The Best AI Coding Setup I've Ever Used (For Testing Vibe-Coded Apps)
Recording AI agent interactions with Playwright and replaying them isn’t just clever—it’s the only reliable way I’ve found to test …
The Productivity Mirage: Why AI Can't Replace Your On-Call Engineers
AI coding tools boost early productivity, but collapse under the pressure of production systems—here’s why on-call engineers are irreplaceable.
AI Coding Assistants Are Hallucinating Packages (And Attackers Are Exploiting It)
LLMs hallucinate non-existent package names. Attackers register them. Developers install them. Here’s the 291-line detection system that caught …
I Built a 200+ Plugin Security Scanner Using Python Metaclasses (Zero Boilerplate)
Managing 200+ security check plugins without decorators or manual registration—here’s the metaclass pattern that makes it work.
Building an Extensible Security Scanner with 200+ Checks (Without Collapsing Under Its Own Weight)
Most security scanners start with 5 checks and die at 20. Here’s the three-layer architecture that lets you scale from 5 to 500 without …
Prompt Injection Gone Wild: Real Examples from Public Vibe-Coded Apps in 2025
Five real injection incidents from 2025 vibe-coded apps and the playbook Vibe-Eval uses to keep AI-generated UX from turning into data-exfiltration …