Launch HN: Slashy (YC S25) – AI that connects to apps and does tasks

Hacker News Discussion ↗

Product Scope & Differentiation

  • Slashy is pitched as an AI “single agent” that connects to apps (Gmail, Drive, LinkedIn, etc.) and executes workflows (e.g., drafting emails from context, LinkedIn outreach).
  • Some commenters struggle to see differentiation versus existing ChatGPT/OpenWebUI-style tools plus local models and bring-your-own-key setups.
  • The team claims their edge is deeper integrations, internal tooling (e.g., storage API enabling PDF→Gmail flows), semantic search, and user action graphs.

MCP, Architecture, and Tooling

  • Slashy explicitly does not use MCP; they built their own internal tools and a custom single-agent architecture.
  • Critics argue this misunderstands MCP’s role and risks isolation from an emerging plugin ecosystem, while supporters note MCP mainly matters when tools and agents are owned by different parties.
  • There’s debate over whether skipping MCP is smart focus or needless reinvention and lock-out from a common standard.

Models, Indexing, and Capabilities

  • Backend uses Claude/OpenAI with Groq for tool routing; no serious local/OSS model usage yet because the team finds them “not usable” for this product.
  • Semantic search is implemented via indexing (compared loosely to Glean), but scalability at very large volumes (hundreds of thousands of files) is unproven in practice.
  • The team informally claims fewer hallucinations with a single-agent setup and reduced tool exposure, but no formal benchmarks.

Scraping, LinkedIn Data, and Legal Concerns

  • Slashy does not scrape LinkedIn directly; instead it buys data from third-party “live scraping” vendors under NDA.
  • This triggers a long subthread on legality:
    • One side asserts public data scraping is broadly legal and robots.txt isn’t binding law.
    • Others (including a lawyer) emphasize the nuances: CFAA limits, potential civil liability (e.g., trespass to chattels), harm to operators, and enforceable ToS.
  • Some view using third-party scrapers for LinkedIn data as clearly abusive and harmful to LinkedIn’s business; others say ToS violations are not criminal per se.

Security, Privacy, and the “Lethal Trifecta”

  • Multiple commenters are alarmed by giving an agent broad, automated access to personal accounts (Gmail, etc.).
  • The team initially says “we don’t have access to your data; the agent does,” later clarifying tokens and OAuth credentials are stored server-side on AWS and managed by them.
  • This discrepancy is heavily criticized as misleading; several call the architecture inherently dangerous given prompt-injection and agentic risks.
  • References are made to “lethal trifecta” scenarios and recent research (e.g., CaMeL) on securing agent systems; commenters urge deep, continuous security work or open-sourcing for scrutiny.

Market Outlook & Community Sentiment

  • Some users report Slashy is genuinely useful, particularly for context-aware email drafting and workflow automation.
  • Others are skeptical, seeing “yet another AI agent startup” with limited novelty, comparing the current YC AI wave to a “shitcoin” era.
  • There’s discussion about whether foundation models + MCP (or browser agents) will eventually subsume this space; advice given is to focus on complex, high-value workflows and/or building an ecosystem to avoid being commoditized.