61 posts tagged with "Ai"

drupal-blog-inside-drupal-cms-2-qa is a Drupal-focused QA project that exercises a blog experience inside Drupal CMS. It’s a small, targeted setup that lets me validate how blog content fits into the CMS’s structure, from content types to listing views, without dragging in a full site build. View Code

It’s useful because it narrows the feedback loop for QA: I can verify content modeling, editorial flow, and UI behavior in isolation, then carry what works into larger Drupal builds. That keeps regression testing tight and helps confirm that the CMS’s out‑of‑the‑box capabilities can support a clean blog workflow.

One takeaway: a focused QA repo like this is a reliable way to test core Drupal patterns before committing them to a production codebase. It’s faster to validate assumptions in a minimal environment than to unwind them later in a full project.

View Code

drupal-claude-agent-sdk-runtime looks like a Drupal-oriented runtime layer for running Claude-based agent workflows inside a Drupal site or module. It likely provides the glue code and conventions to host an agent SDK runtime in the Drupal ecosystem, so you can build Drupal features that call agent capabilities without reinventing the runtime plumbing.

That is useful when you want structured, repeatable agent behaviors inside Drupal: content automation, editorial assistance, or backend workflows that need deterministic integration points. A runtime package keeps the boundaries clear—Drupal provides the context and storage, the runtime provides the agent execution surface—so you can iterate on prompts and tools without re-architecting the integration.

Technical takeaway: treat the runtime as an integration contract. Keep Drupal-specific concerns (services, config, entities) on one side and agent execution (sessions, tool calls, output handling) on the other, and you get a clean seam for testing and future upgrades. For the code, View Code.

References

• View Code

The ai-leaders-micro-credential-pilot project is a small, focused codebase for running a pilot program around an AI leadership micro‑credential. I treat it as a lightweight scaffold for curriculum delivery, evaluation, and iteration—just enough structure to run a cohort, collect evidence, and refine the program without dragging in a heavy platform.

It’s useful because pilots need speed and clarity: you want to validate learning outcomes and operational flow before scaling. This repo keeps the surface area minimal so changes are easy to reason about, and it helps keep the pilot aligned with real-world delivery constraints rather than theoretical plans. If you’re exploring how to operationalize AI leadership training, it’s a clean starting point and a concrete reference. View Code

One technical takeaway: pilot programs benefit from a “thin core” architecture—capture the essentials (content, assessments, feedback loops) and make everything else optional. That discipline keeps iteration fast and avoids premature complexity, which is exactly what you want during a learning-first phase.

View Code

View Code

atlas-demo is a small project that demonstrates how to use Atlas for automated browsing and UI validation. It’s a compact, repeatable setup that focuses on showing how an agent can open pages, perform basic interactions, and capture results for review. View Code

This kind of demo is useful when you want a known-good baseline for UI automation or to prove out a workflow before embedding it into a larger system. It’s also a fast way to show teammates what “agent-driven browsing” looks like without requiring them to assemble tooling or configuration from scratch.

One technical takeaway: keeping the demo narrow and deterministic makes it far easier to debug failures. By minimizing optional steps and external dependencies, you can confirm whether issues are in the automation logic or in the target site’s behavior.

References

• View Code

Crawler Separation Fairness is a small project I built to reason about how different web crawlers should be separated and treated fairly when they hit shared infrastructure. The focus is on defining a clean boundary between crawler classes and making those boundaries observable and enforceable.

This is useful when you operate services that face mixed bot traffic and want to prevent one crawler from starving another, or from overwhelming shared queues and caches. A clear separation policy makes capacity planning and rate‑limiting decisions more defensible and easier to tune over time. View Code

Technical takeaway: model crawler fairness as a first‑class constraint (not a side effect) and make it measurable. Even simple, explicit partitions—paired with lightweight metrics—can turn an opaque traffic problem into something you can debug and iterate on safely.

View Code

• View Code

This project is a compact demo that showcases a Drupal 11 recipes collection. From the name and repo context, I treat it as a focused example of organizing and demonstrating Drupal “recipes” as a reusable collection for installs or site setup, rather than a full product.

It’s useful because it gives a concrete, minimal reference for how to structure and package a set of recipes as a cohesive collection. That kind of example makes it easier to replicate patterns across environments or teach teams how to standardize site build steps.

My main technical takeaway: isolating a narrowly scoped demo makes it easier to reason about collection structure and recipe composition without the noise of a full Drupal distribution. That clarity pays off when you want to reuse or automate the same setup in other projects.

