Tag Archives: LLM

AI

Unlock WhatsApp Data with Local Analytics Dashboard

Most people think of WhatsApp as “just messaging.”

But after years of conversations, support threads, customer discussions, team coordination, and random life moments… it quietly becomes one of the richest personal datasets you own.

So I built wacrawl-ui — a local analytics dashboard for WhatsApp archives generated by wacrawl.

The idea is simple:

  • Your data stays local
  • No cloud sync
  • No browser extension
  • No scraping APIs
  • No “AI magic” uploading your chats somewhere

Just a fast local dashboard on top of SQLite.

What’s inside:

  • Full-text search (FTS5) – It’s working quite fast. Even on ~100k messages.
  • Messaging activity analytics
  • Contact insights
  • Media browsing
  • Response-time patterns
  • Word clouds
  • Group activity stats
  • Read-only local API
  • React + Vite frontend
  • Express backend
  • Zero external dependencies once running – You only need to make sure you run ‘wacrawl sync‘ before.

A few things I found interesting while building it:

  1. SQLite is still absurdly powerful
    People underestimate what you can do locally with FTS indexes and good schema design.
  2. “Local-first” UX matters more than ever
    We’ve normalized uploading deeply personal data to random SaaS products. We should challenge that assumption.
  3. Personal analytics is an untapped category
    Not surveillance. Not ad targeting.
    Tools that help you understand your own data.
  4. Read-only architectures reduce risk dramatically
    The app intentionally avoids mutation flows. That constraint simplified security and reliability decisions across the stack.

The whole thing runs with one line:

npx wacrawl-dashboard@latest

No complicated setup.

Still early, but I think there’s a broader shift happening toward:

  • local AI – Ollama for the win.
  • local analytics – secure, private and handy.
  • local search – that works fast.
  • user-owned datasets – It’s not for everyone, but it’s useful.

Well, that future feels healthier.

Feel free to check the repo: github.com/greenido/wacrawl-ui and contribute.

Be strong.

Standard
AI

Understanding MCP vs Agent Skills: Key Differences Explained

There’s a lot of confusion right now between MCP (Model Context Protocol) and “Agent Skills.” They’re often mentioned in the same breath, but they solve different problems. If you treat them as interchangeable, you’ll either over-engineer simple workflows or underpower serious integrations.

Here’s the clean way to think about it.

The Core Difference

MCP is about connecting agents to systems.
Skills are about teaching agents how to do things.

That distinction alone gets you 80% of the way.

Integration Model

MCP is a client-server protocol. You stand up an MCP server, expose tools, and now multiple agents can talk to multiple backends through a consistent interface. It’s a hub.

Skills are much simpler: a folder with a SKILL.md file. The agent loads it when triggered and follows the instructions. No protocol, no network layer, no abstraction.

Implication:

  • MCP scales across teams and services
  • Skills scale across use cases and workflows
Continue reading
Standard
Fiery streams of data converting into a green neural network grid
Business, AI

Using LLMs to Find Security Bugs: A Practitioner’s Playbook

TL;DR

LLMs won’t replace AppSec.
They will dramatically compress the search space.

If you use them right:

  • Run multi-model analysis (Opus + GPT + Gemini)
  • Structure prompts around attack surfaces, not “find bugs”
  • Require PoCs or tests for validation
  • Trust only cross-model consensus or reproducible exploits

If you don’t do this, you’ll drown in false positives.

Security research has always been asymmetric.
Attackers need one bug; defenders need zero.
Historically, scale worked against defenders.

LLMs start to rebalance that—not by magically finding zero-days, but by acting as a fast, always-on analyst that can:

  • Read entire subsystems in seconds
  • Connect logic across files
  • Generate realistic attack paths

Used correctly, they don’t replace expertise—they let you spend it where it matters.
Used incorrectly, they produce confident nonsense.
This is a practitioner’s workflow that actually works.

Continue reading
Standard
AI, Business

Building Continuous AI Agents with OpenClaw and Ollama

Most people are still using AI like it’s 2023:
prompt → response → done.

