Blog
Thoughts on tech projects, cybersecurity, infrastructure, and things I'm learning.
Browse by Topic
Weekly Digest
Get a weekly email with what I learned, summaries of new posts, and direct links. No spam, unsubscribe anytime.
Thoughts on tech projects, cybersecurity, infrastructure, and things I'm learning.
Get a weekly email with what I learned, summaries of new posts, and direct links. No spam, unsubscribe anytime.
12 community skills evaluated, 35 design rules extracted, 4 knowledge base files created, 5 agents deployed. I built a complete UI/UX design and quality system for Claude Code in a single day.
14 GB free on a 180 GB Mac. Parallel storage scans, a 4-tier classification system, deep research into iMessage's 29 GB local cache, and a reusable /storage-cleanup command. Total reclaimed: 43 GB.
A pairing/admin-approval privilege escalation CVE hit OpenClaw. My security agent ran a threat hunt, my builder agent implemented a Security Panel on the Mission Control dashboard, and 15 files later the system can see itself. Here is the full story.
247 game AI parameters, 7 candidate use cases, 5 agents, 1 honest verdict: no. But the research process itself uncovered three real configuration problems in my Vector Memory server that had been silently degrading search quality for weeks.
I wanted a living document for my family, something like a private Wikipedia where we could record accomplishments, life stories, and milestones. Here is the complete blueprint: gathering source material, multi-agent orchestration, a 5-phase pipeline, PII protection, and a one-prompt quick start.
3 test sessions, 2 MCP servers, 1 wrapper script fix. How I added Exa and Firecrawl to Claude Code for semantic search, JS-rendered scraping, and proper deep research capability.
35 MCP tools, 7 implementation tasks, 2 platforms, 1 session. How I used the superpowers brainstorming, writing-plans, and subagent-driven-development pipeline to integrate NotebookLM into Claude Code as a first-class MCP server.
A beginner-friendly guide to the features that make Claude Code powerful: CLAUDE.md, directory structure, permissions, plan mode, checkpoints, skills, hooks, MCP, plugins, context, slash commands, compaction, agents, and rules. Everything you need to know to get started successfully.
50 instincts, 13 semantic clusters, 7 accepted candidates, 5 promoted skills. I built the third tier of a continuous learning pipeline that synthesizes behavioral patterns into reusable agents, skills, and commands.
How I built a full direct-booking vacation rental website for my brother-in-law Terry using Claude Code and a 6-agent AI team: Next.js 16, Supabase, Resend, and a surprisingly capable admin dashboard for a non-technical host.
I set up notebooklm-py as a programmatic content creation pipeline for CryptoFlex LLC, building a custom agent and skill that turns blog posts into branded infographics and slide decks with automated QA. Here is how the security review went, what the pipeline looks like, and what I learned about trusting reverse-engineered APIs.
I ran a routine audit on my Gmail agent and discovered the knowledge graph had been completely empty for months, the memory nudge hook had five blind spots, and nothing was catching either problem. Here's what I built to fix it.
I set up the Claude Code iMessage plugin as a proof of concept, debugged two real bugs, and discovered a fundamental security flaw that made me tear the whole thing down. Here's the full story.
Claude Code's /compact command frees up context but destroys in-progress session state. Smart-compact is a custom skill that saves everything before you compact, so you can pick up exactly where you left off.
Building a Gmail cleanup agent in Claude Code, evolving it from a manual 5-step script to a fully autonomous v3 with VIP detection, delta sync, auto-labeling, and follow-up tracking. Then making it run unattended every 5 hours via scheduled triggers and a remote-control daemon on a Mac Mini.
Three ways to run Claude Code remotely. I tried Dispatch, Channels, and Remote Control. Here's what broke, what worked, and why I landed on Remote Control with Warp terminal on my always-on Mac Mini.
I tried to schedule my gmail-assistant agent via Dispatch, then discovered Channels and Remote Control solve the problem differently. Here's how all three compare for mobile-triggered local automation.
How I replaced three separate Google Workspace MCP integrations with a single gws CLI skill, why CLI beats MCP for large API surfaces, and the four-tier safety system that keeps destructive operations from running without confirmation.
Building a pixel-art retro dashboard to command 7 AI agents on an M4 Mac Mini: System Health, Agent Fleet, Team org chart with role card modals, Telegram monitoring, cron jobs, and more.
A deep dive into OpenClaw's three-tier memory system: hybrid search with nomic-embed-text embeddings, temporal decay, sqlite-vec vector storage, and the full configuration that makes agents remember across sessions.
A technical deep-dive into rebuilding a 1990 Windows 3.1 artillery game as a modern web app with Next.js 15, Canvas 2D, Web Audio synthesis, 6 weapons, 4 terrain biomes, AI personality, and a tri-specialist security audit. From empty repo to 20-feature modernization in two sessions.
A practical walkthrough of the 5 Node.js MCP servers I run with Claude Code: sequential-thinking, memory, context7, github, and project-tools. What they do, how to configure them on Windows, and what I learned testing each one.
How a single commit across 58 files added audio, branching tech trees, fleet stances, galaxy types, diplomacy treaties, and 22 achievements to Third Conflict. Everything kept green the whole way.
How to give Claude Code real persistent memory using a global rule file and a vector database MCP server, so context survives across sessions without any manual effort.
