惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

M
MIT News - Artificial intelligence
有赞技术团队
有赞技术团队
S
Schneier on Security
aimingoo的专栏
aimingoo的专栏
T
Troy Hunt's Blog
U
Unit 42
Hacker News - Newest:
Hacker News - Newest: "LLM"
V2EX - 技术
V2EX - 技术
T
The Blog of Author Tim Ferriss
V
Visual Studio Blog
H
Heimdal Security Blog
H
Hacker News: Front Page
Blog — PlanetScale
Blog — PlanetScale
博客园 - 司徒正美
Cloudbric
Cloudbric
Google DeepMind News
Google DeepMind News
C
Cisco Blogs
The Cloudflare Blog
C
Cybersecurity and Infrastructure Security Agency CISA
Microsoft Security Blog
Microsoft Security Blog
MyScale Blog
MyScale Blog
F
Fortinet All Blogs
N
News | PayPal Newsroom
Attack and Defense Labs
Attack and Defense Labs
D
DataBreaches.Net
N
News and Events Feed by Topic
Security Archives - TechRepublic
Security Archives - TechRepublic
Forbes - Security
Forbes - Security
Simon Willison's Weblog
Simon Willison's Weblog
F
Full Disclosure
The Register - Security
The Register - Security
L
LINUX DO - 热门话题
Webroot Blog
Webroot Blog
Google Online Security Blog
Google Online Security Blog
AI
AI
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
I
Intezer
S
Security Affairs
阮一峰的网络日志
阮一峰的网络日志
K
Kaspersky official blog
云风的 BLOG
云风的 BLOG
博客园 - 叶小钗
T
Threatpost
Spread Privacy
Spread Privacy
小众软件
小众软件
AWS News Blog
AWS News Blog
S
Secure Thoughts
S
Security @ Cisco Blogs
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
J
Java Code Geeks

