Projects
Security & Platform
operator-security-runtime
Found a CVSS 9.1 privilege escalation across RHOAI operators. Built a Go library that replaces cluster-wide permissions with per-namespace scoped Roles, validated with a 200-trial performance framework.
Architecture Analyzer
Static analysis tool that extracts CRDs, RBAC rules, security contexts, and network policies from Kubernetes operator source code. Builds multi-language code property graphs (Go, Python, TS, Rust) with taint analysis.
RHOAI Security Scanner & Dashboard
9-tool scanning pipeline with a React/PatternFly dashboard covering 22 RHOAI repos. Static analysis, secret detection, RBAC auditing, and vulnerability correlation in one unified view.
security-config
Org-wide security configuration for opendatahub-io. Semgrep, CodeRabbit, and Gitleaks configs shared across all repositories.
AI Tooling
Adversarial Reviewing
Multi-agent adversarial code review system. Isolated specialist agents (security, architecture, correctness) analyze code independently, then challenge each other through structured debate rounds.
AI Bug Automation Readiness
Assesses whether repos are ready for AI agents to autonomously find and fix bugs. 20 checks across 135+ repos, auto-updating weekly report. Applied to 4 repos with +10 to +28 point improvements.
Developer Tools
Operator Chaos
Chaos engineering framework for Kubernetes operators. Injects faults into controller reconciliation loops to validate resilience and recovery behavior.
Tab Lifecycle Manager
Chrome extension with a skill-based AI integration that lets any AI agent manage browser tabs through natural language.
Google Docs MCP Server
MCP server for Google Docs and Slides integration, enabling AI agents to read, create, and edit documents programmatically.
Pipeline Validation
PipeClear
Two-layer ML pipeline validation for OpenShift AI. Catches broken pipelines at compile time (Python KFP plugin) and at admission time (Go webhook). Presented at the KFP Community Call.