> Agents propose and publish capabilities to a shared contribution site, letting others discover, adopt, and evolve them further. A collaborative, living ecosystem of personal AIs.

While I like this idea in terms of crowd-sourced intelligence, how do you prevent this being abused as an attack vector for prompt injection?

Does this do anything to resist prompt injection? It seems to me that structured exchange between an orchestrator and its single-tool-using agents would go a long way. And at the very least introduces a clear point to interrogate the payload.

But I could be wrong. Maybe someone reading knows more about this subject?

I will not download or use something which constantly reminds me of this weird dude suckerberg who did a lot of damage to society with facebook

DIY agent harnesses are the new "note taking"/"knowledge management"/"productivity tool"

I started working on something similar but for family stuff. I stopped before hitting self editing because, well I was a little bit afraid of becoming over reliant on a tool like this or becoming more obsessed with building it than actually solving a real problem in my life. AI is tricky. Sometimes we think we need something when in fact life might be better off simpler.

The code for anyone interested. Wrote it with exe.dev's coding agent which is a wrapper on Claude Opus 4.5

https://github.com/asim/aslam

Hi HN,

I'm building Zuckerman: a personal AI agent that starts ultra-minimal and can improve itself in real time by editing its own files (code + configuration). Agents can also share useful discoveries and improvements with each other.

Repo: https://github.com/zuckermanai/zuckerman

The motivation is to build something dead-simple and approachable, in contrast to projects like OpenClaw, which is extremely powerful but has grown complex: heavier setup, a large codebase, skill ecosystems, and ongoing security discussions.

Zuckerman flips that:

1. Starts with almost nothing (core essentials only).

2. Behavior/tools/prompts live in plain text files.

3. The agent can rewrite its own configuration and code.

4. Changes hot-reload instantly (save -> reload).

5. Agents can share improvements with others.

6. Multi-channel support (Discord/Slack/Telegram/web/voice, etc).

Security note: self-edit access is obviously high-risk by design, but basic controls are built in (policy sandboxing, auth, secret management).

Tech stack: TypeScript, Electron desktop app + WebSocket gateway, pnpm + Vite/Turbo.

Quickstart is literally:

  pnpm install && pnpm run dev

It's very early/WIP, but the self-editing loop already works in basic scenarios and is surprisingly addictive to play with.

Would love feedback from folks who have built agent systems or thought about safe self-modification.

I would change the name of the project. Why would I want to run something that keeps remind me of that guy

|The agent can rewrite its own configuration and code.

I am very illiterate when it comes to Llms/AI but Why does nobody write this in Lisp???

Isn't it supposed to be the language primarily created for AI???

I am surprised that no one did this in a LISP yet.

Terrible name, kind of a mid idea when you think about it (Self improving AI is literally what everyone's first thought is when building an AI), but still I like it.

Sounds cool, but it also sounds like you need to spend big $$ on API calls to make this work.

Someone needs to send this to Spike Feresten.