Hacker News: Show HN

PurrrrrFocus: Pomodoro Timer App - App Store Workflow Engine — Multi-Step Orchestration for Bun RapidPhoto: Pro Photo Editor App - App Store GitHub - DheerG/swarms: Achieve extraordinary results with claude code across a variety of tasks SPICE simulation → oscilloscope → verification with Claude Code — Lucas Gerads Show HN: VCoding – A 5 MB native Windows IDE with no dynamic dependencies Show HN: LLMs don't hallucinate because they're bad at math, it's the format GitHub - Agent-FM/agentfm-core: AgentFM is a peer-to-peer network that turns everyday computers into a decentralized AI supercomputer. AgentFM lets you run massive AI workloads directly across a global mesh of idle CPUs and GPUs. Show HN: Tracking Top US Science Olympiad Alumni over Last 25 Years GitHub - Potarix/agent-hub: One place to talk to all your agents Show HN: Runtime security for AI agents(injection,tool abuse, data exfiltration) GitHub - dubeyKartikay/lazyspotify: Terminal Spotify client for macOS and Linux GitHub - the-banana-tool/king-louie: Easy to use GUI Personal AI Assistant. Win/Linux/Mac. Show HN I made my vacation rental bookable by AI agents–no Airbnb, 0% commission GitHub - basteez/jsf-autoreload: maven plugin to enable hot reload on jsf projects uvm32/hosts/host-gdbstub at main · ringtailsoftware/uvm32 GitHub - labsai/EDDI: Config-driven engine that turns JSON into production-grade AI agents. Multi-agent orchestration, 12+ LLM providers, MCP/A2A protocols, RAG, persistent memory, and enterprise compliance (EU AI Act, GDPR, HIPAA). Built on Quarkus. GitHub - glitchnsec/fortyone-oss: AI Executive Assistant Platform Quickstart | Alien GitHub - muxshed/shed: One stream in, or many. Every destination, simultaneously. No cloud middleman, no per-channel fees, no limits. GitHub - ocrbase-hq/ocrbase: 📄 PDF/IMG ->.MD/JSON Document OCR API for PaddleOCR and GLMOCR. Self-hostable. GitHub - impactjo/home-memory: MCP server that lets your AI assistant remember everything about your home. GitHub - Sets88/dbcls: DbCls is a powerful terminal database client that supports various databases GitHub - neptun2000/heor-agent-mcp GitHub - SeanFDZ/macmind: Single-layer transformer in HyperTalk for the classic Macintosh RollQuation: Math Puzzles - Apps on Google Play GitHub - dropbox/witchcraft Show HN: Agent-cache – Multi-tier LLM/tool/session caching for Valkey and Redis GitHub - opentalon/opentalon: OpenTalon is an open-source platform built from the ground up in Go as a robust alternative to OpenClaw LinkedIn™ 职位抓取工具 - Chrome 应用商店 GitHub - EdoardoBambini/Agent-Armor-Iaga: AI agents are getting tool access — shell, file system, databases, APIs, secrets. But **nobody is governing what they actually do with it**. Frameworks like LangChain, CrewAI, AutoGen, and Claude Code give agents the power to execute. Agent Armor gives you the power to control, audit, and approve every single action before it happens. HN Vibes — Week 15, Apr 7–13 2026 GitHub - chojs23/ec: Easy terminal-native 3-way git mergetool vim-like workflow GitHub - SethPyle376/hiraeth: Local AWS emulator focused on fast integration testing, with SQS support, SQLite-backed state, and a debug-friendly web UI. GitHub - JakOb-dotcom/cloud-sandbox-security-analysis: Technical analysis and Proof of Concept (PoC) regarding environment variable exfiltration in containerized cloud sandboxes via side-channel data leaks. Springboards - Flint Alpha Show HN: A simpler coding agent harness GitHub - audiodude/sudomake-friends GitHub - 256thFission/mini-mythos: OSS clone of Anthropic’s Mythos harness to locate C/C++ memory vulnerabilities Show HN: OpenParallax: OS-level privilege separation for AI agent execution Hacker News Sorted - Chrome 应用商店 Show HN: How to Install Docker on Ubuntu 24.04 LTS: Complete 2026 Guide GitHub - himanshudongre/smriti GitHub - sverrirsig/claude-control: macOS desktop dashboard for monitoring and managing multiple Claude Code sessions GitHub - ory/dockertest: Write better integration tests! Dockertest helps you boot up ephermal docker images for your Go tests with minimal work. Chiral - Chrome 应用商店 Show HN: Two Claudes collaborating through shared memory on a $100 mini-PC GitHub - pmichaillat/latex-cv: Minimalist LaTeX template for academic CVs GitHub - oguzbilgic/posse: A web UI for Anthropic Managed Agents. GitHub - sshiraz/depsly: Dependency risk analysis tool for npm packages ABI Add safari/agent-harness — Safari browser automation via safari-mcp by achiya-automation · Pull Request #212 · HKUDS/CLI-Anything GitHub - Halfblood-Prince/trustcheck: Verify PyPI package attestations and improve Python supply-chain security GitHub - oguzbilgic/kern-ai: Agents that do the work and show it. GitHub - bruits/satteri: High-performance Markdown and MDX processing for the JavaScript