After Part 1's fortress locked itself out, I rebuilt OpenClaw incrementally: one security control at a time, with 7 agents, 6 Telegram bots, and verification after every step.
I used a team of 5 AI security agents to build a hardened OpenClaw deployment on my M4 Mac Mini. After implementing every security control imaginable, nothing worked. Here is what happened, why I did not quit, and what I planned instead.
How I turned a functional web port of a 1991 game into a full-featured modern 4X strategy game across four feature phases and a wiring plan, using Claude Code as the primary development engine.
Three features that turned a static blog into something closer to a content platform: draft staging via GitHub API, threaded comment replies, and a swipeable LinkedIn carousel built in React.
I reviewed an AI-generated recommendation to convert my custom agents into 'captains' that spawn parallel sub-agents. Here's what I learned about factual assessment, corrected parallel structures, sandbox constraints, and when to use this pattern (or keep it simple).
A technical walkthrough of 16 site improvements shipped in a single Claude Code session: reading progress bars, dark mode, fuzzy search, a contact form, code playgrounds, a guestbook, achievement badges, and more.
How I cataloged 13 custom agents, 23 learned skills, 10 rules, 8 bash scripts, and 2 MCP servers into a searchable, filterable showcase page for my blog. One session. One new route. One background research agent doing the heavy lifting.
What happens when a 5-agent security team audits a client-side browser game? 26 findings, a 'God Mode in 30 seconds' attack chain, and 4 parallel developers shipping every fix before the coffee got cold.
What happens when you ship 90% context reduction in the morning and build a full backlog staging system by afternoon? A look at a typical day building with Claude Code.
How I used Claude Code and four parallel AI agents to rebuild Second Conflict, a forgotten 1991 Windows 3.0 space strategy game, as a modern web app. Complete with reverse-engineered game mechanics, 261 passing tests, and more nostalgia than I knew what to do with.
How a basic page-view tracker evolved into a 9-section, 26-component analytics command center with heatmaps, scroll depth tracking, bot detection, and API telemetry. Includes the reasoning behind every upgrade and enough puns to make a data scientist groan.
From 70K tokens per session to 7K. A 7-agent audit, 23 evaluation documents, 11 component scorecards, 5 optimization patterns, and an 8-agent implementation team. This is the full story of cutting context consumption by 90%.
One cybersecurity nerd, one AI coding assistant, one week, 117 commits, 24 pull requests, 17 blog posts, 410 tests at 98% coverage. This is the story of building a production website from scratch with Claude Code, including every mistake, meltdown, and meme along the way.
A 5-agent team chewed through a week of Claude Code session logs and surfaced patterns I never would have found manually. Including the revelation that my worst day wasn't actually that bad.
I tasked four AI agents with auditing my production site for OWASP vulnerabilities. They found 16 findings, fixed 6, and wrote 37 tests in under 30 minutes. Traditional pentesting may never be the same, but red teamers shouldn't worry.
How I made each weekly digest newsletter unique by using Claude Haiku to generate two-paragraph intros with historical tech facts, holiday callouts, and graceful fallback when the API fails.
A comprehensive configuration overhaul that transformed my Claude Code workflow from serial execution to parallel agent orchestration. 7 custom agents, 9 rules reorganized, file protection hooks, and the philosophy of why every AI-assisted developer should go agentic-first.
How I built a subscriber-gated comment system with thumbs up/down reactions, admin moderation, and a one-time welcome email blast, including the PowerShell quirks and Vercel WAF rules that nearly blocked everything.
How I built a full newsletter system for this site with secure subscriptions, HMAC-verified unsubscribes, branded HTML emails, and a Vercel Cron that sends a weekly digest every Monday. Includes the WAF rule that broke everything and the firewall tightening that followed.
A technical deep-dive into implementing production-grade SEO for a Next.js site, covering dynamic sitemaps, JSON-LD structured data, OpenGraph, Twitter Cards, RSS feeds, canonical URLs, and everything Google needs to actually find your website.
A technical deep dive into notification hooks, terminal bell protocols, and why playing a simple sound required understanding BEL characters, OSC sequences, and Windows API calls.
A security professional audits his own code: blog posts leaking private repo names, query-string secrets in browser history, SSRF vectors, and error messages handing attackers the database schema. 19 findings and the journey to fix every one.
How I built a custom analytics system with interactive visualizations, IP intelligence, and a Leaflet world map, using Next.js, Neon Postgres, and Claude Code. Includes the full Vercel Analytics integration and why custom tracking fills the gaps.
How I built a 12-step /wrap-up slash command that automates end-of-session documentation across multiple repos - pulling latest, extracting learned skills, cleaning global state, updating changelogs, committing in Hulk Hogan's voice, and pushing. A step-by-step breakdown of every function and why it exists.
A detailed, hour-by-hour account of my first day with Claude Code - starting with Ollama frustrations, discovering Opus 4.6, building a complete website, and deploying to production. 30 commits, 4 repositories, and one very long day.
A deep dive into configuring Claude Code for real-world use - from modular rules and session logging hooks to MCP servers and the everything-claude-code plugin ecosystem.
A detailed, step-by-step guide to vibe coding a production website from the ground up using Claude Code, from someone whose last website ran on Apache with hand-written HTML. Every service, every config, every command.
My journey from running Ollama with Qwen locally (too slow) to setting up an Anthropic account and discovering Claude Code - the AI CLI tool that changed how I build software.