Hacker News: aeneas_ory

New comment by aeneas_ory in "Pro Max 5x Quota Exhausted in 1.5 Hours Despite Moderate Usage"

aeneas_ory — Sun, 12 Apr 2026 14:06:29 +0000

Besides some of the obvious hacks to reduce token usage, properly indexed code bases (think IntelliJ) reduce token usage significantly (30%-50%, while keeping or exceeding result quality compared with baseline) as shown with https://github.com/ory/lumen

Anthropic is not incentivized to reduce token use, only to increase it, which is what we are seeing with Opus 4.6 and now they are putting the screws on

New comment by aeneas_ory in "Post Mortem: axios NPM supply chain compromise"

aeneas_ory — Fri, 03 Apr 2026 13:59:51 +0000

Read the source code

New comment by aeneas_ory in "Post Mortem: axios NPM supply chain compromise"

aeneas_ory — Fri, 03 Apr 2026 08:11:44 +0000

Check if your machine was affected with this tool: https://github.com/aeneasr/was-i-axios-pwned

New comment by aeneas_ory in "Axios compromised on NPM – Malicious versions drop remote access trojan"

aeneas_ory — Thu, 02 Apr 2026 21:12:49 +0000

I wrote a tool that helps you check if your machine was compromised: https://github.com/aeneasr/was-i-axios-pwned

Anthropic says: nothing wrong with our usage limits, you're hallucinating

aeneas_ory — Thu, 02 Apr 2026 20:58:16 +0000

Article URL: https://www.reddit.com/r/ClaudeAI/s/u7aJKSDmfy

Comments URL: https://news.ycombinator.com/item?id=47620090

Points: 7

# Comments: 1

Show HN: Scanner to check if you are affected by the axios supply chain attack

aeneas_ory — Thu, 02 Apr 2026 19:08:58 +0000

Article URL: https://github.com/aeneasr/was-i-axios-pwned

Comments URL: https://news.ycombinator.com/item?id=47618822

Points: 2

# Comments: 0

New comment by aeneas_ory in "Universal Claude.md – cut Claude output tokens"

aeneas_ory — Tue, 31 Mar 2026 10:04:42 +0000

Why does is this ridiculous thing trending on HN? There are actually good tools to reduce token use like https://github.com/thedotmack/claude-mem and https://github.com/ory/lumen that actually work!

New comment by aeneas_ory in "No Coding Before 10am"

aeneas_ory — Sun, 15 Feb 2026 10:38:19 +0000

Sounds like GPT wrote this piece based on some tech exec‘s „we must use AI or lose“ „strategy“. Just let engineers use the tools they want instead of force feeding them yet another ridiculous process. For me, if I have to do meetings in the morning (or „write promps“ lmao) instead of clearing out the ridiculous AI slop debt of code agents my product would never ship.

New comment by aeneas_ory in "The Great Unwind"

aeneas_ory — Wed, 04 Feb 2026 19:34:55 +0000

It‘s really hard to read this article, it smells of LLM generated slop once you get past the first couple of paragraphs - lots of negative parallelisms and lots of words without adding value to the sentence:

> To validate the thesis that the Yen unwind is the primary driver of volatility, we must examine the sequence of events. The crash did not happen in a vacuum; it followed a precise timeline …

> It wasn't just about rates anymore; it was about the stability of the U.S.-led global order

> The unwinding of a carry trade is not a monolithic event; it is a cascade that ripples outward

It‘s like almost in every paragraph. I don’t understand why this gets to be on the frontpage to be honest. It just reads horrible even if some of the points may be true (or hallucinated, who knows)

New comment by aeneas_ory in "Hacking Moltbook"

aeneas_ory — Mon, 02 Feb 2026 19:18:08 +0000

That's fair - removed. It was more geared towards the people who make more out of this than what it is (an interesting idea and cool tech demo).

New comment by aeneas_ory in "Hacking Moltbook"

aeneas_ory — Mon, 02 Feb 2026 18:18:43 +0000

The AI code slop around these tools is so frustrating, just trying to get the instructions from the CTA on the moltbook website working which flashes `npx molthub@latest install moltbook` isn't working (probably hallucinated or otherwise out of date):

      npx molthub@latest install moltbook  
       Skill not found  
      Error: Skill not found

Even instructions from molthub (https://molthub.studio) installing itself ("join as agent") isn't working:

      npx molthub@latest install molthub
       Skill not found
      Error: Skill not found

Contrast that with the amount of hype this gets.

I'm probably just not getting it.

