Fair question. Yes, you can absolutely generate a basic proxy with an LLM, the gap is in the stuff that's hard to get right and boring to maintain. Policy hot-reload without dropping in-flight requests (ArcSwap, not "restart the process"). Tamper-evident audit with blake3 hash chains, not just append-only logs. Credential injection where the agent process literally never sees the secret, not env vars. Content inspection that runs bidirectionally without buffering entire responses into memory. Correct TLS MITM for the HTTP proxy mode with dynamic per-host certs. An LLM will generate something that works for a demo. We created 409 tests including property-based testing with proptest, because the failure modes in a security proxy are subtle, off-by-one in glob matching, race conditions in policy reload, Content-Length mismatches after redaction. Same reason, for example, you use nginx instead of asking your AI to write an HTTP server. The first 80% is easy. The last 20% is where credentials leak.
not sure why you say this, if you don’t like it don’t use it, if you can create your own, do it, or just check the repo and try it, you might find it useful
You asked a question, I gave you an answer. You can actually install it and run it with claude and the github MCP. You can also easily integrate it to OpenClaw.
Yes! You are right about the three primitives and that's basically Bulwark's core loop.
On idempotency: right now Bulwark observes but doesn't enforce dedupe. Every request gets a unique event ID in the audit log, and you can see retries in the session timeline, but there's no automatic "this looks like the same create_issue call from 2 seconds ago, block it."
It's on the roadmap and I think it needs to be two things: (1) a configurable dedupe window per tool pattern (you want it for create_charge but not for list_issues), and (2) content-aware hashing so it's not just "same tool + same action" but "same tool + same action + same arguments within N seconds."
The tricky part is that some tools are intentionally non-idempotent, posting the same Slack message twice might be deliberate. So it probably needs to be opt-in per rule rather than global. Would love to hear what patterns you've seen cause the worst double-fires.
Some of your point are consequences not causes. For example: the reason Venezuela is using the US imports as dilutants for its heavy oil is because bad management of the industry, it wasn't always like that, you can say the same about the debt, Venezuela is not screwed because of the debt, it has debt because it's screwed.
Venezuela doesn't have a 2nd amendment, but the lack of guns is certainly not the reason, if anything is the excess of guns in the street, what people in America don't understand is that the government will always be better armed than the population, Syria is a good example.
What keeps totalitarian governments is will to power, how much os the government willing to risk against the population. Owning a gun is not the same as being willing to die.
First step is to reduce public spending and fight corruption, just very basic steps will bring significant improvement.
Then, welcome foreign and local investment: privatize most of the industries that were nationalized and are now idle, and fix labor laws a little, this also include liberalization of currency, enforce property laws so private companies feel safe investing in the long term.
When can this happen? As of today no sooner than 2019 when the next presidential elections will take place. Unless a coup is on the table but I don't see that happening.
Maduro has painted himself into a corner. He has very nakedly announced that he will do everything in his power to remain in power, even if it means crapping all over the constitution, and stripping the legislative branch of all its power.
He'll figure something out in 2019. He has all the guns, and he know that if he falls out of power, he'll be strung up on the nearest lamppost like Mussolini. He's doubling down because he really has nowhere else to go. Once you realize that, that he has to do everything he's doing to cement the military to his side, it all makes perfect sense.
I found the reason, I found the article on LinkedIn, if you compare both links you'll see that mine is different because linkedIn added some stuff at the end of the url.
Of course, but that doesn't make checking before submitting difficult at all: bottom search box, enter a relevant keyword (e.g. "ignorance"), then sort by date. You'd see that it was posted twice before with the first getting 104 comments.
linkedIn added some stuff at the end of the url
Yes, many sites (e.g. medium, signalvnoise) add phony fragment identifiers to URLs now; I can't think of a reason to do so other than to evade dupe detection.
Yes. I used the GDELT data set in a Geo-intelligence hackathon and it's very powerful, just have in mind that if you use Google BigQuery (actually the easiest way to use the data set) it will cost you money.
