Show HN: Scan your AI agents for dangerous capabilities

AI babysitter drops as commenters ask: genius fix or stuff your computer already does

TLDR: MakerChecker is an open-source tool that scans AI agents for risky powers and blocks them from doing dangerous things without approval. Commenters were split between calling it a smart safety layer and mocking it as a flashy way to rebuild protections computers already had.

A new project called MakerChecker is pitching itself as the grown-up in the room for AI agents — basically, software that scans what your bot can do, blocks dangerous actions by default, and keeps a signed record so the bot can’t quietly approve its own risky moves. In plain English: if an AI assistant tries to delete data, move money, run commands, or leak secrets, this tool is supposed to catch that before things go off the rails. The creator posted it to Show HN with a cheerful “Hey all :)” and asked for feedback. The community, naturally, arrived with fire, sarcasm, and side quests.

The biggest clash was over whether this is a much-needed safety net or just a fancy reinvention of protections your computer already has. One skeptic basically said, why build a whole new safety castle when your operating system already has locks on the doors? Another commenter went even harder, laughing at the industry for removing permission checks in the race for speed and now selling everyone the seatbelt they tossed out the window. That hot take gave the thread serious “we invented the problem, now buy the fix” energy.

Still, not everyone came to throw tomatoes. A couple of builders popped up with the classic Hacker News move: “cool, I’m making something similar.” So the vibe was half applause, half roast, with a side of “did Big AI just rediscover common sense?” In other words: perfect internet drama.

Key Points

  • MakerChecker is described as an open-source security layer that enforces deny-by-default controls for AI agent tool use.
  • Its scan tool can analyze local code for consequential actions such as deleting data, moving money, shell execution, and secret exfiltration, and can generate governance code with `--fix`.
  • Its embedded package wraps tools so agents can only execute skills granted to their roles, with denied calls blocked before execution.
  • A self-hosted server provides human approval workflows and a tamper-evident audit log using Ed25519 signatures and hash chaining.
  • The system includes integrations for LangChain, Claude Agent SDK, CrewAI, and TypeScript/Python SDKs, plus examples in healthcare and finance workflows.

Hottest takes

"Why build separate frameworks for this kind of thing when your operating system is right there?" — __MatrixMan__
"haha! WHAT!?" — pelagicAustral
"we need speed and everybody started coding and releasing agents out in the wild" — pelagicAustral
Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.