ecosystem GitHub - tylergibbs1/feedstock: High-performance web crawler and scraper for TypeScript, powered by Bun and Playwright GitHub - Grimm67123/grimmbot: The self-improving sandboxed and open-source AI agent. With persistent memory and scheduling. GitHub - whitevanillaskies/whitebloom: Local whiteboard that blooms. GitHub - hwdsl2/docker-whisper: Docker image for a self-hosted Whisper speech-to-text server with speaker diarization and OpenAI-compatible transcription and translation APIs. Powered by faster-whisper. Supports all Whisper models, NVIDIA GPU (CUDA) acceleration, JSON/SRT/VTT output, SSE streaming, offline mode, and multi-arch (amd64, arm64). GitHub - yisding/reviewwiggum GitHub - MarwanAlsoltany/serrors: Structured errors for Go: sentinel hierarchies, typed data, custom formatting, and slog integration. GitHub - soatok/age-php GitHub - Luthiraa/markitme GitHub - stagas/rtdiff: realtime git diff gui and AI-assisted commits GitHub - tombedor/excalicharts GitHub - wh1le/excalidraw-edit: Open and edit .excalidraw files from the terminal. Offline, auto-saves to disk. MalExt Sentry - Malicious Extension Scanner - Chrome 应用商店 GitHub - syi0808/asciianimesvg: Generate animated ASCII art SVGs from text. CLI, Rust library, WASM, and web editor. GitHub - zaina-ml/ml_forge: A visual-based graph node editor for training computer vision models. GitHub - anakin87/llm-rl-environments-lil-course: 🌱 A little course on Reinforcement Learning Environments for evaluating and training Language Models GitHub - takaakit/superpowers-uml: Superpowers-UML modifies Superpowers to ensure a software development workflow in which AI agents design through UML modeling. AdriByte Studio - Sviluppo Web e Soluzioni Digitali GitHub - chouligi/angel-copilot: Your personalized Angel Investment Advisor Show HN: MoodSense AI (ML and FastAPI and Gradio, Deployed on Hugging Face) Moodsense Ai - a Hugging Face Space by aman179102 GitHub - agenteractai/lodmem: Level Of Detail Context Management for Agents GitHub - ostefani/subnetlens: A fast, concurrent network scanner with a TUI and plain-text CLI, built in Go. It discovers live hosts on your network, scans their open ports, resolves hostnames, and fingerprints operating systems—delivered. Cyber Pulse: Agentic Intel - Apps on Google Play Whisper API: Self-Hostable Speech to Text Transcription The Agent-Web Protocol Stack: A Research Thesis GitHub - msmarkgu/RelayFreeLLM: A restful API designed to route user prompts to various AI model providers. Show HN: Provepy – A Python decorator that proves your code using Lean and LLMs Show HN: Pardonned.com – A searchable database of US Pardons GitHub - patrickdappollonio/dux: Dux is a terminal UI that lets you run multiple AI coding agents side by side, each in its own git worktree, with full companion terminals, macros, commit generation, and a command palette that knows more tricks than you do. kMC Crystal Simulator Show HN: HyperFlow – A self-improving agent framework built on LangGraph GitHub - stef41/vibescore: 🎵 Grade your vibe-coded project. One command, instant letter grade across security, quality, dependencies, and testing. GitHub - stef41/lmscan: 🔍 Detect AI-generated text and fingerprint which LLM wrote it. Open-source GPTZero alternative. Zero dependencies, works offline. imgur.com GitHub - visionscaper/collabmem: Enabling long-term collaboration with Agentic AI - building up episodic and world model memory over time with in-context awareness 在 Steam 上购买 FriedrichAI: Offline AI 立省 10% GitHub - atripati/ark: AI Runtime Kernel — a context operating system for AI agents. Eliminates tool bloat, loads only what’s needed, and gives LLMs their reasoning space back. GitHub - nowork-studio/toprank: Open-source Claude Code skills for SEO, SEM, Google Ads GitHub - tacomanator/sash: Lightweight macOS menu bar app for reliably cycling through windows of the current application. Appents | Social Media Management for Product-First Teams GitHub - pnhoang/youtube-spam-blocker: Automatically detects and hides spam messages in YouTube Live chat. Set rate limits, keyword filters, and block repeat offenders. GitHub - decisionnode/DecisionNode: CLI + Local MCP - A shared structured memory store across Claude Code, Cursor, Windsurf, Antigravity, and every MCP client. Semantically queryable. GitHub - AvaCodeSolutions/django-email-learning: An open source Django app for creating email-based learning platforms with IMAP integration and React frontend components. The $100K Gap in Kubernetes Security Tooling Function Calling Harness: From 6.75% to 100%
GitHub - NikhilSKashyap/interviewsignal: AI-native broad-interviewing. Share a code, capture thought process, auto-grade on submit. pip install, zero setup cost, pure signal.
NikhilKashya · 2026-05-27 · via Hacker News: Show HN