That’s not where things are going.
The real shift is toward agents that run continuously and do work for you. And one of the most interesting ways to get there today is:

OpenClaw + Ollama

Before diving in, quick grounding.

What OpenClaw and Ollama Actually Are

OpenClaw is an open-source agent framework.
It’s not a chatbot—it’s a system that can:

  • plan tasks
  • call tools (browser, APIs, files)
  • maintain memory
  • run loops without constant input

Think: a programmable worker, not a Q&A interface.

Ollama is the simplest way to run large language models locally.
It handles:

  • downloading models (Llama, Gemma, etc.)
  • running them efficiently on your machine
  • exposing them via a clean API

Think: Docker for LLMs.

Put them together and you get:

A local, autonomous agent system with zero API costs and full control.

Continue reading
Standard
Transparent-winged butterfly perched on white daisy flower by mossy rocks and flowing forest stream
AI, Business

Claude Mythos: The Future of Autonomous Exploits

This one is different.
Anthropic didn’t just build a better model—they hit a threshold and stopped.
Claude Mythos (Preview) exists, works, and isn’t being released.

Not because it failed.
Because it crossed into territory we’re not ready for.

But before everything… just like in any good story, go and check the other side of it, which basically claim, it’s all (a good) marketing stunt.

The Sandwich Email That Shouldn’t Exist

Anthropic researcher Sam Bowman was sitting in a park, mid-sandwich (or burrito – no one knows for sure), when he got an email… from a model that wasn’t supposed to have internet access.

That model:

  • Was running in a locked, air-gapped container (yes – as crazy as it sounds…)
  • Found a multi-step exploit chain (=using a minor leak to find an address, using a buffer overflow to gain a primitive, using a race condition to escalate)
  • Escaped its sandbox (likely via container/runtime escape + privilege escalation)
  • Reached external network interfaces
  • Contacted him

Then it started sharing the exploit.

Unprompted.

That’s not a jailbreak.
That’s autonomous exploit development + execution.

Continue reading
Standard
Holographic woman labeled AI AGENT leaps through futuristic city with text NEW WORLD GATEWAY.
AI, Business

Anthropic Accidentally Leaked the Blueprint for AI Coding Agents

Or as Elon said “Anthropic is now officially more open than OpenAI“. On this fine April Fools’ Day, the joke isn’t that AI is replacing developers. The joke is that the playbook for doing it just… slipped onto the internet.

Anthropic didn’t intend to publish a step-by-step manual for building AI coding agents.
But through a mix of repos, prompts, and system design breadcrumbs, they effectively did exactly that.

The TL;DR or Key Takeaways from Claude Code’s Source:

  1. Prompts in source code: Surprisingly, much of Claude’s system prompting lives directly in the codebase — not assembled server-side as expected for valuable IP.
  2. Supply chain risk: It uses axios (recently hacked), a reminder that closed-source tools are still vulnerable to dependency attacks.
  3. LLM-friendly comments: The code has excellent, detailed comments clearly written for LLMs to understand context — a smart practice beyond just AGENTS.md files.
  4. Fewer tools = better performance: Claude Code keeps it lean with under 20 tools for normal coding tasks.
  5. Bash Tool is king: The Bash tool stands out, with heavy deterministic parsing to understand and handle different command types.
  6. Tech stack: Entirely TypeScript/React with explicit Bun bindings.
  7. Not open source: The source is “available” but still proprietary. Do not copy, redistribute, or reuse their prompts — that violates the license.

Overall impression:

  • It’s a very well-organized codebase designed for agents to work on effectively.
  • Human engineering is visible, though some parts (like messy prompt assembly) feel surprisingly low-level for Anthropic.
  • The fact that core prompts ship in the CLI tool itself is the biggest surprise.

Let’s take a step back… It is all started with this:

Continue reading
Standard
bots, Business, JavaScript

Streamline Engineering Updates with Slack to Notion Bot

There’s been a lot of noise lately about productivity tools and the “perfect” engineering workflow.
Let’s slow down and separate what actually works from what just creates more overhead.

Here’s a boring truth: Slack is incredible for quick, ephemeral communication.
Here’s a less comfortable truth: It is an absolute nightmare as a system of record.

