← People
Erik Craddock
Erik Craddock@eriklink

anti-patterns and patterns for achieving secure generation of code via AI

If you think that you can achieve security through offering guidance to the LLM through cursor rules, then you are misguided. Cursor rules or any of those types of rules (i.e AGENTS.md) that are attached to your agentic coding harness are mere suggestions to the LLM. They are suggestions.

anti-patterns and patterns for achieving secure generation of code via AI

Geoffrey Huntley

anti-patterns and patterns for achieving secure generation of code via AI

I just finished up a phone call with a "stealth startup" that was pitching an idea that agents could generate code securely via an MCP server. Needless to say, the phone call did not go well. What follows is a recap of the conversation where I just shot down the

linkby Geoffrey Huntleyvia Geoffrey Huntley
0 Replies0 Boosts0 Likes
Erik Craddock
Erik Craddock@eriklink

what is the point of libraries now that you can just generate them?

If something is common enough to require a trustworthy NPM package, then it is also well-represented in the training set, and you can generate it yourself.

what is the point of libraries now that you can just generate them?

Geoffrey Huntley

what is the point of libraries now that you can just generate them?

It's a meme as accurate as time. The problem is that our digital infrastructure depends upon just some random guy in Nebraska. Open-source, by design, is not financially sustainable. Finding reliable, well-defined funding sources is exceptionally challenging. As projects grow in size, many maintainers burn out and find themselves unable

linkby Geoffrey Huntleyvia Geoffrey Huntley
0 Replies0 Boosts0 Likes
Erik Craddock
Erik Craddock@eriklink

LLMs are mirrors of operator skill

Someone can be highly experienced as a software engineer in 2024, but that does not mean they're skilled as a software engineer in 2025, now that AI is here.

LLMs are mirrors of operator skill

Geoffrey Huntley

LLMs are mirrors of operator skill

This is a follow-up from my previous blog post: "deliberate intentional practice". I didn't want to get into the distinction between skilled and unskilled because people take offence to it, but AI is a matter of skill. Someone can be highly experienced as a software engineer in 2024, but that

linkby Geoffrey Huntleyvia Geoffrey Huntley
0 Replies0 Boosts0 Likes