The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
GitHub

Hermes Agent ☤

The self-improving AI agent built by Nous Research. It's the only agent with a built-in learning loop — it creates skills from experience, improves them during use, nudges itself to persist knowledge, ...
LinkedIn

Fixing Approval Fatigue in CliGate with Task-Scoped Trust

For local tools, use task-scoped trust: - Ask before crossing a major boundary - Remember the approval for the current task - Provide a way to return to strict mode - Do not let system messages change ...
GitHub

Sehab121/awesome-openclaw-skills-CN

pasteclaw - Use Pasteclaw.com API to create, update, group (session keys), and delete. pbe-extractor - Extract invariant principles from any text — find the ideas perry-coding-agents - Dispatch coding ...