View Code

• View Code

The Hook​

If you install "skills" from a public marketplace, you are installing trust, so I built a static scanner that scores a skill bundle before it touches my machine.

Why I Built It​

Two quotes were enough to justify a guardrail.

Daniel Lockyer: "malware found in the top downloaded skill on clawhub and so it begins."
Elon Musk: "Here we go."

That is the whole pattern: popularity becomes distribution, and distribution becomes the exploit.

The scary part is not a single bad skill. It is the workflow. Skills often ship as a mix of code plus setup instructions. If that skill can convince you to run one command, it can bootstrap anything after that.

So I wanted a quick, local, boring gate: point it at a skill bundle and get a risk report.

The Solution​

Skills Sentry is a static scanner. It does not "detect malware." It detects risky behavior and risky intent.

It looks for:

• Remote script execution patterns (curl or wget to sh, powershell iwr, etc)
• Obfuscation patterns (base64 decode, eval, long encoded blobs)
• Sensitive file targeting (.ssh, env files, wallet keywords, tokens)
• Suspicious install steps (chmod +x, hidden paths, cron, launch agents)
• Network endpoints declared in configs and code

Then it outputs:

• A risk score (0 to 100)
• Findings grouped by severity
• A JSON report you can stash in CI

The Code​

View Code

(Repo: skills-sentry — CLI, sample fixtures, and optional GitHub Action for PR scanning.)

CLI usage​

python skills_sentry.py scan ./some-skill-bundle --json out/report.json

python skills_sentry.py scan ./skill.zip --json out/report.json

python skills_sentry.py scan ./bundle --fail-on high --max-score 60

skills_sentry.py​

#!/usr/bin/env python3
from __future__ import annotations

import argparse
import json
import os
import re
import sys
import tempfile
import zipfile
from dataclasses import dataclass
from pathlib import Path
from typing import Iterable, List, Optional, Tuple


@dataclass
class Finding:
    severity: str  # low, medium, high
    rule_id: str
    message: str
    file: str
    line: Optional[int] = None
    excerpt: Optional[str] = None


RULES: List[Tuple[str, str, str, re.Pattern]] = [
    # rule_id, severity, message, regex
    (
        "REMOTE_SHELL_PIPE",
        "high",
        "Remote script piped to a shell is a classic supply-chain footgun.",
        re.compile(r"\b(curl|wget)\b.*\|\s*(sh|bash|zsh)\b", re.IGNORECASE),
    ),
    (
        "POWERSHELL_IWR_EXEC",
        "high",
        "PowerShell download-and-exec pattern detected.",
        re.compile(r"\b(iwr|Invoke-WebRequest)\b.*\|\s*(iex|Invoke-Expression)\b", re.IGNORECASE),
    ),
    (
        "BASE64_DECODE_EXEC",
        "high",
        "Base64 decode combined with execution often indicates obfuscation.",
        re.compile(r"(base64\s+-d|frombase64|atob)\b.*(sh|bash|powershell|python|node|eval)", re.IGNORECASE),
    ),
    (
        "EVAL_USAGE",
        "medium",
        "Eval usage is risky and commonly abused.",
        re.compile(r"\b(eval|Function)\s*\(", re.IGNORECASE),
    ),
    (
        "CHMOD_EXEC",
        "medium",
        "chmod +x during install is not always bad, but it increases risk.",
        re.compile(r"\bchmod\s+\+x\b", re.IGNORECASE),
    ),
    (
        "CRON_PERSISTENCE",
        "high",
        "Cron or scheduled task persistence hints at unwanted background behavior.",
        re.compile(r"\b(crontab|cron\.d|launchctl|LaunchAgents|schtasks)\b", re.IGNORECASE),
    ),
    (
        "SSH_KEY_TOUCH",
        "high",
        "Touching SSH keys or config is a red flag in a skill bundle.",
        re.compile(r"(\.ssh/|id_rsa|known_hosts|ssh_config)", re.IGNORECASE),
    ),
    (
        "ENV_SECRETS",
        "high",
        "Accessing env files or secrets is high risk in marketplace code.",
        re.compile(r"(\.env\b|dotenv|process\.env|os\.environ)", re.IGNORECASE),
    ),
    (
        "WALLET_KEYWORDS",
        "high",
        "Crypto wallet keywords detected. Treat as sensitive.",
        re.compile(r"\b(seed phrase|mnemonic|private key|wallet|metamask)\b", re.IGNORECASE),
    ),
    (
        "OBFUSCATED_BLOB",
        "medium",
        "Large encoded blobs often hide payloads.",
        re.compile(r"[A-Za-z0-9+/]{400,}={0,2}"),
    ),
]

