Hacker News: jordanedevhttps://news.ycombinator.com/user?id=jordanedevHacker News RSShttps://hnrss.org/hnrss v2.1.1Mon, 15 Jun 2026 08:43:10 +0000<![CDATA[New comment by jordanedev in "Show HN: Optio – Orchestrate AI coding agents in K8s to go from ticket to PR"]]>That's exactly what i did personnaly on my oss repo https://github.com/ysa-ai/ysa

I want to run my agents fully isolated with headless mode. To achieve that safely you have to run a proxy

]]>Fri, 27 Mar 2026 15:55:45 +0000https://news.ycombinator.com/item?id=47544393jordanedevhttps://news.ycombinator.com/item?id=47544393https://news.ycombinator.com/item?id=47544393<![CDATA[Show HN: I sandboxed OpenAI's Symphony orchestrator in one file using YSA]]>YSA is an open source sandbox runtime for AI agents. Each task runs in an isolated Podman container with a network proxy that filters every outbound request.

This example repo shows how to connect it to Symphony (OpenAI's agent orchestrator) — the entire integration is one new file, runner/ysa.ts.

The demo shows an agent attempting to POST data to an external URL and getting blocked by the network proxy.

Demo Repo: https://github.com/ysa-ai/ysa-symphony-example YSA: https://github.com/ysa-ai/ysa

Comments URL: https://news.ycombinator.com/item?id=47495199

Points: 2

# Comments: 0

]]>Mon, 23 Mar 2026 21:14:20 +0000https://github.com/ysa-ai/ysa-symphony-examplejordanedevhttps://news.ycombinator.com/item?id=47495199https://news.ycombinator.com/item?id=47495199<![CDATA[Show HN: YSA – Sandbox for AI agents with outbound network control]]>I've been running Claude CLI on production codebases and got uncomfortable not knowing what could leak outbound — especially in case of prompt injection.

YSA runs Claude CLI inside a rootless Podman container with a git worktree per task. Each container gets: - A MITM proxy (L7): TLS termination, GET-only enforcement, body blocked, URL length cap, outbound byte budget, rate limiting per domain - iptables rules via OCI hook (L3/L4): all outbound traffic blocked except through the proxy - seccomp whitelist, all capabilities dropped, read-only filesystem, no-new-privileges

The repo includes a basic dashboard to run tasks in parallel and visualize per-container network traffic in real time.

Early but functional — I use it daily.

Especially curious about feedback on the security model and proxy bypass detection.

Comments URL: https://news.ycombinator.com/item?id=47261461

Points: 2

# Comments: 0

]]>Thu, 05 Mar 2026 13:41:16 +0000https://github.com/ysa-ai/ysajordanedevhttps://news.ycombinator.com/item?id=47261461https://news.ycombinator.com/item?id=47261461