Blog
Technical articles, project updates, and thoughts from the lab.

Introducing Winnom: Know Your Node
> read_more
Rust vs Python: Agentic Workflow Performance Benchmarks
Comparing Rust and Python for agentic workflow performance reveals critical differences in latency variance and throughput under heavy context loads. Discover w
> read_more
NCompass Technologies: Why Local LLM Artifacts Beat API Abstraction
While NCompass Technologies promises zero-friction deployment, relying on external inference APIs obscures critical model lineage and provenance data. Discover
> read_more
Cool AI Projects That Failed: The File Integrity Gap
Many cool AI projects fail miserably due to a gap in file integrity verification. Learn why unstructured model dumps break pipelines and how to fix it.
> read_more
Tinfoil (YC X25): Verifiable Privacy for Cloud AI
Tinfoil (YC X25) offers verifiable privacy for cloud AI by ensuring cryptographic guarantees, yet teams must also audit model artifacts to prevent supply chain
> read_more
Rust Python Hybrid Agentic Workflow: Avoiding Latency Pitfalls
Building a rust python hybrid agentic workflow requires isolating latency-sensitive logic from Python's garbage collector to ensure deterministic performance in
> read_more
How to Secure Local LLM Model Files: A Zero Trust Guide
Learn how to secure local LLM model files by implementing checksum verification, metadata analysis, and sandboxed execution environments to prevent tampering.
> read_more
Local LLM Security Best Practices: Beyond Basic Hashing
Implement local llm security best practices by moving beyond simple checksums to verify internal structure, provenance, and metadata integrity for safe offline
> read_more
How to Build a Secure Homelab for LLM Inference
Learn how to build homelab for llm inference security by validating artifact integrity, enforcing strict file permissions, and auditing metadata to prevent supp
> read_more
Is a Self-Hosted Proxy Necessary for AI Agents?
Discover why a self-hosted proxy is necessary for AI agents to ensure low latency, data sovereignty, and deterministic performance in production environments.
> read_more
Why Choose Rust Over Python for Agentic Workflow Harness
Discover why choosing Rust over Python for an agentic workflow harness eliminates non-deterministic pauses and ensures microsecond-level predictability in high-
> read_more
Rust vs Python for Small Team Infrastructure Tools
Choosing between Rust and Python for small team infrastructure tools depends on latency needs. While Python offers speed, Rust provides deterministic performanc
> read_more
How to Audit Open Source Dependencies in Python Scripts
Learn how to audit open source dependencies in Python scripts by generating Software Bills of Materials (SBOMs) and inspecting model artifacts to prevent supply
> read_more
Mutagen 0.4.0 Released: Service Extraction, Bug Crunches, and Fixed Persona Drift
Mutagen 0.4.0 addresses friction in agentic workflows by introducing a Rust-based service extraction layer, automated bug crunches, and fixes for persona drift
> read_more
Do You Have a Homelab? Secure Your Local LLM Artifacts
As homelabs shift to local AI execution, treating model files like production dependencies is vital. Learn how to verify artifact integrity and manage your Do Y
> read_more
Echoes HQ: Developer-Friendly Activity Reports for Local LLM Governance
Echoes HQ (YC S21) signals a pivot to artifact accountability with developer-friendly activity reports that track local model lineage, SBOMs, and proprietary fi
> read_more
Moonrepo: Open-Source Build Systems for LLMs
Discover Moonrepo, an open-source build system designed for the LLM era. It replaces monolithic repos with modular tools that handle model artifacts as first-cl
> read_more
Pomotok: A Windows Pomodoro Timer for Deep Focus
Pomotok is a Windows pomodoro style timer that actually lets you focus and doesn't overstimulate. It uses system-level blocking to enforce boundaries.
> read_more
AppView 1.0.0 Released: Instrument and Secure Your LLM Deployments
AppView 1.0.0 is released to help you instrument, observe, and secure your LLM deployments by generating lightweight SBOMs and auditing model artifacts.
> read_more
Linux Kernel Log 2.6.30: New File Systems and Modular Architecture
The Linux kernel log entry for version 2.6.30 highlights a structural pivot in file systems, shifting from monolithic boot-time dependencies to modular loadable
> read_more
Blokhead: Chrome Edge Firefox Extension for Blocking Distractions
Blokhead is a lightweight Chrome, Edge, and Firefox extension for blocking distracting websites instantly without setup or cloud surveillance.
> read_more
Rem: Remember Everything - Secure Open Source AI Memory
Rem: Remember Everything shifts focus from ephemeral tokens to durable, auditable memory artifacts. Treat persistent memory as a security boundary to verify pro
> read_more
Rift: Open-Source AI-Native Language Server for Personal SWE
Rift is an open-source AI-native language server designed for personal AI software engineering, enabling local-first security and artifact inspection without cl
> read_more
Kexa.io: Open-Source IT Security for Local AI Governance
Kexa.io provides open-source IT security and compliance verification for local LLM artifacts, filling the gap between policy and low-level file inspection.
> read_more
ArchGW: Intelligent Edge Proxy for Agents
ArchGW acts as an intelligent edge and service proxy for agents, enabling low-latency decision loops and keeping sensitive data within secure boundaries without
> read_more
Sqreen: Securing Web Apps via Model Artifact Auditing
Sqreen secures web apps by auditing model artifacts rather than just code, addressing vulnerabilities in AI-driven development and complex dependency ecosystems
> read_more
Socket: Secure Your JavaScript Supply Chain Against AI Threats
Secure your JavaScript supply chain by treating external sockets as hostile until proven otherwise, verifying intent before untrusted AI-generated libraries exe
> read_more
Arctype: Cross-Platform Database GUI for LLM Artifacts
Arctype, a cross-platform database GUI for developers and teams, unifies application schemas with external model dependencies to verify AI provenance.
> read_more
Self-Hosted Pomodoro Timer for Local LLM Reliability
A self-hosted pomodoro timer ensures local AI tools remain reliable by treating breaks as maintenance windows to validate model integrity and clear caches.
> read_more
Rust vs Python for Agentic Workflow Harness: The Mutagen Decision
We chose Rust over Python for our agentic workflow harness to eliminate garbage collection pauses and reduce container bloat. This hybrid architecture isolates
> read_more
How to Sync Claude Config Across Machines P2P
Learn how to sync claude config across machines p2p using WebRTC bridges and integrity verification tools to keep your local LLM data private.
> read_more
Welcome to Mutagen
A Claude, Codex, and local LLM harness for building applications.
> read_more
Announcing PomoTok
I wanted something that felt calm and immediate. Something that helped create momentum instead of demanding it upfront. Something that could support focus without turning it into a performance. PomoTok is my attempt to make a tool that stays out of the way and still does something genuinely useful.
> read_more
Introducing HissCheck
HissCheck brings testing to your python testing.
> read_more
Introducing L-BOM and GUI-BOM
Bringing SBOM transparency to gguf and safetensors.
> read_more
Announcing Ridge Sight
Ridge Sight is the first product available from CHKDSK Labs. It allows GitHub users to view and manage all pull requests available to their repositories in one dashboard.
> read_more