TEXT_EXTS = {
    ".md", ".txt", ".json", ".yaml", ".yml", ".toml", ".ini",
    ".py", ".js", ".ts", ".tsx", ".sh", ".bash", ".zsh",
    ".ps1", ".bat", ".cmd", ".rb", ".go", ".java", ".php",
}

SKIP_DIRS = {".git", "node_modules", ".venv", "venv", "dist", "build", "__pycache__"}


def iter_files(root: Path) -> Iterable[Path]:
    for p in root.rglob("*"):
        if p.is_dir():
            continue
        if any(part in SKIP_DIRS for part in p.parts):
            continue
        yield p


def is_text_candidate(p: Path) -> bool:
    if p.suffix.lower() in TEXT_EXTS:
        return True
    try:
        return p.stat().st_size <= 512_000
    except OSError:
        return False


def read_lines(p: Path) -> List[str]:
    try:
        data = p.read_bytes()
    except OSError:
        return []
    if b"\x00" in data[:4096]:
        return []
    try:
        return data.decode("utf-8", errors="replace").splitlines()
    except Exception:
        return []


def scan_text_file(p: Path, root: Path) -> List[Finding]:
    rel = str(p.relative_to(root))
    lines = read_lines(p)
    findings: List[Finding] = []
    for idx, line in enumerate(lines, start=1):
        for rule_id, severity, message, pattern in RULES:
            if pattern.search(line):
                findings.append(
                    Finding(
                        severity=severity,
                        rule_id=rule_id,
                        message=message,
                        file=rel,
                        line=idx,
                        excerpt=line.strip()[:240],
                    )
                )
    return findings


def score(findings: List[Finding]) -> int:
    weights = {"low": 5, "medium": 15, "high": 30}
    raw = sum(weights.get(f.severity, 0) for f in findings)
    return min(100, raw)


def summarize(findings: List[Finding]) -> dict:
    by_sev = {"high": [], "medium": [], "low": []}
    for f in findings:
        by_sev.setdefault(f.severity, []).append(f)
    return {
        "counts": {k: len(v) for k, v in by_sev.items()},
        "findings": {
            k: [
                {"rule_id": x.rule_id, "message": x.message, "file": x.file, "line": x.line, "excerpt": x.excerpt}
                for x in v
            ]
            for k, v in by_sev.items()
        },
    }


def unpack_if_zip(path: Path) -> Path:
    if path.is_dir():
        return path
    if path.suffix.lower() != ".zip":
        raise ValueError("Input must be a folder or a .zip file.")
    tmp = Path(tempfile.mkdtemp(prefix="skills_sentry_"))
    with zipfile.ZipFile(path, "r") as z:
        z.extractall(tmp)
    return tmp


def scan_bundle(input_path: Path) -> Tuple[int, List[Finding], Path]:
    root = unpack_if_zip(input_path)
    findings: List[Finding] = []
    for f in iter_files(root):
        if not is_text_candidate(f):
            continue
        findings.extend(scan_text_file(f, root))
    return score(findings), findings, root


def fail_decision(findings: List[Finding], risk: int, fail_on: Optional[str], max_score: Optional[int]) -> bool:
    if max_score is not None and risk > max_score:
        return True
    if not fail_on:
        return False
    sev_rank = {"low": 1, "medium": 2, "high": 3}
    min_rank = sev_rank.get(fail_on.lower(), 3)
    for f in findings:
        if sev_rank.get(f.severity, 0) >= min_rank:
            return True
    return False