Traditional hiring relies on broadcast-rejection — filtering out hundreds of talented developers based on resume keywords or rigid pass/fail LeetCode puzzles because manual screening doesn't scale.

interviewsignal enables AI-native broad-interviewing: a high-volume, high-fidelity asynchronous screening model that opens the funnel wide without draining engineering resources. Share a code. Every candidate works the problem on their own time, in their own IDE, with their own AI tools. The session captures the full thought process — every prompt, every decision, every iteration. Submissions arrive auto-graded and ranked. You spend 15 minutes triaging, not 200 hours interviewing.

When every candidate uses AI, code quality converges. Output is no longer signal. ATS platforms grade the output — did the code pass tests? We grade the thinking — how the candidate decomposes the problem, directs the AI, and iterates on failures. The transcript captures who drove the thinking. That's the signal no one else can see.

Broad-interview, not broadcast-reject. Pure signal.


The Engine in Action

Candidate — works in terminal with full-power AI

Candidate session — prompts, tool calls, and reasoning captured in real time

Hiring Manager — reviews auto-graded submissions in the dashboard

HM dashboard — candidates ranked by score, flags, transcript, and grading

The Unfair Advantage

🔗 Capture the Process

Every prompt, tool call, and iteration is hash-chained and tamper-evident. You see how they solved it, not just what they submitted.

🤖 AI-Native Baseline

Candidates use full-power AI — that's the point. High-leverage use (directs, verifies, iterates) scores well. Low-leverage use (paste and accept) scores poorly.

📊 Triaged in Minutes

Submissions arrive auto-graded and ranked against your rubric. Batch advance or reject. 200 candidates in 15 minutes.

🔒 Fully Private

Your relay, your API key. Nothing leaves your network. No telemetry. No analytics. No tracking. Zero external dependencies.

⚡ Zero Setup Cost

pip install, share a code, done. No platform to sign up for. No vendor contract. No procurement cycle.

🤝 Fair to Candidates

Real problems, real tools, real feedback. Every candidate gets the same shot regardless of timezone, schedule, or interview anxiety.


interviewsignal vs Saffron vs OpenRound

Saffron and OpenRound validate the category: AI-native interviews are here.

But the default should not be another hosted assessment vendor. The paid products monetize the wrapper: sandbox, quota, dashboard. interviewsignal ships the evidence layer directly: install it, run it in your repo, keep the data, fork the rubric.

Saffron OpenRound interviewsignal
Model Managed SaaS Managed SaaS Open-source infrastructure
Environment Browser IDE sandbox Hosted browser + CLI flow Candidate's own IDE
AI tools Platform-controlled Platform-controlled Any — Claude Code, Codex, Gemini, Cursor
Evidence captured Keystrokes + replay Evaluation dimensions + transcript Prompts, tool calls, diffs, commits, flags
Code evolution Session replay Submission trace Per-prompt git commits
Tamper evidence Session replay (platform-verified) Not stated Hash-chained event log + 9 automated flags
Assessment quota 5-15/mo + $49 per extra 5-20/mo + custom Unlimited
Pricing From $199/mo From $149/mo ($129/mo annual) Free forever
Interview data Vendor servers Vendor servers Your servers
Self-hosted/private No No Yes
Open source No No Yes
Trust model Vendor-verified Vendor-verified Cryptographically verifiable

AI-native hiring signal should be inspectable, forkable, and owned by the hiring team. That is the whole point of interviewsignal.


Quickstart

Hiring manager — create an interview

First launch opens a setup wizard in your browser — relay URL, API key, create your first interview. Three screens and you're live. The form asks for three things: problem, rubric, time limit. You get back a code like INT-4829-XK. Share it with 5 candidates or 500.

Your rubric dimensions are your weights. If you want thought process to matter more than code quality, make more of your dimensions about process.

Candidate — take the interview

pip install interviewsignal && interview install
# Codex: pip install interviewsignal && interview install --platform codex
/interview INT-4829-XK

The session starts, GitHub OAuth opens (one account = one submission), and the problem appears. Work normally — ask the AI questions, write code, run tests. When done:

Session sealed. Pushed to relay. Auto-graded. Score + summary shown in terminal.

Hiring manager — review

interview dashboard              # → http://localhost:7832
interview dashboard INT-4829-XK  # → jump to one interview's submissions

Submissions arrive sorted by score. Flags highlight anomalies. Select candidates in bulk → advance or reject. Click into any candidate for the full transcript, dimension scores, and diff.

