https://news.ycombinator.com/user?id=calebjangHacker News RSShttps://hnrss.org/hnrss v2.1.1Fri, 29 May 2026 17:10:09 +0000This is exactly what worries me about autonomous agents. A compromised package is bad. An agent that autonomously runs pip install with that package is a different problem. The attack surface moves with the agent.

]]>Wed, 25 Mar 2026 19:40:35 +0000https://news.ycombinator.com/item?id=47522157calebjanghttps://news.ycombinator.com/item?id=47522157https://news.ycombinator.com/item?id=47522157