New AI Tools
GitHub ·
deptrust
Wortins’ read
Coding agents are notoriously trigger happy about running npm install or pip install on whatever a hallucinated tutorial suggests, and deptrust is a quiet seatbelt for that habit. It cross references a dozen package registries against OSV and GitHub Advisory data entirely on your machine, then hands back a blunt block, review, or allow verdict instead of a wall of CVE text. The MCP hook is the real pitch here, it lets your agent check its own homework before a supply chain mistake ships.
Source: GitHub
Related stories
- Thinking Machines Lab ·
Bridgewater's fine-tuned model beats frontier LLMs on financial judgment tasks
- Every ·
Vibe Check: Sonnet 5, A Model Pitched for Everyone Impresses No One
- Cursor ·
Build from anywhere with Cursor for iOS
- Phys.org ·
How generative AI and physics can help design new antibiotics
- Product Hunt ·
Backgrind: Run your AI agents over any app, even games
- Show HN ·
opbox