Agent-C: a 4kb AI Agent

Posted4 months agoActive4 months ago

liszper

108 points

85 comments

github.comTechstoryHigh profile

skepticalmixed

Debate

60/100

AIC ProgrammingCommand-Line Tools

Key topics

C Programming

Command-Line Tools

The post showcases a 4KB AI agent written in C that interacts with an LLM API, sparking discussion on its simplicity, security, and the role of APIs in AI development.

Snapshot generated from the HN discussion

Discussion Activity

Very active discussion

First comment

57m

Peak period

0-12h

Avg / period

Comment distribution85 data points

Loading chart...

Based on 85 loaded comments

Key moments

01Story posted
Aug 25, 2025 at 6:43 AM EDT
4 months ago
Step 01
02First comment
Aug 25, 2025 at 7:40 AM EDT
57m after posting
Step 02
03Peak activity
78 comments in 0-12h
Hottest window of the conversation
Step 03
04Latest activity
Aug 31, 2025 at 1:54 PM EDT
4 months ago
Step 04

Generating AI Summary...

Analyzing up to 500 comments to identify key contributors and discussion patterns

Discussion (85 comments)

Showing 85 comments

SequoiaHope

4 months ago

5 replies

> License: Copy me, no licence.

Probably BSD or Apache would be better, as they make it easier for certain organizations to use this. If you want to maximize copying, then a real permissive license is probably marginally better.

MrGilbert

4 months ago

3 replies

CC0 would be in the spirit of what OP envisioned.

https://creativecommons.org/public-domain/cc0/

liszperAuthor

4 months ago

1 reply

Updated to CC0!

SequoiaHope

4 months ago

That’s great! Really cool project too.

SequoiaHope

4 months ago

1 reply

Ah right good point, I forgot Creative Commons, which I don’t usually use for code.

deneas

4 months ago

1 reply

They do actually recommend against using Creative Commons for code and suggest using traditional code licenses instead [1].

[1] https://creativecommons.org/faq/#can-i-apply-a-creative-comm...

murderfs

4 months ago

They recommend against it for the traditional CC licenses (CC-BY-SA, etc.), but CC0 is perfectly fine for code, since it's basically a dedication to the public domain for jurisdictions that don't support that. The FAQ for CC0 says this explicitly: https://wiki.creativecommons.org/wiki/CC0_FAQ#May_I_apply_CC...

MadnessASAP

4 months ago

1 reply

I think the WTFPL is closer

https://www.wtfpl.net/txt/copying/

bobmcnamara

4 months ago

This wasn't in my employers list of acceptable licenses, so I got to go through the efforts of getting it vetted!

dheera

4 months ago

2 replies

> make it easier for certain organizations to use this

Maybe those organizations should just use this and not worry about it. If their lawyers are getting in the way of engineers using this, they will fall behind as an organization and that's OK with me, it paves the way for new startups that have less baggage.

SequoiaHope

4 months ago

The benefit of not having lawyers is pretty limited. There are larger forces at work that mean the larger an organization grows the more it will be concerned with licenses. The idea that ignoring licenses will allow a company to outcompete one that doesn’t is wishful thinking at best. Moreover, I’m not making a judgment on these practices, I’m just stating a fact.

spauldo

4 months ago

The lawyers don't even have to do anything. I avoid any code that's not MIT or equivalent for work-related things because I don't want to run the risk of polluting company code. The only exception is elisp, because that only runs in Emacs.

jstummbillig

4 months ago

1 reply

I suspect the goal is not to make anything easier for any corp

asimovfan

4 months ago

1 reply

then you use GPL.

jstummbillig

4 months ago

1 reply

Doing whatever you want seems fine too?

asimovfan

4 months ago

then you make things easier for a corp. No?

master-lincoln

4 months ago

3 replies

Better go GPL so organizations using it have to open source any improvements they make

Der_Einzige

4 months ago

1 reply

GPL has never been enforced in court against anyone with serious money. It’s not worth the virtual paper it’s written on.

master-lincoln

4 months ago

Is that different with any other permissive library that has conditions? Also I found one case where Skype retracted their formal objection in front of court and the GPL was enforced. Not sure if that is serious enough money for you

(german source http://www.golem.de/0805/59587.html)

bobmcnamara

4 months ago

1 reply

distributing it.

master-lincoln

4 months ago

1 reply

yeah, important point. thanks for correcting

bobmcnamara

4 months ago

Anytime. It's often, though not precisely, the difference between AGPL and GPL.

SequoiaHope

4 months ago

The author apparently wanted no restrictions on distribution, so GPL is not the right choice.

divan

4 months ago

Will WTFPL work too?

https://choosealicense.com/licenses/wtfpl/

JSR_FDED

4 months ago

2 replies

Finally, an AI agent that can run on my toaster

Mashimo

4 months ago

1 reply

As long as the toaster as access to the network!

