April 8, 2026

API dreams vs prompt screams

Article URL →HN comments →

Show HN: Skrun – Deploy any agent skill as an API

Skrun turns AI skills into instant APIs — hype meets “security nightmare” fears

TLDR: Skrun lets people turn AI “skills” into quick web APIs, open source and local today with cloud on the way. The crowd split fast: fans like the simplicity and model‑switching, while skeptics warn of prompt‑injection risks and a rival says it’s already been done, sparking a real “is this safe or new?” debate.

Two devs dropped Skrun, an open‑source tool that turns an AI “skill” (basically a how‑to file) into a one‑click web API in minutes. It runs locally today, promises cloud later, and even swaps between models from OpenAI, Google, Anthropic and more. Think: your code‑review or SEO‑audit bot, now callable by a simple web request. The repo is MIT‑licensed and comes with demo agents and a plug‑and‑play CLI.

Then came the comments. The launch duo, frizull and colleague Tarcroi, asked for feedback — and got a firehose. The loudest alarm? Security. One top reply called it a “security nightmare,” warning that prompt injection (tricking the AI into spilling secrets) could wreck anyone who exposes this publicly. Another big take: if Skrun auto‑switches between AI providers, then, as one commenter put it, the model is a commodity — the real value is your process and data, not the chatbot brand. And cue the clone war: a drive‑by link to Skillkit claimed “already does this,” igniting the usual “who shipped first” debate. Amid the drama, some readers liked the simple “POST /run” approach and the memory‑across‑runs feature — while others joked this is how you speedrun a security incident. It’s equal parts power‑tool and panic button, which is exactly why HN can’t look away.

Key Points

  • Skrun is an open-source CLI that turns SKILL.md-defined agent skills into APIs via a POST /run endpoint.
  • It supports multi-model providers (Anthropic, OpenAI, Google, Mistral, Groq) with automatic fallback and stateful runs.
  • Configuration is handled through agent.yaml, defining models, I/O, permissions, state, and tests.
  • Tool calling is supported via bundled CLI scripts and MCP servers; demo agents showcase code review, PDF processing, SEO, data analysis, email drafting, and web scraping.
  • v0.1 includes a local runtime; cloud deployment is planned using a RuntimeAdapter interface, with documentation and MIT licensing provided.

Hottest takes

“This looks like a security nightmare” — sergioisidoro
“Auto-switching across model providers basically concedes the model layer is commodity” — 7777777phil
“https://Skillkit.sh already does this by default” — rohitghumare

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.