Posts

Getting Roasted by my LLM Style Editor

November 30, 2025

llm writing meta

My own style-editing agent delivered unexpectedly harsh feedback. It stung, and it was exactly what I needed.

Stop Running `npm install`

November 26, 2025

security npm supply-chain

The sha1-hulud attack compromised 830 packages and leaked 11,000 secrets. MFA stops account takeovers. `npm ci` stops propagation.

Slop In A Bucket

November 23, 2025

security llm static-analysis code-quality slopsquatting

LLM-generated code, linters, and the security problems we can and can't solve.

Sloppy Syntax

November 22, 2025

llm writing

A personal collection of totally radioactive syntax often generated by LLMs.

Security is PvPvE

November 17, 2025

security code-quality philosophy

Security work isn't just about outsmarting attackers. You're also fighting the computers themselves.

Bernoulli Coding

September 02, 2025

coding philosophy

The middle ground in software development is dead. I now write code in just two modes: fortress-grade security or complete disposable chaos.

Slopsquatting detection added to Scary Strings

August 30, 2025

ai coding hacking

Preventing AIs from installing sketchy packages

Browser Use is Solving the Wrong Problem

August 26, 2025

ai coding

The browser has been the everything app for a long time, and much hype surrounds the idea of automating browser use with LLMs. But in the age of AI agents, ...