Concise Cyber

Subscribe below for free to get these delivered straight to your inbox

Advertisements
Plain.so Showcases AI-Generated Tools with Built-In Security on Hacker News
Advertisements

Developer Abhinav, founder of Plain, presented a collection of internal tools built by an AI agent in a Hacker News “Show HN” post. The project, available at plain.so, emphasizes “security by default” in its AI-driven development process. The stated goal is to enable users to easily build secure internal tools based on their database schemas.

The showcased tools on the Plain.so website include a “Customer 360” dashboard, a “Team Directory”, a “Sales Dashboard”, and managers for inventory, bugs, and projects. The AI agent reportedly builds these applications based on a user-provided database schema and a prompt describing the desired tool. Abhinav announced that a waitlist is available for those interested in using the AI agent directly.

How the AI Agent Implements Security

The core security claim centers on the AI agent’s process for generating code. According to the author, the agent is designed to prevent common vulnerabilities such as SQL injection, Cross-Site Scripting (XSS), and command injection. This is achieved by generating code that uses parameterized queries and context-aware escaping. The author specified that the agent utilizes a query builder, like Drizzle ORM, to ensure database queries are handled securely.

The generated code is TypeScript intended to be run on the Deno Deploy platform. The development process requires the user to provide the database schema, but the AI agent itself does not receive direct access to the user’s database. The security measures are integrated into the agent’s code generation logic, rather than relying on a human developer to implement them manually.

Project Status and Development Details

In the Hacker News discussion, Abhinav confirmed the project is being built in public and that he is actively seeking user feedback. He clarified that the AI model used is a fine-tuned open-source model, not GPT. The generated code is not open source at this time. When asked about the business model, the founder stated it is a “work in progress” as the immediate focus is on building a useful product.

All articles are written here with the help of AI on the basis of openly available information which cannot be independently verified. We do strive to quote the relevant sources.The intent is only to summarise what is already reported in public forum in our own wordswith no intention to plagarise or copy other person’s work.The publisher has no intent to defame or cause offence to anyone, any person or any organisation at any moment.The publisher assumes no responsibility for any damage or loss caused by making decisions on the basis of whatever is published on cyberconcise.com.You’re advised to do your own checks and balances before making any decision, and owners and publishers at cyberconcise.com cannot be held accountable for its resulting ramifications.If you have any objections, concerns or point out anything factually incorrect, please reach out using the form on https://concisecyber.com/about/

Discover more from Concise Cyber

Subscribe now to keep reading and get access to the full archive.

Continue reading