alt Hacker NewsI'd add that for an ambitious financial tool (like yours), a VM might not be enough. Ideally, agents should run in ephemeral environments (firecracker microVMs) that are destroyed after each task. This solves both security and environment drift issues
Ah, let me clarify: I'm only using this to help me code faster. There are zero agents in the runtime for the financial tool.
As a matter of fact, the tool is zero-knowledge by design: state is decrypted in your browser and encrypted again before it leaves. There are no account integrations. The persistence layer sees noise. There are a couple of stateless backend tools that transiently see anonymous data to perform numerical optimizations.
But that's a story for another Show HN...