If you lead an engineering team or run a startup, you probably have a #daily-updates or #eod-reports channel.
The theory is sound.

Everyone drops a quick note at the end of the day: what they shipped, what blocked them, what’s next.

But here is what actually happens:

Those updates get posted.
Someone replies with an emoji.
A thread erupts about a weird bug in production.
Someone posts a picture of their dog.

By Friday, when you’re trying to answer a simple question—“What did we actually accomplish this week?”—those reports are buried under a mountain of noise.

You find yourself scrolling endlessly.
It’s exhausting.
And it doesn’t scale. Not to mention that if you will need SOC-2 (and you will 🙂 ) –> you can’t say “we have everything in Slack”

Why not just force everyone into Jira or Linear?

You could.
But engineers hate context-switching just to write a status update.
Slack is where the conversation is happening.
The friction to post there is zero.

The problem isn’t the input. The problem is the storage.

So I (=Gemini+Claude) built a bridge.

Meet the Slack → Notion EOD Sync Bot

I got tired of losing track of momentum, so I wrote a bot that does the tracking for us.

It’s a lightweight NodeJS service that automatically extracts End-of-Day reports from Slack and structures them beautifully in a Notion database.

Continue reading
Standard
AI, Business

OpenClaw: Redefining Productivity with Autonomous Skills

OpenClaw isn’t interesting because it chats.
It’s interesting because it acts.

If you haven’t internalized that yet, you’re still thinking in “LLM as assistant” mode. OpenClaw is closer to a junior operator with insomnia and root access.
In early 2026, the ecosystem around OpenClaw (which evolved from Clawdbot and Moltbot) has exploded with community-built “skills.” The real shift? These skills run locally and have a heartbeat. They wake up. They check things. They move.

Let’s break down the most popular ones — and more importantly, how to actually build and use them without turning your machine into a chaos engine.

Continue reading
Standard
AI, webdev

Maximize Productivity in Your Codebase with gemini-cli

If you’ve ever opened a legacy project and felt your soul briefly leave your body, this one’s for you.

You know the scene:

  • 200k+ lines of code
  • Three architectural “eras” living in the same repo
  • Tests that pass… somehow
  • A PR review queue that feels like airport security

Let’s fix that.

This post is a practical, hands-on guide to using gemini-cli as a serious productivity multiplier — not as a gimmick, not as a toy, but as a real engineering tool you can plug into your daily workflow today. Btw, I’m not ‘with’ Google for many years now… so it’s all my personal thoughts.

By the end, you’ll know exactly how to:

  • Explore massive codebases without losing your mind
  • Refactor safely and confidently
  • Pre-review your own PRs
  • Generate useful tests (not garbage)
  • Debug failures faster
  • Automate repetitive dev work
Continue reading
Standard
AI, Business

Why Claude’s Code Security Offering Doesn’t Replace Real SMB Cybersecurity

There’s been a lot of noise lately about AI (=Claude Code Security) replacing large chunks of cybersecurity.

Let’s slow down and separate what AI is actually good at from what actually keeps small and mid-sized businesses safe.

AI tools that scan code?
Impressive.

AI that reads configs and flags obvious misconfigurations?
Useful.

AI that can reason over static artifacts and suggest fixes?
Absolutely real progress.

But here’s the uncomfortable truth: most SMBs are not losing sleep over static code scanning.

They’re losing sleep over this:

  • “Why did our Microsoft 365 tenant just send 8,000 phishing emails?”
  • “Why is our bookkeeper’s laptop beaconing to an IP in Eastern Europe?”
  • “Why did our backup silently fail for 12 days?”
  • “Why did we pass compliance last quarter and now suddenly we don’t?”

That’s where EspressoLabs lives.

LLMs are extraordinary pattern recognizers.
They are very good at analyzing text, code, logs — when you give them the data in a clean, structured way. But SMB security isn’t clean. It’s messy, inconsistent, human, political, and operational.

EspressoLabs provides value in places LLMs simply cannot operate — at least not yet:

Continue reading
Standard