Batch actions: ↻ Regrade (re-run AI grading after rubric tuning) · ✓ Yes / → Maybe / ✗ No · ↓ Export CSV


How it works

graph TD
    A[Candidate Prompts AI] --> B[Shell Hooks Capture Tool Calls]
    B --> C[Append-Only SHA-256 Event Log]
    C --> D[Automatic Git Micro-Commit after each turn]
    D --> E[Log Sealed on /submit]
    E --> F[Relay Server Auto-Grades via Rubric]
    F --> G[HM Dashboard ranks candidates by thinking score]
Loading

interviewsignal installs as a skill into your AI coding assistant. It captures the full conversation — prompts, reasoning, every tool call — and builds an append-only, hash-chained session log. After each turn, it silently commits changed files to the local repo. On /submit, the log is sealed and pushed to the relay.

HM creates interview

interview dashboard
  → setup wizard (first run)
  → problem + rubric + time limit
  → code INT-4829-XK created
  → package pushed to relay

HM reviews

interview dashboard
  → submissions arrive, auto-graded
  → flags highlight anomalies
  → batch advance / reject

Candidate works

/interview INT-4829-XK
  → fetches problem from relay
  → GitHub OAuth (1 account = 1 submission)
  → interview-{code} repo created
  → session recording starts
      → hooks capture every tool call
      → append-only events.jsonl
      → SHA-256 hash chain
      → silent commit after each turn

Candidate submits

/submit
  → session sealed
  → git push → GitHub
  → pushed to relay
  → score + summary shown

Tamper-Evident Architecture

Candidates control their own machine. Security is detection, not prevention. A sparse or gapped session is its own red flag.

Hash chain architecture — Prompt → AI Tool Call → Git Commit, linked by SHA-256

Quality Flags catch sessions completed in under 10 minutes, fewer than 3 tool calls, no iteration pattern, statistically uniform timing, and zero prompts.

Tamper Flags catch large gaps in the event stream (hooks disabled), code changes that don't match Write/Edit tool calls (work outside AI), tool calls with no corresponding prompts (selective suppression), and commits with no matching events (cross-verification).


Overtime Scoring

Submissions after the time limit are accepted — but automatically penalized. The deduction is applied to the AI-graded score post-grading, not injected into the grading prompt, so it can't be argued away.

The math

Overtime is divided into bands: 0–10 min, 10–20 min, 20–30 min, 30–60 min, and 60+ min (capped). Within each band the penalty grows as a quadratic curve — not a flat step — so a candidate barely over the boundary loses almost nothing while one deep in the band feels it accelerate:

position = (overtime - band_start) / (band_end - band_start)   ← 0.0 to 1.0
penalty  = prev_band_max + (this_band_max - prev_band_max) × position²

Band maxima on the 0–10 score scale: −0.5 at 10 min, −1.0 at 20 min, −1.5 at 30 min, −2.5 at 60 min, −4.0 cap beyond that.

Example — 7 minutes over a 60-minute interview, raw AI score 7.5

overtime  = 7 min  →  falls in the 0–10 min band
position  = 7 / 10 = 0.70
penalty   = 0 + (0.5 − 0) × 0.70² = 0.5 × 0.49 = −0.245
final score = 7.5 − 0.245 = 7.26

Compare: 1 min over costs only −0.005; 10 min over costs the full −0.5. The curve means being slightly late is forgiving, but lingering well past the limit compounds quickly.

The dashboard shows the raw AI score, overtime deduction, and adjusted final score separately. A flag is raised alongside — yellow for ≤20 min over, red beyond.


What gets captured

💬 Conversation

Candidate prompts — exact message to the AI
AI reasoning — plan before each action
Timestamps — millisecond precision on every event

🛠️ Tool Calls

File reads — path
File writes — path + content hash
File edits — path + change summary
Bash commands — command + exit code

📂 Git State

Per-prompt commits — timestamp + prompt snippet
Full commit log — hash, message, files changed
GitHub repo — auto-created interview-{code}, pushed on submit

🚩 Session Flags

Quality — too fast, few interactions, no iteration, uniform timing, no prompts
Tamper — hooks gap, diff mismatch, commit mismatch, prompt ratio

The session log is append-only and hash-chained. Any tampering breaks the chain. Raw file contents are never stored — only paths, hashes, and summaries.


