Show HN: The Mog Programming Language

Source: Hacker News

Mog is a statically typed, compiled, embedded language (think statically typed Lua) designed to be written by LLMs—the full spec fits in 3,200 tokens.

• An AI agent writes a Mog program, compiles it, and dynamically loads it as a plugin, script, or hook.
• The host controls exactly which functions a Mog program can call (capability‑based permissions), so permissions propagate from agent to agent‑written code.
• Compiled to native code for low‑latency plugin execution—no interpreter overhead, no JIT, no process startup cost.
• The compiler is written in safe Rust, allowing the entire toolchain to be audited for security. Even without a full audit, Mog is already useful for agents extending themselves with their own code.
• MIT licensed, contributions welcome.

Motivations for Mog

Syntax Only an AI Could Love

Mog is written for AIs to write, so the spec fits easily in context (~3,200 tokens) and is intended to minimize foot‑guns to lower the error rate when generating Mog code.

• No operator precedence: non‑associative operations must use parentheses, e.g. (a + b) * c.
• No implicit type coercion, reducing runtime bugs.
• Limited support for generics and no support for metaprogramming, macros, or syntactic abstraction.

These restrictions would be onerous for humans, but LLMs don’t mind; the less expressivity you trust them with, the better.

Capabilities‑Based Permissions

Existing security models for AI agents face a paradox: giving an agent unfettered access is insecure, while sandboxing it removes useful functionality. Moreover, scripts written by the agent often inherit fewer permissions than the agent itself, leading to security gaps.

Mog addresses this by:

• Compiling to native machine code ahead of time, with the compiler designed not to emit dangerous code.
• Requiring the host to explicitly provide any functions the Mog program may call (e.g., I/O).
• Preventing direct access to syscalls, libc, or arbitrary memory; the program can only allocate within a host‑provided arena and call supplied functions.
• Ensuring the host can inspect arguments to any potentially dangerous operation, enforce session‑level permissions, and limit execution time via cooperative interrupt polling (≈10 % overhead on tight loops).

Self‑Modification Without Restart

Traditional agents often need a full restart to load new code. Mog enables:

• On‑the‑fly compilation and loading of new plugins without interrupting a session, allowing dynamic responsiveness to user feedback.
• Built‑in async support by adapting LLVM’s coroutine lowering to a Rust‑ported QBE compiler; the Mog host library can be integrated into an async event loop (tested with Bun).
• A stack allocated inside the host‑provided memory arena, with a guard page separating stack and heap, preventing stack overflow without runtime overhead.

Future Work

• Expand the standard library (JSON, CSV, SQLite, HTTP, etc.).
• Add an llm library for guest code to make LLM calls through the host, supporting multiple models and token budgeting.
• Improve ergonomics of program lifecycle operations.
• Develop a more fully featured library for integrating a Mog host into AI agents such as OpenClaw or OpenAI’s Codex CLI.

Comments on Hacker News (131 points, 65 comments)