HN Reader

Show HN: I wrote a "web OS" based on the Apple Lisa's UI, with 1-bit graphics (alpha.lisagui.com)

196 points by ayaros 3h ago 56 comments

Show HN: Simple wrapper for Chrome's built-in local LLM (Gemini Nano) (github.com)

15 points by kstonekuan 4h ago 1 comments

Show HN: AI-Powered SLA Breach Predictor for Jira (Open Source, Python) (github.com)

2 points by aroojjaved 2h ago 0 comments

Show HN: Pixel Art Generator Using Genetic Algorithm (github.com)

12 points by ponta17 7h ago 7 comments

Show HN: I made a crowd counting game (crowdle.xyz)

3 points by 3yanlis1bos 2h ago 2 comments

Show HN: Pelyos – A calm, minimal task manager for clarity and focus (pelyos.app)

2 points by pavelparma 2h ago 0 comments

Show HN: I made Logic gates using CSS if() function (yongsk0066.github.io)

71 points by yongsk0066 4d ago 18 comments

Show HN: a community for collaborating on sideprojects (relentlessly.no)

33 points by 0dKD 4d ago 21 comments

Show HN: Kuqu: SQL for Kubernetes Resources (github.com)

2 points by aqny 6h ago 0 comments

Show HN: Guess the Sharpe (guessthesharpe.in)

3 points by sankethchebbi 7h ago 0 comments

Show HN: Comically – TUI manga and comic optimizer for e-readers (github.com)

3 points by nicoburniske 7h ago 3 comments

Show HN: GraphFlow – A lightweight Rust framework for multi-agent orchestration (github.com)

2 points by alonagmon 7h ago 0 comments

Show HN: ParsePoint – AI OCR that pipes any invoice straight into Excel (parsepoint.app)

2 points by marcinczubala 8h ago 1 comments

Show HN: Chat Capsule – Convert ChatGPT Chats to Markdown (For Notion, etc.) (chat-capsule.com)

3 points by bekoeppel 8h ago 0 comments

Show HN: AirBending – Hand gesture based macOS app MIDI controller (nanassound.com)

88 points by bepitulaz 2d ago 22 comments

Show HN: Virby, a vfkit-based Linux builder for Nix-Darwin (github.com)

3 points by qeden 10h ago 0 comments

Show HN: BunkerWeb – the open-source and cloud-native WAF (docs.bunkerweb.io)

100 points by bnkty 2d ago 30 comments

Show HN: I AI-coded a tower defense game and documented the whole process (github.com)

302 points by M4v3R 2d ago 150 comments

Show HN: From Photos to Positions: Prototyping VLM-Based Indoor Maps (arjo129.github.io)

4 points by accurrent 23h ago 0 comments

Show HN: Fast Thermodynamic Calculations in Python (dlr-institute-of-future-fuels.github.io)

58 points by Saloc 2d ago 11 comments

Show HN: A cross-platform terminal emulator written in Java (github.com)

63 points by sebkur 5d ago 20 comments

Show HN: Lush extends Lua with string interpolation and other useful features (crates.io)

2 points by thiagomg 15h ago 2 comments

Show HN: HomeBrew HN – Generate personal context for content ranking (hackernews.coffee)

123 points by azath92 3d ago 48 comments

Show HN: MCP-123, a 2-line MCP server/client (Windows-friendly) (github.com)

14 points by tylersuard 1d ago 1 comments

Show HN: YouTube Shorts Blocker Chrome Extension (chromewebstore.google.com)

3 points by krispycreame 6h ago 1 comments

Show HN: Spots – Map of good places to work remotely for the day (spots-9a3a718d1c74.herokuapp.com)

7 points by bcbernstein 17h ago 5 comments

Show HN: ASCII Fireworks (asciifireworks.com)

17 points by theli0nheart 1d ago 0 comments

Show HN: Tinykv – Minimal file-backed key-value store for Rust (crates.io)

24 points by hasanyildiz 2d ago 5 comments

Show HN: A continuation of IRS Direct File that can be self-hosted (github.com)

