Author here. Short version: if your agent needs secrets, the common routes are (1) dump them in its env, (2) materialize a .env file, or (3) give it a shell and let it run bws itself. All three have the same problem: the blast radius is everything the token can touch, and prompt injection turns them into full RCE and sadness.
This wraps the bws CLI as an MCP server with explicit CRUD tools for projects and secrets, plus a bws_run that takes an argv array instead of a shell string. First draft of bws_run accepted "sh -c ..."; that's the eval surface I wanted to remove. Shipped version forces explicit program invocation, and if you genuinely want a shell pipeline you have to put sh as argv[0], which is both visible in audit logs and trivially noticed.
A few things I thought worth calling out:
- Destructive tools (*_delete, bws_run) require confirm: true. Not a safety net (the model will set it); a hook point for your approval tooling so you don't have to pattern-match argument shapes.
- Wraps the CLI, not the Rust SDK. Subprocess + JSON parse is 350 lines. SDK path would have been weeks.
- No mocks in the test suite. Three of four integration tests failed against the real bws binary on first run. Caught a bws secret delete returns-plain-text bug that the JSON-stub protocol tests missed.
Code: https://github.com/kvncrw/bws-mcp-server (GPL-3.0). Issues and PRs welcome, especially from anyone running Vaultwarden with Secrets Manager — I don't have one to test against.
I can relate. Sincerely debating whether I quit my well-paying and comfortable corporate job and just go full-time entrepreneur before the opportunities disappear.
I've tried to incorporate the notion that it's none of my business what other people think of me. I don't always get it right, but having that attitude has helped tremendously on reducing my cortisol levels.
This is a huge relief, but it does come at a cost. What other people think of you is one of the largest inputs to access to jobs, sexual partners, and likelihood you'll be referred or witnessed against for prosecution for some inane zoning/HOA ordinance or petty crime (whether you did it or not) because you're not on someone's good side, etc etc. So the high cortisol levels may be warranted from the Darwinist perspective.
Having a good thing happen or preventing bad things from happening sadly show up as high stakes butterfly effects of the perverted social ranking and opinion games.
Caring about what other people think of you doesn’t actually result in other people thinking more highly of you.
I have fallen into this trap (and still do from time to time) of trying to control the way other people perceive me. The thing is, it only works like half the time and often actually backfires.
There are two reasons this doesn’t work: 1) you’re spending energy trying to control others’ perception of you and 2) you don’t actually know what’s going on in someone else’s head, so a lot of the time that energy isn’t well spent
If you look at this from the perspective of the judicial system, a huge part of the judicial process exists to compel you to be physically present and in-person at a court room.
On the other hand, social media is really the pinnacle of "the court of public opinion"; people feel more comfortable seeing what photos and social groups you appear in as evidence of "who you are". He/she appears in <insert well established group here> and therefore must be <well-established person>.
> ... This search would have revealed optical laser light from the directions of Alpha Cen B if the laser had a power of at least 1.4–5.4 MW (depending on wavelength) and was positioned within the 1 arcsec field of view (projecting to 1.3 au), for a benchmark 10-m laser launcher
For comparison, with our measly human technology...
> The Vulcan 20-20 laser is so named because it will generate a main laser beam with an energy output of 20 Petawatts (PW) alongside eight high energy beams with an output of up to 20 Kilojoules (KJ). This is a 20-fold increase in power which is expected to make it the most powerful laser in the world.
> The entire message consisted of 1,679 binary digits, approximately 210 bytes, transmitted at a frequency of 2,380 MHz and modulated by shifting the frequency by 10 Hz, with a power of 450 kW.
> The broadcast was particularly powerful because it used Arecibo's megawatt transmitter attached to its 305 meter antenna. The latter concentrates the transmitter energy by beaming it into a very small patch of sky. The emission was equivalent to a 20 trillion watt omnidirectional broadcast, and would be detectable by a SETI experiment just about anywhere in the galaxy, assuming a receiving antenna similar in size to Arecibo's.
A perfectly parallel source wouldn't fall off with inverse square, but all real sources are not — and cannot be — perfectly parallel.
What you get from lasers is very high gain in the direction it is pointed in, but it's still subject to the inverse square law.
It's capable of being enough gain to be interesting, to be seen from a great distance.
If you engineer it so the gain is enough to outshine the rest of the parent galaxy in the direction it is pointed, then that's effectively good enough because the galaxy is also following inverse-square and you'll continue to outshine the parent galaxy even as you and it both get weaker, but it's still falling off inverse-square.
The energy density drops off as inverse square law, but the photons go forever. Radio is just photons (light) so it goes forever until it interacts with something it hits. The expanding universe will stretch it's wavelength slightly however.
Sure, but the amount of photons as a percentage of the background radiation drops as a function of the distance. It's not all that far away in cosmic distances when any signal from Earth is millions of times less powerful than the noise level.
