SShortSingh.
TopTechnologyAI & MLStartupsProgrammingScienceBusinessFinanceCrypto & Web3World
Back to feed
Programming

Cronjob Bug Prompts Developer to Rebuild AI Agent Governance Around LLM Proxy

0
·1 views

Developer Hytham H published a post on June 29, 2026, describing how a cronjob failure in his project Phinq exposed a fundamental flaw in his AI agent governance design. An agent named Hermes overwrote a file undetected because the relevant skill was not loaded in that session and the cronjob mutated state via an API call invisible to the existing file-operation hook. Hytham concluded that advisory, easily-ignored governance rules are not true governance, and that adding per-tool hooks is an unscalable approach. His solution was to intercept all agent actions at a single chokepoint — the LLM API call itself — using a Fastify/TypeScript proxy server that classifies every tool call against a deterministic five-level risk framework. Actions deemed low-risk pass through instantly, while higher-risk operations are held for human approval or escalated, with no changes required to the agent's underlying code.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

How Startups Should Build AI-First MVPs in 2026, According to Dev Community

A guide published on DEV Community argues that the next generation of startup MVPs should embed AI into the core product workflow from day one, rather than treating it as an add-on feature. Unlike traditional MVPs focused on minimal functionality, an AI-first MVP is designed to help users complete real tasks faster or with less manual effort — for example, not just displaying sales data but explaining what it means and recommending actions. The article cautions that AI tools now let founders build the wrong product faster than ever, making problem validation more critical. It recommends keeping humans in the loop early on, where AI suggests and humans review, to make products safer and easier to refine. The guide also stresses focusing on a single, painful workflow for one specific user type rather than building a broad AI assistant, as specificity makes it far easier to validate whether users genuinely need the product.

0 comments Read more at DEV Community
0
ProgrammingDEV Community ·

How Halkyone Clinical OS Uses SignalR for Secure Real-Time Patient Telemetry

A technical deep dive published on DEV Community details the architecture behind Halkyone Clinical OS, a healthcare platform that uses Microsoft's SignalR to enable real-time communication between .NET backends and React frontends. The system employs three specialized hubs — ChatHub, TelemetryHub, and NotificationHub — to handle distinct data streams including live cardiac vitals such as heart rate and SpO2 at sub-second intervals. A privacy safeguard using the Haversine Formula automatically obfuscates clinician location coordinates to (0,0) when they come within 500 metres of a patient's home address. The platform also implements optimistic UI patterns in Next.js, assigning temporary UUIDs before permanent database IDs are confirmed following a successful WebSocket broadcast. Additional engineering challenges addressed include multi-device read-state synchronization, database-to-WebSocket consistency, and fault-tolerant persistent connections.

0 comments Read more at DEV Community
0
ProgrammingDEV Community ·

Intern Deploys Spring Petclinic Microservices Locally Using Docker Compose

A DevOps Micro Internship (DMI) participant successfully deployed the Spring Petclinic Microservices application on a local environment using Docker Compose. The project involved running multiple independent microservices, including a Config Server, Discovery Server (Eureka), and API Gateway, all orchestrated with a single Docker Compose command. A key learning was the critical startup sequence, where the Config Server and Eureka must initialize before other services can register and communicate. The deployment also incorporated an observability stack comprising Prometheus for metrics collection, Grafana for visual dashboards, and Zipkin for distributed tracing. The hands-on project offered practical exposure to containerization, service discovery, centralized configuration, and monitoring practices used in production-grade cloud-native systems.

0 comments Read more at DEV Community
0
ProgrammingDEV Community ·

ContextOS tool claims 97% token reduction by sending only relevant files to AI models

A developer has released ContextOS, an open-source command-line tool designed to reduce the number of tokens sent to AI models like Claude and ChatGPT. Instead of pasting entire codebases, ContextOS scans a repository, ranks files by relevance to a specific task, and exports a trimmed context pack. When tested on the FastAPI repository containing 2,811 files, the tool reduced token usage from roughly 284,000 to about 8,000 for a single task. It uses keyword matching, import graph analysis, AST symbol extraction, and Git churn scoring to determine which files matter most. The tool runs fully locally with no cloud dependency, automatically redacts secrets, and can also function as an MCP server for direct integration with Claude Desktop.

0 comments Read more at DEV Community