June 3, 2026
Prompt and Circumstance
Show HN: Tired of duct-taping access control into agent prompts. Here's the fix
A new tool says your AI can’t be sweet-talked into spilling secrets — and HN had thoughts
TLDR: Cast is a new open-source tool that tries to stop shared AI assistants from ignoring access rules by hiding those rules from the bot itself. Commenters were split between impressed relief, timeline-sleuth suspicion, and the classic Hacker News flex of “already built something like this.”
A fresh Show HN post dropped with a very relatable complaint: people are apparently duct-taping security rules into chatbot instructions and praying the bot behaves. Creator Yao says that’s a disaster waiting to happen, so he built Cast, an open-source tool that keeps the rules outside the chat itself. In plain English: instead of telling an AI “pretty please don’t do admin stuff unless I say the magic words,” Cast tries to lock that down behind the scenes so the AI can’t be tricked, charmed, or bullied into ignoring it.
And the comments? Oh, they immediately split into the classic internet trio: the impressed, the suspicious, and the smugly already-solved-it crowd. One user cheered that managing all their “Claudes” is genuinely hard, basically saying: yes, this mess is real and thank you for trying. Another called the whole direction exactly where homegrown AI systems need to go, which is about as close to a standing ovation as Hacker News gets.
But then came the delicious drama. One commenter zoomed in on the repository timing and asked, “Are we time travelling now?” after noticing the code upload appeared to happen after the post. That’s the kind of tiny timeline mystery the internet lives for. And in peak HN fashion, another person breezed in with the ultimate power move: they’d already given their agents a keychain tool and ended with a dry little “Done.” Translation: cool project, but some people are already posting from the “I solved this in my garage” section.
Key Points
- •Cast is an open-source, self-hosted, MIT-licensed harness for multi-user, multi-agent systems.
- •The article’s main distinction is that access control is enforced through configuration and routing rather than prompt instructions visible to the model.
- •Cast integrates with Claude Code through three skills: /cast-build, /cast-refine, and /cast-debug.
- •Running Cast requires a container runtime, Node 20+, and Claude credentials, and it opens an admin dashboard at localhost:5051/admin/.
- •On first run, a chat-based builder called Design scaffolds agents from plain-English descriptions, after which users can configure, activate, and share them across Slack, Telegram, or the web.