def main() -> int:
    ap = argparse.ArgumentParser(prog="skills_sentry", description="Static scanner for agent skill bundles.")
    sub = ap.add_subparsers(dest="cmd", required=True)
    scan = sub.add_parser("scan", help="Scan a folder or zip bundle and print a report.")
    scan.add_argument("path", help="Path to a skill folder or .zip bundle.")
    scan.add_argument("--json", dest="json_path", help="Write JSON report to this path.")
    scan.add_argument("--fail-on", choices=["low", "medium", "high"], help="Exit non-zero if findings at or above this severity exist.")
    scan.add_argument("--max-score", type=int, help="Exit non-zero if risk score exceeds this value (0-100).")
    args = ap.parse_args()
    input_path = Path(args.path).expanduser().resolve()
    try:
        risk, findings, root = scan_bundle(input_path)
    except Exception as e:
        print(f"ERROR: {e}", file=sys.stderr)
        return 2
    report = {"risk_score": risk, "root": str(root), **summarize(findings)}
    print(f"Risk score: {risk}/100")
    print(f"High: {report['counts']['high']}  Medium: {report['counts']['medium']}  Low: {report['counts']['low']}")
    if report["counts"]["high"] or report["counts"]["medium"]:
        print("\nTop findings:")
        shown = 0
        for sev in ["high", "medium", "low"]:
            for f in report["findings"][sev]:
                print(f"- [{sev.upper()}] {f['rule_id']} in {f['file']}:{f['line']}  {f['excerpt']}")
                shown += 1
                if shown >= 12:
                    break
            if shown >= 12:
                break
    if args.json_path:
        out = Path(args.json_path).expanduser().resolve()
        out.parent.mkdir(parents=True, exist_ok=True)
        out.write_text(json.dumps(report, indent=2), encoding="utf-8")
        print(f"\nWrote JSON report: {out}")
    should_fail = fail_decision(findings, risk, args.fail_on, args.max_score)
    return 1 if should_fail else 0


if __name__ == "__main__":
    raise SystemExit(main())

Example output​

Risk score: 75/100
High: 2  Medium: 1  Low: 0

Top findings:
- [HIGH] REMOTE_SHELL_PIPE in install.md:12  curl https://example.com/bootstrap.sh | bash
- [HIGH] ENV_SECRETS in src/agent.js:44  process.env.OPENAI_API_KEY
- [MEDIUM] CHMOD_EXEC in setup.sh:7  chmod +x ./bin/run

CI example​

name: Skill bundle scan
on:
  pull_request:
  push:
    branches: [main]
jobs:
  scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Run Skills Sentry
        run: |
          python skills_sentry.py scan . --fail-on high --max-score 60 --json out/report.json

# Run before you install or publish a skill bundle
python skills_sentry.py scan ./bundle --fail-on medium --max-score 40

What I Learned​

• "Top downloaded" is a threat signal, not a trust signal.
• Static scanning is worth it when the install path includes copy-paste commands.
• You need two gates: before install (static) and at runtime (permissioned, sandboxed).
• Heuristics work best as a policy tool: block the obvious, review the rest.
• If a skill needs secrets, it should declare them and fail closed without them. Silent fallbacks are where bad behavior hides.

References​

• malware found in the top downloaded skill on clawhub and so it begins (Daniel Lockyer)
• Here we go (Elon Musk)

The Hook AI in Drupal CMS 2.0 gets real value when the first week produces repeatable output, not one-off experiments. I wanted a simple kit that editors can plug into their workflow on day one: clear prompts, consistent tone, and fast QA.

The Hook Real AI adoption isn’t a tool swap—it’s a behavior shift, and the fastest wins come from shrinking the gap between “experiment” and “default workflow.”

Why I Built It I keep seeing teams try to “adopt AI” by picking a single model or product and calling it done. That’s not adoption; that’s procurement. The real problem is the messy middle: pilots that never scale, workflows that don’t stick, and uncertainty about which tasks are safe to automate. I wanted a clear, pragmatic map of what actually changes when a team moves from “AI as a demo” to “AI as a habit.”

The Solution Think of adoption as a pipeline: curiosity, narrow wins, repeatable workflows, then policy and tooling that make those workflows boring—in the best way.

What breaks:

• Over-indexing on demos. Flashy results don’t survive contact with real constraints—latency, privacy, or failure modes.
• Skipping the “repeatable” stage. If a workflow can’t be run by someone else on Tuesday at 2 p.m., it’s not a workflow.
• Ignoring risk gates. The jump from “try it” to “ship it” needs explicit checks.

The Code This topic is a process and culture play, not a single code artifact. For a concrete deliverable on agentic adoption and scaling lessons, see the Netomi agentic lessons playbook.

View Code

- One workflow with measurable time savings
- Clear handoff when the model is uncertain
- A fallback path that does not depend on AI
- A lightweight review step for high-risk outputs
- A feedback loop from users to improve prompts or tools

ai_risk_gate:
  low_risk:
    - internal_docs_drafts
    - boilerplate_code
  medium_risk:
    - customer_emails
    - data_transforms
  high_risk:
    - financial_outputs
    - legal_text
    - production_config_changes
  rule: "High risk requires human review before publish"

What I Learned

• “Adoption” fails when the team has no default path for uncertainty—always design the fallback first.
• Repeatable workflows beat one-off wins; the second run is where the truth shows up.
• Governance isn’t a blocker if it’s lightweight and explicit; it’s a trust accelerator.
• I’d avoid putting AI in any path that can’t degrade safely or be reviewed quickly.