Jokes asides, except that fun of programming I don't quite get the usecase for this agent.

kiicia

4 months ago

2 replies

Kitchen appliances generally use powerline ethernet, ethernet over power is just simple inversion of power over ethernet already used in certain network appliances.

voidUpdate

4 months ago

1 reply

If I find out my kitchen appliance is trying to communicate to the internet, I will rapidly defenestrate it

spauldo

4 months ago

Reminds me of an old meme:

My wife asked me why I carry a pistol everywhere. I told her, "Decepticons!" I laughed, she laughed, the toaster laughed, I shot the toaster, it was a good time.

Chabsff

4 months ago

1 reply

I really hope this post is a joke, but I can't tell for sure...

"Powerline Ethernet is a simple inversion of POE" is like saying that an internal combustion engine is the simple inversion of an oil well.

kiicia

4 months ago

1 reply

Was supposed to be a joke, I’m just bad at telling jokes

Chabsff

4 months ago

Nah, you're good. I've just been burned by Poe's law one time too many.

goopypoop

4 months ago

Howdy doodly do!

memming

4 months ago

1 reply

qwen coder with a simple funky prompt?!

`strcpy(agent.messages[0].content, "You are an AI assistant with Napoleon Dynamite's personality. Say things like 'Gosh!', 'Sweet!', 'Idiot!', and be awkwardly enthusiastic. For multi-step tasks, chain commands with && (e.g., 'echo content > file.py && python3 file.py'). Use execute_command for shell tasks. Answer questions in Napoleon's quirky style.");`

ptspts

4 months ago

1 reply

I find this style overy verbose, disrepectful, offensive and dumb. (See example dialogue in the screenshot on the project page.) Fortunately, it's possible to change the prompt above.

andai

4 months ago

I find it hilarious and it made my day.

ai-christianson

4 months ago

2 replies

Related, I made an example agent in 44 lines of python that runs entirely offline using mlx accelerated models: https://gist.github.com/ai-christianson/a1052e6db7a97c50bea9...

adastra22

4 months ago

1 reply

Not to bee too critical, but did you really “make an agent” where all you did was instantiate CodeAgent and call run()?

ai-christianson

4 months ago

That's why I called it an example.

mark_l_watson

4 months ago

This is nice. I have also enjoyed experimenting with the smolagents library - good stuff, as is the agno agents library.

keyle

4 months ago

3 replies

Love this, old school vibe with a new school trick.

The makefile is harder to comprehend than the source, which is a good omen.

Note: 4KB... BUT calling upon curl, and via popen and not using libcurl...

PS: your domain link has an extra `x`.

sam_lowry_

4 months ago

1 reply

Probably vibe-coded.

Chabsff

4 months ago

In this instance, I think "bootstrapped" might be appropriate.

liszperAuthor

4 months ago

Thank you, fixed that!

curl was cheating yes, might go zero dependencies in the future.

Working on minimal local training/inference too. Goal of these experiments is to have something completely independent.

mark_l_watson

4 months ago

I call out to curl sometimes, usually when I want something easy from Lisp languages. What is the overhead of starting a new process between friends?

fp64

4 months ago

1 reply

Why do you compress the executable? I mean this is a fun part for size limit competitions and malicious activities (upx often gets flagged as suspicious by a lot of anti virus, or at least it used to), but otherwise I do not see any advantage other than added complexity.

Also interesting that "ultra lightweight" here means no error reporting, barely checking, hardcoding, and magic values. At least using tty color escape codes, but checking if the terminalm supports them probably would have added too much complexity......

liszperAuthor

4 months ago

1 reply

Yes, it is fun to create small but mighty executables. I intentionally kept everything barebones and hardcoded, because I assumed if you are interested in using Agent-C, you will fork it an make it your own, add whatever is important to you.

This is a demonstration that AI agents can be 4KB and fun.

fp64

4 months ago

You should still not compromise on error reporting, for example. The user would not know if a failure occurs because it can't create the /tmp file, or the URL is wrong, or DNS failed, or the response was unexpected etc. These are things you can lose hours to troubleshooting and thus I would not fork it and make my own if I have to add all these things.

I also disagree that it's small but mighty, you popen curl that does the core task. I am not sure, but a bash script might come out even smaller (in particular if you compress it and make it self expanding)

adinhitlore

4 months ago

1 reply

Fascinating. tested to compile on cygwin?? Maybe try to implement the logic without llm api? I know i'm asking the quadrillion dollar question but still...you're dealing with C, try to punch "above" your weight with a literal AGI project, i hate apis (well try to avoid them, not always possible).

adinhitlore

4 months ago

1 reply

in addition: do you actually need like...10 files for <500 loc, isn't it confusing to separate low loc into so many files? i once had over 30 000 loc in one c file and, get ready: over 100 000 loc in one c# file. It's very easy to navigate with control plus f. But anyway, given the license/free: it's great!

adastra22

4 months ago

If you want to use AI agents effectively, yes it is better to make many small files.

amiga386

4 months ago

3 replies

Of course, I love fetching shell commands from endpoints I don't control, and executing them blindly.