A single photon is not a viable communication signal, certainly not at interstellar distances. In practice you need to send out some sort of modulated beam. Even very narrow beams have nonzero dispersion, so the further you get the lower the signal energy will be at an antenna of a given size. So to get more energy you'd need a bigger antenna, but that in turn means receiving more of the background noise as well. In practice there is a minimal signal strength level at which it is still practical to receive the signal.
Long story short: A photon will go on forever (unless it hits something), but a radio signal rapidly spreads out so much that no realistic receiver will be able to recover it from out of the cosmic background noise.
I didn't say sending single photons at a time is a viable communications mechanism. I said a photon will travel indefinitely, without losing any energy, until it interacts with something.
Interestingly, if you send out a single photon from a radio antenna not even the universe itself will have 'determined' which direction it even went until it DOES interact, because there would be a Quantum Mechanical superposition/indeterminacy similar to the famous slit-experiment, if you were dealing with one photon at a time.
So even the thought experiment itself is complex due to wave/particle duality.
Regular EM Radio waves are not photons. Photons have special configuration which prevents leaks into surrounding space, while regular radio waves are just waves.
The experiment (one of them, that I'm aware of) that cements wave-particle duality is that you can dial the energy of an emitter down until it's emitting one photon at a time and still detect interference in a double-slit experiment. This is impossible if the photons and waves are distinguishable phenomena.
Radio waves are photons; photons are quantum entities that have particle- and wavelike behavior simultaneously.
Maybe check Wikipedia? Because it refutes you in the first sentence on the articles for "radio", "photon", and "light". You're just being pedantic about word definitions to play games with people.
You laugh, but that's apparently what I did a decade and a half ago.
I recently mounted a HDD that was at my parents' house. Most files are from 2009-2012ish. I was there one summer between undergrad and grad school and used it for a couple months.
I found an Opera password list that I'd exported, presumably to copy over to my new laptop. It was fun last night skimming the list, seeing which websites I'd completely forgotten about that I used to have accounts for. Almost none of them even exist anymore besides the big players (Slashdot, Apple, etc.), but the point is *almost all of them had the same password*. o.O
US military spends $20 billion a year on air conditioning. Just because we outspend everyone and have for decades doesn't mean we're the best, it just means we're the rich kids who can fail upwards in life
> USPS is very good, better and cheaper than UPS or FedEx.
Indeed, it's a lesson on how all universal services should be managed by democratically elected governments according to clear charters that ensure universality and affordability.
> That is debatable. What was the last war it won?
Iraq in 2003. Trivially stomped what was left of the Iraqi military and Saddam's entire government. There's a difference between a war and attempted nation building. And worth noting that nation building Iraq has not failed as of yet 20 years later. Iraq's GDP per capita is higher than Vietnam, Indonesia, Jordan, Egypt, Philippines, India, etc - which isn't horrible given what they have been through.
What was the last war it lost? It didn't lose in Vietnam; it won every major engagement and along with South Vietnam held ~85% of territory when the US and South + North Vietnam signed a peace treaty and the US left. North Vietnam promptly ignored the treaty and resumed its conquest. Funny to pretend the US lost a war years after it left. It didn't lose in Afghanistan, the primary mission was to destroy bin Laden's Al Qaeda in Afghanistan (which was fully accomplished and bin Laden was killed). Nation building failed in Afghanistan, although the US was able to easily hold the core of the country with sub 30,000 soldiers and could have technically stayed forever (but it was pointless).
Endlessly debatable what counts as a win, and over what timeframe.
Did the North win the Civil War? In 1865, that answer was fairly clear. In 2024, perhaps less so. I suspect 1870s Americans would be a little surprised that Confederate flags and monuments pop up all over in the 20th and 21st centuries.
May I remind you that an entire US Navy Carrier Strike Group can't handle[1][2][3][4] a bunch of deranged desert goat herders lobbing explosive tin cans at them and the shipping lane they're supposed to protect?
The US hasn't won a war ever since WW2, and our top-of-the-world military has always lost to guerillas armed with nothing more complicated than an AK-47 and a Toyota pickup. Our best jet fighter's sole kill is a fucking balloon.
No, the US's track record is French levels of trash and I fear more for ourselves than the enemy in an actual peer war where they will be armed with something better than AK-47s and balloons.
[2]: >“This is the most sustained combat that the U.S. Navy has seen since World War II — easily, no question,” said Bryan Clark, a former Navy submariner and a senior fellow at the Hudson Institute. “We’re sort of on the verge of the Houthis being able to mount the kinds of attacks that the U.S. can’t stop every time, and then we will start to see substantial damage.
[4]: >There isn’t a Prosperity Guardian ship within 500 miles. Back in May when the carrier USS Dwight D Eisenhower was present, the US had 12 warships on station providing a mix of missile picket and escorting duties. Now they have zero. ... There can only be one conclusion: that the US has given up on Operation Prosperity Guardian. It wasn’t deterring the Houthis and it wasn’t reassuring shipping so they might as well go and do something else.
The 1990-1991 Gulf War, and the US-backed campaign against the Soviets in Afghanistan were major armed conflicts that the US unequivocally won.
