Hacker News: steipete

New comment by steipete in "Anthropic says OpenClaw-style Claude CLI usage is allowed again"

steipete — Tue, 21 Apr 2026 20:02:00 +0000

Peter here from OpenClaw. For context, here’s why our post reads the way it does:

Boris from Claude Code said publicly on Twitter that CLI-style usage is allowed. We took that seriously and invested time building around that guidance. I even changed the defaults, so when using the cli we're automatially disabling features that use excessive tokens like the heartbeat feature. But in practice, Anthropic still blocks parts of our system prompt, so the actual behavior today does not match what was communicated publicly.

https://x.com/bcherny/status/2041035127430754686

They since seemed to changed their classifier as people hack around it, as it is trivial to do so with a few renames. I'm not playing that game so it's in a weird limbo where it should work in theory but doesn't in practice.

New comment by steipete in "OpenClaw privilege escalation vulnerability"

steipete — Sat, 04 Apr 2026 18:03:03 +0000

ofc it's software engineers.

New comment by steipete in "OpenClaw privilege escalation vulnerability"

steipete — Sat, 04 Apr 2026 13:55:29 +0000

Honestly that seems like total guesswork. There's a lot of FUD going around, or people running portscans and assuming just because they detect a gateway on a port, that they can connect to it. That’s not the case.

New comment by steipete in "OpenClaw privilege escalation vulnerability"

steipete — Sat, 04 Apr 2026 13:54:37 +0000

They both sponsor the OpenClaw Foundation and provide engineers to improve OpenClaw.

New comment by steipete in "OpenClaw privilege escalation vulnerability"

steipete — Fri, 03 Apr 2026 17:58:21 +0000

OpenClaw creator here.

This was a privilege-escalation bug, but not "any random Telegram/Discord message can instantly own every OpenClaw instance."

The root issue was an incomplete fix. The earlier advisory hardened the gateway RPC path for device approvals by passing the caller's scopes into the core approval check. But the `/pair approve` plugin command path still called the same approval function without `callerScopes`, and the core logic failed open when that parameter was missing.

So the strongest confirmed exploit path was: a client that ALREADY HAD GATEWAY ACCESS and enough permission to send commands could use `chat.send` with `/pair approve latest` to approve a pending device request asking for broader scopes, including `operator.admin`. In other words: a scope-ceiling bypass from pairing/write-level access to admin.

This was not primarily a Telegram-specific or message-provider-specific bug. The bug lived in the shared plugin command handler, so any already-authorized command sender that could reach `/pair approve` could hit it. For Telegram specifically, the default DM policy blocks unknown outsiders before command execution, so this was not "message the bot once and get admin." But an already-authorized Telegram sender could still reach the vulnerable path.

The practical risk for this was very low, especially if OpenClaw is used as single-user personal assistant. We're working hard to harden the codebase with folks from Nvidia, ByteDance, Tencent and OpenAI.

New comment by steipete in "I’m joining OpenAI"

steipete — Mon, 16 Feb 2026 01:05:54 +0000

Mario has a special place in the Clawtributor list.

https://github.com/openclaw/openclaw#community

New comment by steipete in "Cowork: Claude Code for the rest of your work"

steipete — Tue, 13 Jan 2026 01:49:20 +0000

Funny timing. Written in 10 days just when this took off. https://clawd.bot/

New comment by steipete in "Just talk to it – A way of agentic engineering"

steipete — Wed, 15 Oct 2025 22:09:17 +0000

Marketing for what? I didn't even link to what I'm building because I wanna ship it when it's ready.

New comment by steipete in "Just talk to it – A way of agentic engineering"

steipete — Wed, 15 Oct 2025 22:07:37 +0000

(OP) You know if I link to a half-finished project, people would take it apart as many don't understand the nuance between crap and simply not done yet. But if you follow me on twitter it'll take you a few minutes to figure out. I'm two months in, even with AI, shipping good stuff takes time.

New comment by steipete in "Just talk to it – A way of agentic engineering"

steipete — Wed, 15 Oct 2025 22:02:56 +0000

(OP) 1/3rd of the code is tests.

There's an Expo app, two Tauri apps, a cli, a chrome extension. The admin part to help debug and test features is EXTREMELY detailed and around 40k LOC alone.

To give some perspective to that number.

New comment by steipete in "Just talk to it – A way of agentic engineering"

steipete — Wed, 15 Oct 2025 22:00:21 +0000

OP: If you give the llm examples like https://react.dev/learn/you-might-not-need-an-effect, it does a farily good job at refactoring useEffecs.

And yes refactoring sometimes re-introduces these, so it's not a perfect solution.

New comment by steipete in "Just talk to it – A way of agentic engineering"

steipete — Wed, 15 Oct 2025 21:58:58 +0000

(OP) the current projec is closed source. If you look at my cli tools, that's pure slop, all I care is that it works, so reviewing that code for sure will show some weird stuff. Does it matter? It's a tool to fetch logs form a server. I run it locally. As long as is does that reliably, idk about the code.

New comment by steipete in "Just talk to it – A way of agentic engineering"

steipete — Wed, 15 Oct 2025 21:57:23 +0000

tbh in the time where everyone uses AI to write articles, some typos and mistakes like that are helpful to show that it's human made.

New comment by steipete in "Just talk to it – A way of agentic engineering"

steipete — Wed, 15 Oct 2025 21:56:19 +0000

(OP) I use atlas for database migrations, it works quite well with agents and has plenty guardrails around it.

New comment by steipete in "GLM 4.5 with Claude Code"

steipete — Sat, 06 Sep 2025 01:42:41 +0000

Been using that for a while, first Chinese model that works REALLY well!

Also fascinating how they solved the issue that Claude expects a 200+k token model while GLM 4.5 has 128k.

New comment by steipete in "Show HN: Conductor, a Mac app that lets you run a bunch of Claude Codes at once"

steipete — Mon, 21 Jul 2025 00:33:51 +0000

For that workflow, you might be happier with https://vibetunnel.sh.

New comment by steipete in "vibetunnel - turn any browser into a terminal and command your agents on the go"

steipete — Tue, 17 Jun 2025 02:16:46 +0000

Bind to localhost (default) and share securely via Tailscale.

vibetunnel - turn any browser into a terminal and command your agents on the go

steipete — Tue, 17 Jun 2025 01:49:01 +0000

Article URL: https://github.com/amantus-ai/vibetunnel

Comments URL: https://news.ycombinator.com/item?id=44295042

Points: 15

# Comments: 2

New comment by steipete in "Give Your AI Agents Supernatural Vision on macOS"

steipete — Sun, 08 Jun 2025 22:55:12 +0000

Peekaboo is a macOS-only MCP server that enables AI agents to capture screenshots of applications, or the entire system, with optional visual question answering through local or remote AI models.

Without screenshots, agents debug blind—Peekaboo gives them eyes.

Give Your AI Agents Supernatural Vision on macOS

steipete — Sun, 08 Jun 2025 22:55:12 +0000

Article URL: https://www.peekaboo.dev/

Comments URL: https://news.ycombinator.com/item?id=44219988

Points: 4

# Comments: 2