I shipped mcp-probe — a CLI that points at any MCP server, enumerates every tool, resource, and prompt, calls each with auto-generated arguments, validates against declared schemas, prints a pass/fail scorecard, and exits 0/1 for CI. The plan for launch week: run it against the official Node MCP servers and post results. The first run made me look like I'd broken half the ecosystem. The second, af
This technical post walks through the design and implementation of Secure Playground: a local web app that simulates prompt-injection attacks against large language models and demonstrates simple defenses. Provide a minimal, reproducible environment to test payloads and defensive strategies. Make it easy to add new providers and run mutation-based red-team experiments. Offer a leaderboard and scor
If you want the failure-mode and testing path through the catalog, start here. Recommended route: Service Worker Failure Modes in Offline-First PWAs Rollback Patterns in Offline-First PWAs Testing IndexedDB Schema Migrations in Offline-First PWAs Offline Queue Replay and Idempotency in Offline-First PWAs If you want privacy-first, offline health tech to exist without surveillance funding it: spons
A 16-pixel hero in your macOS menu bar. Watches LLM traffic. That's it. You remember RunCat — the kitten in your menu bar that runs faster when your CPU is busy. Almost a decade old. Adorable. Useful. Asks nothing of you. AI-native development needs the same thing for a different signal. Not CPU. Agent traffic. Is there a live LLM request flowing right now, or is everything quiet? That's why I bui
Book: The Complete Guide to Go Programming Also by me: Thinking in Go (2-book series) — Complete Guide to Go Programming + Hexagonal Architecture in Go My project: Hermes IDE | GitHub — an IDE for developers who ship with Claude Code and other AI coding tools Me: xgabriel.com | GitHub You write a validation function. Five rules. Email format, password length, age range, country code, ter
Metasploitable2 - FTP Exploitation using vsftpd 2.3.4 Backdoor 1. Objective To identify and exploit a known vulnerability in an FTP service running on a vulnerable target machine using industry-standard reconnaissance and exploitation techniques. 2. Lab Environment Component Description Attacker Machine Kali Linux Target Machine Metasploitable2 Network Type Host-only / NAT
Ledgers are the heartbeat of any financial companies, fintech or old school financial. Not the API gateway, not the mobile app, not the underwriting model. The ledger Banks have known this for centuries. Fintechs sometimes need to rediscover it the hard way. On fintech world Revolut runs multi-currency, multi-product financial infrastructure across 35+ countries. Stripe moves money and extends c
So far, we’ve seen: The model decides what to do The MCP server executes it But something is missing. Who actually connects these two? That’s the MCP client. The MCP client is: The component that connects the model and the MCP server, and manages the entire interaction between them. It’s easy to think: “The model calls the server directly” But that’s not what happens. 👉 The model only generates i