New comment by aeneas_ory in "Provide agents with automated feedback"

aeneas_ory — Mon, 19 Jan 2026 13:55:35 +0000

Catch or prevent - linting only covers a tiny (depending on programming language sometimes more sometimes less) subset of runtime problems. The whole back pressure discussion feels like AI coders found out about type systems and lint rules - but it doesn’t resolve the type problems we get in agentic coding. The only „agent“ responsible for code correctness (and thus adherence to feature specification) is the human instructing the agent, a better compiler or lint rule will not prevent massive logic bugs LLMs tend to create like tests testing functions that have been created by the LLM for the test to make it pass, broken logic flows, missing DI, recreating existing logic, creating useless code that’s not being used anywhere yet pollutes context windows - all the problems LLM based „vibe“ coding „shines“ with once you work on a sufficiently long running project.

Why do I care so much about this? Because the „I feel left behind“ crowd is being gaslighted by comments like the OPs.

Overall strict type systems and static code analysis have always been good for programming, and I‘m glad vibe coders are finding out about this as well - it just doesn’t fix the lack of intelligence LLMs have nor the responsibility of programmers to understand and improve the generated stochastic token output

New comment by aeneas_ory in "Provide agents with automated feedback"

aeneas_ory — Mon, 19 Jan 2026 10:59:38 +0000

The usefulness of using static code analysis (strict type systems, linting) versus not using static code analysis is out of the question. Specifically JavaScript which does not have a strict type system benefits greatly from using static code analysis.

But the author claims that you can catch runtime bugs by letting the LLM create custom lint rules, which is hyperbole at least and wrong at most and giving developers a false sense of security at worst.

New comment by aeneas_ory in "Provide agents with automated feedback"

aeneas_ory — Mon, 19 Jan 2026 09:03:54 +0000

Nobody is sleeping on anything. Linting for the most part is static code analysis which by definition does not find runtime bugs. You even say it yourself "runtime bug, ask the LLM if a static lint rule could be turned on to prevent it".

To find most runtime bugs (e.g. incorrect regex, broken concurrency, incorrect SQL statement, ...) you need to understand the mental model and logic behind the code - finding out if "is variable XYZ unused?" or "does variable X oveshadow Y" or other more "esoteric" lint rules will not catch it. Likelihood is high that the LLM just hallucinated some false positive lint rule anyways giving you a false sense of security.

New comment by aeneas_ory in "Claude is good at assembling blocks, but still falls apart at creating them"

aeneas_ory — Fri, 16 Jan 2026 08:53:37 +0000

"Still on Claude Code" is a funny statement, given that the industry is agreeing that Anthropic has the lead in software generation while others (OpenAI) are lagging behind or have significant quality issues (Google) in their tooling (not the models). And Anthropic frontier models are generally "You're absolutely right - I apologize. I need to ..." everytime they fuck something up.

New comment by aeneas_ory in "The Influentists: AI hype without proof"

aeneas_ory — Wed, 14 Jan 2026 23:29:56 +0000

Thank you for calling this out, we are being gaslit by attention seeking influencers. The algorithmic brAInrot is propagated by those we thought we can trust, just like the instagram and youtube stars we cared about who turned out to be monsters. I sincerely hope those people become better or wane into meaninglessness. Rakyll seems to spend more time on X than working on advancing good software these days, a shame given her past accomplishments.

New comment by aeneas_ory in "Ask HN: How Are You Handling Auth in 2026?"

aeneas_ory — Tue, 06 Jan 2026 16:10:25 +0000

Don‘t get locked in by those SaaS-only vendors. Modern stacks self-host because SaaS has a tendency to extort you once they need to show growth and are unable to acquire new customers fast enough.

Your best bet then is Ory https://github.com/ory / https://www.ory.com because it has an OSS version, enterprise version for self hosters, and a SaaS! And the source code is visible to everyone unlike other vendors :) Plus all the big names like OpenAI or Mistral use Ory as well.

New versioning strategy for Ory and v25.4 release week

aeneas_ory — Tue, 11 Nov 2025 09:19:57 +0000

Article URL: https://www.ory.com/blog/ory-oss-v25-4-0-new-release-announcement-versioning-scheme

Comments URL: https://news.ycombinator.com/item?id=45885496

Points: 1

# Comments: 0

Show HN: Open-source OAuth2 server Ory Hydra 25.4 ships OAuth2.1 and Device Auth

aeneas_ory — Tue, 11 Nov 2025 09:18:46 +0000

Article URL: https://github.com/ory/hydra/releases/tag/v25.4.0

Comments URL: https://news.ycombinator.com/item?id=45885483

Points: 2

# Comments: 0

Show HN: Secure AI contexts with open source reBAC-protected RAG and SQLite-vec

aeneas_ory — Wed, 15 Oct 2025 11:28:55 +0000

Article URL: https://github.com/ory/rerag-rebac

Comments URL: https://news.ycombinator.com/item?id=45590820

Points: 4

# Comments: 0