244 points by elijahwright_ 6d ago 33 comments

Show HN: Jobs by Referral: Find jobs in your LinkedIn network (jobsbyreferral.com)

174 points by nicksergeant 5d ago 64 comments

Show HN: I Built a Minimal AI Chat app with Local Storage and Advanced Research (vtchat.io.vn)

3 points by vinhnx 20h ago 3 comments

Show HN: CSS generator for a high-def glass effect (glass3d.dev)

417 points by kris-kay 4d ago 117 comments

Show HN: Kuvasz – an open-source uptime and SSL monitoring service (kuvasz-uptime.dev)

26 points by csirkezuza 2d ago 0 comments

Show HN: I built sinkedin – a LinkedIn but for flauting failures and screwups (sinkedin.app)

31 points by preetsojitra 2d ago 11 comments

Show HN: I Asked ChatGPT to Rebuild My Canvas Radial Menu in SVG (github.com)

3 points by atum47 22h ago 0 comments

Show HN: Quotatious – A Wordle and hangman inspired game (quotatious.com)

7 points by jcusch 22h ago 5 comments

Show HN: I built the tool I wished existed for moving Stripe between countries (stripemove.com)

108 points by felphos 5d ago 53 comments

Show HN: Certimon – Free Telegram bot to monitor SSL certificate expiry (certimon.com)

3 points by boros2me 1d ago 0 comments

Show HN: Spegel, a Terminal Browser That Uses LLMs to Rewrite Webpages (simedw.com)

423 points by simedw 5d ago 180 comments

Show HN: I rewrote my notepad calculator as a local-first app with CRDT syncing (numpad.io)

44 points by tonyonodi 6d ago 19 comments

Show HN: Core – open source memory graph for LLMs – shareable, user owned (github.com)

111 points by Manik_agg 5d ago 42 comments

Show HN: An AI tool that lets you interact with your terminal in plain English (github.com)

3 points by kalishayish 1d ago 0 comments

Show HN: Distapp. Manage and distribute Android, iOS and Desktop app (distapp.lhf.my.id)

2 points by yunusefendi52 1d ago 2 comments

Show HN: Mochia, a virtual pet browser game, built with Rust, SolidJS, Postgres (mochia.net)

23 points by lemphi 3d ago 9 comments

Show HN: Piano Trainer – Learn piano scales, chords and more using MIDI (github.com)

6 points by FinalDestiny 2d ago 0 comments

Show HN: Recivo – Receive Emails Programmatically (recivo.email)

29 points by WilcoKruijer 3d ago 1 comments

Show HN: HackerNewt – Breadth-first exploring HN client for iOS (apps.apple.com)

67 points by hnand 5d ago 30 comments

Show HN: Opasm, an Assembly REPL (github.com)

26 points by aedrax 4d ago 0 comments

Show HN: I Built a Local-First AI Chat App with Advanced RAG

5 points by vinhnx 1d ago 4 comments

Show HN: TokenDagger – A tokenizer faster than OpenAI's Tiktoken (github.com)

280 points by matthewolfe 6d ago 72 comments

Supabase MCP can leak your entire SQL database

3 doppp 1 7/6/2025, 8:44:40 AM simonwillison.net ↗

Comments (1)

rvz · 12h ago
> Given the enormous risk involved even with a read-only MCP against your database, I would encourage Supabase to be much more explicit in their documentation about the prompt injection / lethal trifecta attacks that could be enabled via their MCP!

What if MCP itself is a completely flawed standard? You can easily manipulate the agent to leak sensitive data with really basic prompt injection attacks.

We already have seen many flaws and attacks on other MCP servers such as one from Heroku's MCP server [0] and one from Anthropic's MCP inspector [1]. This issue from Supabase for poor documentation is no different.

This protocol is quickly becoming one of the most insecure standards I have seen and once again, nobody cares.

(Until we get a totally avoidable data breach via a MCP server left wide open somewhere).

[0] https://news.ycombinator.com/item?id=44434776

[1] https://nvd.nist.gov/vuln/detail/CVE-2025-49596