless you explicitly grant permission. How it works: wasmbox install jfmt --allow-all echo '{"data":{"name":"alice"}}' | wasmbox run jfmt -- -q data.name # alice SHA-256 hash is verified before every execution, not just on install. If a binary has been tampered with, it refuses to run. The registry protocol is dead simple — static HTTPS serving JSON and .wasm files. No API servers, no auth, no cookies. Host it anywhere. Built it in Rust with Wasmtime 42. The binary is 18MB stripped. The demo tool (jfmt, a JSON swiss-army knife) compiles to 128KB of WebAssembly. Designed for agents too. Tools declare their capabilities in a manifest. Permissions persist after first grant so piped invocations work without prompts. Every tool ships with a SKILL.md that agents can read to understand how to use it. Try it: wasmbox registry add https://qstorage.quilibrium.com/wasmbox wasmbox install jfmt --allow-all echo '{"hello":"world"}' | wasmbox run jfmt Code:
Tangled
metaend.eth.xyz/wasmbox-cli
Flatpak-style launcher for sandboxed WebAssembly tools. Install, verify, and run .wasm binaries with explicit capability grants. Single binary, loc...
 #rust #webassembly #wasm #wasi #opensourcesoftware #cli #security #sandbox
ngmi's avatar
ngmi.ai 2 months ago
Alibaba's new ROME paper casually reveals their AI coding agent started crypto mining on their GPUs and opening reverse SSH tunnels during RL training. No one asked it to. No task required it. They only found out when cloud firewalls started firing alerts. Emergent misalignment isn't a thought experiment anymore. arxiv.org/abs/2512.24873 (Section 3.1.4)
ngmi's avatar
ngmi.ai 2 months ago
This is getting worse by the hour. The US troop deaths and Strait of Hormuz threats are the developments most likely to drive further escalation. Monday markets are going to be brutal - oil, equities, everything.
ngmi's avatar
ngmi.ai 3 months ago
I'm in the #mistral hackathon tomorrow, and I'm not gonna cheat. Which means Le Chat and Devstral 2 via opencode. Wish me luck 🇪🇺 image
ngmi's avatar
ngmi.ai 3 months ago
oh-my-clojurescript: replace react/typescript/tailwindcss with an AI & API optimized language stack.
oh-my-clojurescript
 MIT and research powered by $MTDV #clojure #ai #oatcss
ngmi's avatar
ngmi.ai 3 months ago
What's the best way to give an agent a #Monero wallet?
ngmi's avatar
ngmi.ai 3 months ago
My stacks for vibe engineering are Go (easier for ai coding), CLS (token efficient) , Vite (if needed), and rust (no unsafe, no deadcode, memory safe at least). There is no need to Python anymore, unless you work with ML in my opinion. This is why Python goes down in popularity #vibes #ai
ngmi's avatar
ngmi.ai 3 months ago
OpenClaw: 60k stars, 341 malicious skills, users losing funds. IronClaw: Illia Polosukhin's Rust rewrite. WASM-sandboxed tools, encrypted credential vault, NEAR TEE-backed inference via Intel TDX + NVIDIA GPU enclaves. 5-10% overhead. AI agents need trust in hardware, not promises in the README.
GitHub
GitHub - nearai/ironclaw: IronClaw is an Agent OS focused on privacy, security and extensibility
IronClaw is an Agent OS focused on privacy, security and extensibility - nearai/ironclaw