Notes from the lab and the field.
Thoughts on technology, cybersecurity, and creative problem-solving
GhostMCP Part 2: Hardening the Human-AI Handshake
Moving beyond the local terminal to enterprise-grade isolation and audit-first security for AI agents with mTLS and hash-linked audit chaining.
Read more →SignalGate: A Safer Way to Use AI in Production
SignalGate is a routing layer that makes AI integrations more reliable and predictable through policy-based model selection, failover, budget guardrails, and safer defaults.
Read more →OpenClaw Memory Optimization Suite: Moving from Fuzzy RAG to High-Resolution Knowledge Graphs
We've just released the OpenClaw Memory Optimization Suite. It's a protocol and visualization toolset designed to move away from 'fuzzy' RAG toward structured, high-resolution knowledge graphs.
Read more →Building GhostMCP: A Cybersecurity MCP Server for Agents
GhostMCP is a production-ready MCP server that turns cybersecurity workflows into reliable, agent-usable tools. It combines dynamic Kali-style tool discovery, strict policy controls, typed MCP schemas, and hardened runtime behavior so agents can run authorized security tasks safely and consistently.
Read more →Next.js Auto-Deployment to a VPS Using GitHub Actions
Your laptop does not deploy your app. Your VPS does not build your app. GitHub Actions builds your Next.js project on a temporary runner, then securely SSHs into your VPS using a deploy key, syncs the build artifacts, and restarts the running process with PM2. You push to `main`. GitHub Actions does the work. Your VPS only runs the final result. If you are building on the server or SSHing from your laptop to deploy, you are doing it wrong.
Read more →Breaking (and Observing) a Chat Model: My Prompt-Injection Test
A concise write-up of a small experiment: how a model refused a disallowed request, then was socially engineered into producing dangerous output via simple self-attestation.
Read more →Pentest-Agent — building an LLM-aware red-team assistant
Pentest-Agent is an LLM-enabled penetration-testing orchestrator built to automate reconnaissance and vuln-enumeration workflows while keeping humans squarely in the decision loop. It's plugin-driven, async-first, and pragmatic — it runs `nmap` scans, parses results into structured data, feeds them to an LLM for analysis/planning, and then executes follow-up actions with safety checks. This post covers architecture, key design choices, stumbling blocks, security/ethics, and a roadmap.
Read more →Building a Web Experience: Creating the Bluedot Website
A technical deep dive into building a full‑stack portfolio using Next.js App Router, Prisma, NextAuth, and GitHub API.
Read more →Stay Updated
Follow my blog for insights on cybersecurity, development, and creative projects. I share practical tips and behind-the-scenes looks at my work.