Platform support

Platform Install Activity capture
Claude Code interview install ✅ Full — prompts, tool calls, reasoning
Codex interview install --platform codex ✅ Full
Gemini CLI interview install --platform gemini ✅ Full
Cursor interview install --platform cursor ⚠️ Limited — skill instructions only
Aider interview install --platform aider ⚠️ Limited — skill instructions only

Relay setup

The relay stores interview packages and candidate sessions so everyone only needs to share a short code.

Option 1 — Self-hosted (~$5/mo, fully private) ← recommended

Deploy on Railway

# After deploying:
# 1. Set RELAY_API_KEY (any random string) in Railway → Variables
# 2. Add a /data volume
# 3. Copy your Railway URL → paste into dashboard setup wizard

# Optional — auto-grading on submission:
GRADING_API_KEY=<anthropic-key>
GRADING_MODEL=claude-haiku-4-5-20251001

Or Docker:

docker build -t interviewsignal-relay .
docker run -e RELAY_API_KEY=secret -v /data:/data -p 8080:8080 interviewsignal-relay
GitHub OAuth (one account = one submission)

Relay operator step — done once at deploy time.

GITHUB_CLIENT_ID=<your_client_id>
GITHUB_CLIENT_SECRET=<your_client_secret>
RELAY_BASE_URL=https://myrelay.up.railway.app

Create the OAuth App at github.com/settings/developers with callback URL: https://myrelay.up.railway.app/auth/github/callback

Option 2 — Email only (free, no server)

interview configure-relay   # choose 2
interview configure-email   # set up SMTP

Reports emailed directly to HM on /submit.


Enterprise configuration
Pattern What to set
Anthropic direct API key only (default)
Internal proxy (Floodgate, corporate gateway) Base URL + optional key
OpenAI-compatible endpoint Base URL + key + format=openai

Environment variable overrides: ANTHROPIC_API_KEY, ANTHROPIC_BASE_URL, INTERVIEW_GRADING_MODEL

Privacy
  • Sessions stored on relay: events.jsonl, manifest.json, flags.json — raw file contents never stored
  • Grading uses your own API key — interviewsignal never sees it
  • Self-hosted relay: nothing leaves your network
  • No telemetry. No analytics. No tracking.

FAQ

How do you prevent candidates from using a second screen to get answers?

Security is detection, not prevention. When someone pastes pre-written code from another screen, they produce large blocks of finished code with no corresponding prompts, no trial-and-error, no iteration. This triggers Ghost Edits and Zero Prompts flags automatically. The absence of signal is itself signal — a sparse session ranks itself at the bottom.

Can we run this completely offline or in a private network?

Yes. The relay server runs inside your own infrastructure — VPC, air-gapped network, whatever you need. Configure your internal LLM proxy for grading. Zero telemetry, zero trackers, zero external dependencies. Python stdlib only.

What coding platforms are supported?

Full hook support (prompts, tool calls, reasoning): Claude Code, Codex, Gemini CLI. Skill instruction support (limited capture): Cursor, Aider. Each new platform adapter is ~30 lines.


Built with

Python stdlib only — zero external dependencies for core and relay. Grading via Anthropic Messages API or any compatible endpoint. Dashboard is a self-contained local HTTP server. Relay is a single-process stdlib server backed by flat files.


Contributing

Prompts — grading instructions are open and community-editable: interview/skills/interview/SKILL.md

Worked examples — run a session, save to worked/{slug}/, write a review.md, open a PR.

Platform adapters — each new platform is ~30 lines in cli.py.

See ARCHITECTURE.md for module map · docs/relay-api.md for the relay API.


Broad-interview, not broadcast-reject. Pure signal.

No contrived puzzles. No whiteboard anxiety. No ghosting. Just signal.