Liran Tal is an AI security researcher and Node.js security expert focusing on securing agentic AI workflows, MCP, and software supply chains through research, education, and open-source work.
222 articles from this blog
A tutorial on training a neural network in JavaScript to solve ASCII mazes using the brain.js library.
Qodo AI's new Package Health Reviewer uses Snyk Advisor to automate security and maintenance checks for open-source dependencies in CI/CD pipelines.
A tutorial on using Python, Ultralytics YOLO, and Supervision for computer vision tasks like object detection and image annotation.
A guide to securely loading and managing Google Cloud Storage service account credentials in Node.js applications, covering JSON files, environment variables, and direct specification.
A proposed security evaluation framework for Model Context Protocol (MCP) servers, focusing on configuration and implementation risks for developers.
A guide for Developer Relations (DevRel) professionals on creating engaging, value-driven content and measuring KPIs for effective go-to-market tactics on X/Twitter.
Explores how zero-trust environments like defense and finance can securely adopt AI using local-first agents and semi-autonomous workflows.
Explores key traits of AI-native products designed for efficient consumption by AI agents, focusing on context optimization and tool execution.
Explores five key pillars for optimizing AI-powered agentic coding workflows, including system instructions and spec-driven development.
Explores the evolution from AI-augmented IDEs to Agentic Development Environments (ADEs) and the future of autonomous AI in software engineering.
Argues that companies built solely on the Model Context Protocol (MCP) are unlikely to succeed, while those using MCP as an integration layer have a better chance.
A guide to automating the fine-tuning of AI agent workflows using the Qodo CLI, based on analyzing execution logs to improve instructions.
A guide to creating a Home Assistant automation for announcing Shabbat candle lighting times using sensors and YAML configuration.
Explains the complex interplay between CORS, SameSite cookies, and CSRF attacks in cookie-based web authentication systems.
Explores gamified learning for developers, using examples like a security game built with Kaboom.js and an LLM prompt injection game.
Analyzes outdated marketing and product strategies causing DevRel failures, advocating for faster, focused launches in fast-paced tech environments like AI.
Explores building Node.js CLI apps without third-party dependencies, using built-in modules for colors, argument parsing, and debugging.
A guide to building neural networks using JavaScript and the Brain.js library, covering fundamental concepts for web developers.
A Developer Advocate explains how to use Generative AI to automate and accelerate the creation of demo applications for security vulnerability education.
Explains the LLMs.txt file, a new standard for providing context and metadata to Large Language Models to improve accuracy and reduce hallucinations.
