Y
Hacker News
new
|
ask
|
show
|
jobs
by
ffemac
10 days ago
Exactly, popular AI coding harness (OpenCode/KiloCode) downloads random npm packages in the background without you knowing. What's worse is the devs don't care.