Shay Elmualem
@norbin.bsky.social
Curious mind with a passion for always-learning: DevOps, Infra, Security, AI.
Sharing a quick proof-of-concept project: Cursor-MCP-Trivy.
I put together an MCP server that leverages trivy to scan the active cursor project for security vulnerabilities whenever cursor's agent (composer) changes a dependency file, e.g adding a new dependency.
github.com/norbinsh/cur...
I put together an MCP server that leverages trivy to scan the active cursor project for security vulnerabilities whenever cursor's agent (composer) changes a dependency file, e.g adding a new dependency.
github.com/norbinsh/cur...
GitHub - norbinsh/cursor-mcp-trivy: A Model Context Protocol (MCP) server that provides Trivy security scanning capabilities through a standardized interface.
A Model Context Protocol (MCP) server that provides Trivy security scanning capabilities through a standardized interface. - norbinsh/cursor-mcp-trivy
github.com
February 18, 2025 at 12:02 PM
Sharing a quick proof-of-concept project: Cursor-MCP-Trivy.
I put together an MCP server that leverages trivy to scan the active cursor project for security vulnerabilities whenever cursor's agent (composer) changes a dependency file, e.g adding a new dependency.
github.com/norbinsh/cur...
I put together an MCP server that leverages trivy to scan the active cursor project for security vulnerabilities whenever cursor's agent (composer) changes a dependency file, e.g adding a new dependency.
github.com/norbinsh/cur...
Cursor’s Privacy Mode starts OFF by default in the IDE, because clearly, they think sharing is caring. 😅
Check your settings and decide what works for you.
www.cursor.com/security#inf...
Good luck!
Check your settings and decide what works for you.
www.cursor.com/security#inf...
Good luck!
January 20, 2025 at 7:07 AM
Cursor’s Privacy Mode starts OFF by default in the IDE, because clearly, they think sharing is caring. 😅
Check your settings and decide what works for you.
www.cursor.com/security#inf...
Good luck!
Check your settings and decide what works for you.
www.cursor.com/security#inf...
Good luck!
Using chatgpt new tasks feature as a website availability tool 😆
January 17, 2025 at 10:24 AM
Using chatgpt new tasks feature as a website availability tool 😆
browser-use is pretty cool!
this demo's repo i setup is here github.com/norbinsh/kub...
this demo's repo i setup is here github.com/norbinsh/kub...
January 17, 2025 at 10:13 AM
browser-use is pretty cool!
this demo's repo i setup is here github.com/norbinsh/kub...
this demo's repo i setup is here github.com/norbinsh/kub...
gitcicd.com
Small platform i built you can use to analyze a github repo for actions workflow potential risks, give it a go! 🤘
Small platform i built you can use to analyze a github repo for actions workflow potential risks, give it a go! 🤘
gitcicd.com
Your GitHub Actions, Analyzed.
gitcicd.com
January 13, 2025 at 9:25 PM
gitcicd.com
Small platform i built you can use to analyze a github repo for actions workflow potential risks, give it a go! 🤘
Small platform i built you can use to analyze a github repo for actions workflow potential risks, give it a go! 🤘
The Model Context Protocol (MCP) is an open standard for giving large language models secure, controlled access to tools and data sources.
"Think of MCP like a USB-C port for AI applications."
modelcontextprotocol.io/introduction
"Think of MCP like a USB-C port for AI applications."
modelcontextprotocol.io/introduction
Introduction - Model Context Protocol
Get started with the Model Context Protocol (MCP)
modelcontextprotocol.io
January 5, 2025 at 4:45 PM
The Model Context Protocol (MCP) is an open standard for giving large language models secure, controlled access to tools and data sources.
"Think of MCP like a USB-C port for AI applications."
modelcontextprotocol.io/introduction
"Think of MCP like a USB-C port for AI applications."
modelcontextprotocol.io/introduction
DSPy from Stanford NLP: a Python library for building multi-step LLM pipelines and prompt optimization.
dspy.ai
See in my attached example how it takes a tiny one-liner prompt, convert it (using llm as well) into sub questions - answer them - summarize, and return a final answer.
dspy.ai
See in my attached example how it takes a tiny one-liner prompt, convert it (using llm as well) into sub questions - answer them - summarize, and return a final answer.