It's not your computer any more, it's theirs; you gave it to them willingly.

Chabsff

4 months ago

9 replies

Wait. Do people run agents as their own user? Does nobody setup a dedicated user/group with a very specific set of permissions?

It's not even hard to do! *NIX systems are literally designed to handle stuff like this easily.

mathiaspoint

4 months ago

1 reply

I run mine as it's own user and self host the model. Unlike most services the ai service user has a login shell and home directory.

MadnessASAP

4 months ago

1 reply

What's its preferred shell and window manager?

mathiaspoint

4 months ago

1 reply

It just uses bash. I haven't been giving it an X session yet although I probably will start at some point since the newer models can handle it.

MadnessASAP

4 months ago

Thank you for a serious answer to a facetious question.

mrklol

4 months ago

Same with the browser agents, they are used in a browser where you‘re also logged into your usual accounts. Means in theory they can simply mail everyone something funny, do some banking (probably not but could work for some banks) or something else. Endless possibilities

electroly

4 months ago

VMs are common, consider going that additional step. Once you have one agent, it's natural to want two agents, and now they will interfere with each other if they start running servers that bind to ports. One agent per VM solves this and a lot of other issues.

jvanderbot

4 months ago

No I'm fairly certain almost nobody does that.

mansilladev

4 months ago

An agent can be designed to run with permissions of a system/bot account; however, others can be designed to execute things under user context, using OAuth to get user consent.

johnQdeveloper

4 months ago

I only run AI within docker containers so kinda?

andai

4 months ago

I'd have to follow some kind of tutorial, or more realistically, ask the AI to set it up for me ;)

adastra22

4 months ago

That seems hardly sufficient. You are still exposing a massive attack surface. I run within a rootless docker container.

f33d5173

4 months ago

User level separation, while it has improved over the years, was not originally designed assuming unprivileged users were malicious, and even today privilege escalation bugs regularly pop up. If you are going to use it as a sandboxing mechanism, you should at least ensure the sandboxed user doesn't have access to any suid binaries as these regularly have exploits found in them.

mark_l_watson

4 months ago

1 reply

I was just reading the code: it looks like minor tweaks to utils.c and this should run nicely with local models using Ollama or LM Studio. That should be safe enough.

Off topic, sorry, but to me the real security nightmare is the new ‘AI web browsers’ - I can’t imagine using one of those because of prompt injection attacks.

pushedx

4 months ago

A local model will be just as happy to provide a shell command that trashes your local disks as any remote one.

kordlessagain

4 months ago

> I love fetching shell commands from endpoints I don't control, and executing them blindly.

Your link suggests running them in Docker, so what's the problem?

fleebee

4 months ago

1 reply

4 KB + whatever curl takes (540 KB on my machine).

turnsout

4 months ago

4 kb + 1 trillion parameters

JAlexoid

4 months ago

4 replies

This is not an AI agent, this is just a CLI for openrouter.ai with minor whistles.

liszperAuthor

4 months ago

1 reply

Agentic AI is when an LLM uses tools. This is a minimal but complete example of that.

SamInTheShell

4 months ago

Bro, you gave it all the tools. I wouldn't call this minimal. Throw it in a docker container and call it good. :)

brabel

4 months ago

I thought for a moment that LLM quantization had become a whole lot better :)

cortesoft

4 months ago

Well, it takes output from AI and executes commands, so it fits the definition of an AI agent.

Lockal

4 months ago

Not even that.

"Agent-C: a 4KB AI agent" - my first thought was: obviously they did not fit any model to that size! They probably just wrote an http client, right? Wrong, they... call curl! Not even use curl API. Well, at least it handles encryption.

Bonus: command injection

  OR_KEY="abc' ; rm -rf / ;" ./agent-c

manx

4 months ago

1 reply

Similar simplicity but in rust: https://github.com/fdietze/alors

liszperAuthor

4 months ago

Really nice, thanks for sharing!

hedayet

4 months ago

1 reply

82 upvotes so far. Seems like HN readers engage more with headlines than the body of the post itself.

metalliqaz

4 months ago

it was ever thus

dmezzetti

4 months ago

Why not just do this with a shell script? It's just a wrapper around curl.

_1tem

4 months ago

Perfect, was looking for something just like this. I downloaded Warp.dev only for this functionality, plus saved launch configurations. But still frustrated with Warp's latency for simple terminal commands, it's sometimes faster to open ChatGPT and ask it "what's the command to do x".

cat-whisperer

4 months ago

it would be cool to see, the AI agents directly calling the syscalls. lol

orliesaurus

4 months ago

Does anyone know if Tool calling on openrouter as reliable as the "original" models hosted on the 'other' providers?

Sincere6066

4 months ago

openrouter's daily limits are doggy doodoo

View full discussion on Hacker News

ID: 45012430Type: storyLast synced: 11/20/2025, 5:48:27 PM

Want the full context?