The conflict against ISIL ("AK-47s and Toyota pickups") was essentially won (the Daesh still exist, but the ISIL no longer exists as a territorial state). There've been several smaller lesser-known conflicts post-WW2 that Wikipedia considers to be US victories ("operational successes"), as well.
> our top-of-the-world military has always lost to guerillas
Maybe that's a good thing. Can you name any military that won a guerrilla war without resorting to concentration camps and total war against the entire populace?
I guess the point is to prevent a guerrilla war from starting without committing crimes against humanity. This implies other action complementing brute-force military incursions has been taken and that the people don't see you as an enemy.
Currently, the "we'll liberate you, you're welcome" approach is not working.
What good is a top-world military if we can't win wars without resorting to ancient barbarism?
I'm serious, our absolute best loses to some AK-47 manufactured over half a century ago that's seen shit and a beater Toyota pickup that's seen more sand than sense, operated by someone shouting something about chocolate bars. We have 11 nuclear aircraft carriers and we can't protect a single shipping lane.
>Maybe that's a good thing.
Be very careful what you wish for. When Pax Americana ends, whatever succeeds it won't be kind to us.
I meant that every military that has successfully defeated a guerrilla resistance has done so by resorting to cruelty and mass human rights violations. The US military's relative lack of success in these conflicts could mean they haven't done that. Pax Americana is great but so is good conduct in war.
> That is debatable. What was the last war it won?
Because war is the continuation of politics by other means, the objectives of a war, and thus the criteria by which we can determine if it was won, are set by politicians.
Unless your country's politicians are the military this means that your military has no way to win wars unless politicians have chosen winnable criteria.
Corporate - the British operation to take back the Falklands is an example of a clear political objective, set by a politician (Margaret Thatcher, the UK Prime Minister) and achievable by military force. If the British kill millions of Argentinians, but must fall back and cede the island, Corporate fails. If the Argentinians shit themselves and run off once the carrier fleet sets sail, Corporate has succeeded with little loss of life. As it happens the British invaded the Falklands on foot, at considerable cost in men, but they won the day, the Falklands remains very much British.
When American politicians set vague objectives, or none at all, it is not the fault of the military when the war does not succeed.
> The only thing it gets from the government is a monopoly on putting things in people's mailboxes.
In exchange for that they have to attain some service levels others would consider unprofitable. Remember they need to be absolutely universal, however inconvenient for them.
Interesting. It's clearly complicated. The tl;dr appears to be that Congress loves meddling in USPS affairs but requires it to pay its own way, and uses it as a political punching bag when it falls short. From the article you posted:
"While state government workers and teachers have their pension and retiree health funds invested in a mix of stocks, bonds, and other quality assets, USPS, by law, can invest only in government bonds. USPS had $298 billion in such assets at the end of fiscal year 2022. Its inspector general estimated it could have had up to $1.2 trillion if it had diversified its investments as states do for government workers."
So USPS is $900b short because of laws Congress passed, and now needs $100b in taxpayer assistance.
Except it isn't Bitcoin it's index funds. If you already have it out for the USPS and believe it's useless then you won't care. But any reasonable person can see it's a meaningful difference.
Ok, and if you had wanted to at the time, and Congress specifically prevented you from doing so, wouldn't you feel you deserve some compensation from Congress now?
When you're in the business of selling shovels it benefits you and your investors when you convince folks that there's a gold rush they're missing out on... and need your shovels to get in on it.
There are quite a few engineers who aren't convinced. They seem to recognize the benefits and the limits of the technology. And they can see how it's failing in practice due to the technical limitations: energy demand and supply, heating and cooling, economic limitations, etc.
What's interesting about these two CEOs is one is definitely interested in selling shovels, the other is interested in selling contracting services that must lease the shovels.
I think you're right though, Meta has real challenges ahead of them in terms of capacity and creating an actual product that can be monetized for the general public. It's worth mentioning that FB was doing AI long before the hype train started really rolling, and monetized it -- all behind the scenes.
This wraps the bws CLI as an MCP server with explicit CRUD tools for projects and secrets, plus a bws_run that takes an argv array instead of a shell string. First draft of bws_run accepted "sh -c ..."; that's the eval surface I wanted to remove. Shipped version forces explicit program invocation, and if you genuinely want a shell pipeline you have to put sh as argv[0], which is both visible in audit logs and trivially noticed.
A few things I thought worth calling out:
- Destructive tools (*_delete, bws_run) require confirm: true. Not a safety net (the model will set it); a hook point for your approval tooling so you don't have to pattern-match argument shapes.
- Wraps the CLI, not the Rust SDK. Subprocess + JSON parse is 350 lines. SDK path would have been weeks.
- No mocks in the test suite. Three of four integration tests failed against the real bws binary on first run. Caught a bws secret delete returns-plain-text bug that the JSON-stub protocol tests missed.
Code: https://github.com/kvncrw/bws-mcp-server (GPL-3.0). Issues and PRs welcome, especially from anyone running Vaultwarden with Secrets Manager — I don't have one to test against.