December 29, 2024 at 5:18 PM
DSPy from Stanford NLP: a Python library for building multi-step LLM pipelines and prompt optimization.
dspy.ai
See in my attached example how it takes a tiny one-liner prompt, convert it (using llm as well) into sub questions - answer them - summarize, and return a final answer.
dspy.ai
See in my attached example how it takes a tiny one-liner prompt, convert it (using llm as well) into sub questions - answer them - summarize, and return a final answer.
Interesting take on how we often over-emphasizes llms while neglecting the important role of building complete AI systems:
www.youtube.com/watch?v=vRTc...
1. The complete system running it, and not just the llm itself, are the key to unlocking the true potential of AI.
www.youtube.com/watch?v=vRTc...
1. The complete system running it, and not just the llm itself, are the key to unlocking the true potential of AI.
www.youtube.com
December 27, 2024 at 3:18 PM
Interesting take on how we often over-emphasizes llms while neglecting the important role of building complete AI systems:
www.youtube.com/watch?v=vRTc...
1. The complete system running it, and not just the llm itself, are the key to unlocking the true potential of AI.
www.youtube.com/watch?v=vRTc...
1. The complete system running it, and not just the llm itself, are the key to unlocking the true potential of AI.
Some decent AI related "freebies" @ www.aiengineerpack.com - I am not affiliated with that site, just sharing in case and it'll help some others as well, grabbed an annual Perplexity pro sub for no cost. Good luck! (Oh and... always best to remove requested access once you are "done" with it).
December 11, 2024 at 9:08 PM
Some decent AI related "freebies" @ www.aiengineerpack.com - I am not affiliated with that site, just sharing in case and it'll help some others as well, grabbed an annual Perplexity pro sub for no cost. Good luck! (Oh and... always best to remove requested access once you are "done" with it).
Running terraform plan on untrusted code isn’t as safe as it seems. Most ci setups I know would allow developers to do this on the PR phase, before even submitting the PR to a code review.
good read: snyk.io/blog/gitflop...
good read: snyk.io/blog/gitflop...
December 9, 2024 at 10:42 PM
Running terraform plan on untrusted code isn’t as safe as it seems. Most ci setups I know would allow developers to do this on the PR phase, before even submitting the PR to a code review.
good read: snyk.io/blog/gitflop...
good read: snyk.io/blog/gitflop...
Google and Kaggle have launched a comprehensive, no-cost Generative AI course. Each day focuses on key topics:
• Day 1: Foundational Models & Prompt Engineering
• Day 2: Embeddings and Vector Databases
• Day 3: Generative AI Agents
• Day 4: Domain-Specific LLMs
• Day 5: MLOps for Generative AI
• Day 1: Foundational Models & Prompt Engineering
• Day 2: Embeddings and Vector Databases
• Day 3: Generative AI Agents
• Day 4: Domain-Specific LLMs
• Day 5: MLOps for Generative AI
December 7, 2024 at 11:35 PM
Google and Kaggle have launched a comprehensive, no-cost Generative AI course. Each day focuses on key topics:
• Day 1: Foundational Models & Prompt Engineering
• Day 2: Embeddings and Vector Databases
• Day 3: Generative AI Agents
• Day 4: Domain-Specific LLMs
• Day 5: MLOps for Generative AI
• Day 1: Foundational Models & Prompt Engineering
• Day 2: Embeddings and Vector Databases
• Day 3: Generative AI Agents
• Day 4: Domain-Specific LLMs
• Day 5: MLOps for Generative AI
Been using Google's "notebooklm" almost daily to “listen” to whitepapers or get quick intros to new topics with its podcast feature. It’s my go-to for deep dives while on the move. free and super convenient!
December 6, 2024 at 5:06 PM
Been using Google's "notebooklm" almost daily to “listen” to whitepapers or get quick intros to new topics with its podcast feature. It’s my go-to for deep dives while on the move. free and super convenient!
Shoutout to AWS for the ‘Focus mode’ in their docs – a simple but game-changing feature for reading without distractions. More platforms should definitely follow this.
December 6, 2024 at 11:21 AM
Shoutout to AWS for the ‘Focus mode’ in their docs – a simple but game-changing feature for reading without distractions. More platforms should definitely follow this.