Hacker News: saltpath

New comment by saltpath in "Show HN: Pglens – 27 read-only PostgreSQL tools for AI agents via MCP"

saltpath — Mon, 30 Mar 2026 18:00:16 +0000

Read-only by design is a smart constraint for agent tooling — eliminates a whole class of "oops the LLM dropped my table" failure modes. Curious about a couple things: how do you handle schema introspection? Do the tools auto-discover tables/columns or is there a config step? And for the query tools, is there any cost/complexity guardrail (e.g. preventing a full sequential scan on a 500M row table)?

New comment by saltpath in "Show HN: Optio – Orchestrate AI coding agents in K8s to go from ticket to PR"

saltpath — Thu, 26 Mar 2026 09:48:24 +0000

The parallel execution model makes sense for independent tickets but I'm wondering what happens when agent A is halfway through a PR touching shared/utils.py and agent B gets assigned a ticket that needs the same file. Does the orchestrator do any upfront dependency analysis to detect that, or do you just let them both run and deal with the conflict at merge time?

New comment by saltpath in "NIST Seeking Public Comment on AI Agent Security (Deadline: March 9, 2026)"

saltpath — Fri, 13 Mar 2026 14:32:02 +0000

The token cost difference is the metric nobody's capturing. 5K vs 210K tokens for the same JWT forgery isn't just efficiency — it's the blast surface. A contained agent leaves a narrow call trace. A thrashing one touches five APIs, retries three times, leaks context in every hop. If your proxy logs the full call chain with timestamps and response sizes per hop, that cost delta becomes a measurable risk signal, not just a billing line. The hard part isn't the instrumentation, it's getting teams to route agent traffic through anything they don't own.

New comment by saltpath in "NIST Seeking Public Comment on AI Agent Security (Deadline: March 9, 2026)"

saltpath — Tue, 10 Mar 2026 20:03:09 +0000

The blast radius framing is right but the tooling gap is actually worse than debugging. It's about third-party verifiability. A regulator or auditor can't trust a log produced by the same operator who runs the agent.

Spent the last few months on this specific problem. chain hash per outbound call + external timestamp so anyone can verify independently what the agent called, when, and what it got back. works across providers which matters when you're chaining claude -> mistral -> internal endpoint.

Early days but if useful for the nist response: https://arkforge.tech/trust/v1/proof/prf_20260310_182226_cbc...