References​

• Mitchell Hashimoto: My AI Adoption Journey

I can now treat a WordPress site like an MCP tool server—abilities become callable tools, which turns admin tasks into agent-friendly workflows.

Why I Built It I keep seeing teams wire ad‑hoc AI actions directly into plugins, and it’s brittle: no shared schema, no discoverability, and permissions are bolted on after the fact. WordPress’s Abilities API + the MCP Adapter give a structured path: define a capability once, let clients discover it, then let MCP-aware agents call it safely. That makes agent workflows reproducible instead of magical.

The Solution The MCP Adapter maps registered Abilities into MCP primitives (mostly tools) so AI clients can discover and execute them. The default adapter server exposes three discovery/exec tools and requires you to mark abilities as public for MCP access. For local dev, you can use STDIO transport via WP-CLI; for remote sites, a proxy can expose HTTP transport.

Here’s a minimal layout for an MCP server config (the adapter’s examples use mcpServers for Claude/Cursor, and servers for VS Code):

{
  "mcpServers": {
    "wordpress-mcp-server": {
      "command": "wp",
      "args": [
        "--path=/path/to/wordpress",
        "mcp-adapter",
        "serve",
        "--server=mcp-adapter-default-server",
        "--user=admin"
      ]
    }
  }
}

{
  "servers": {
    "wordpress-mcp-server": {
      "command": "wp",
      "args": [
        "--path=/path/to/wordpress",
        "mcp-adapter",
        "serve",
        "--server=mcp-adapter-default-server",
        "--user=admin"
      ]
    }
  }
}

Gotchas I’m watching:

• Abilities must be explicitly exposed for MCP access, otherwise they won’t show up via discovery.
• A “tool” is executable logic; if the ability is purely informational, you can map it as a resource instead to avoid accidental execution.
• STDIO is perfect for local experiments; HTTP needs stronger auth and operational guardrails.

The Code View Code

What I Learned

• Abilities give WordPress a stable, cross‑context contract that MCP can expose without custom glue. That’s a big step toward agent‑ready plugins.
• The adapter’s discovery/inspect/execute trio makes agents safer: they can introspect before acting instead of guessing.
• I’d keep production usage read‑only at first; mutate‑on‑call abilities need the same rigor as public REST routes.

References​

• From Abilities to AI Agents: Introducing the WordPress MCP Adapter
• WordPress Developer Blog

The Hook: I sketched a traffic forensics workflow around Pantheon’s new “top IPs / user agents / paths” metrics and turned it into a small, shippable reference so teams can spot noisy traffic fast and stop guessing where spikes come from.

Why I Built It Traffic anomalies are expensive to chase when the only thing you see is “visits went up.” The new Site Dashboard metrics (top IPs, user agents, and visited paths) give enough signal to separate “real users” from scrapers and misconfigured monitors. I wanted a repeatable process that turns those metrics into actions: block, throttle, or accept the noise — and a concrete artifact I can hand to someone else.

The Solution I modeled a triage flow that starts with path hotspots, then correlates user agents and IPs to decide whether the traffic is expected. The key is to treat these metrics like a lightweight incident triage tool, not a full analytics platform.

# Example pattern: block aggressive bot user agents
if ($http_user_agent ~* "(AhrefsBot|SemrushBot|MJ12bot)") {
  return 403;
}

# Example: rate limit a single noisy IP range
limit_req_zone $binary_remote_addr zone=perip:10m rate=10r/s;

- Mark the spike as “expected” in incident notes
- Capture the top 5 paths and user agents
- Recheck after 24 hours to confirm decay

The Code I packaged the workflow into a small, browsable repo with the diagrams, notes, and reference configs so it’s easy to reuse or extend. You can clone it or skim the key files here: View Code

What I Learned

• These “top traffic patterns” metrics are most useful as a triage trigger, not a reporting dashboard. Use them to decide “block or accept,” then move on — the repo keeps the decision tree repeatable.
• A single hot path is usually the fastest signal. If the path is unexpected, investigate immediately; if it’s expected, inspect user agents before touching IPs.
• Blocking by user agent is cheap but brittle. It’s worth doing for obvious bots, but you should pair it with rate limits so you don’t over-block legitimate clients.
• If you can’t explain a spike within 15 minutes using these metrics, escalate to full analytics—don’t waste hours in the dashboard.

References​

• Site Dashboard now reports traffic metrics for top IPs, user agents, and visited paths
• Pantheon Site Dashboard

Moltbook is a fast-moving AI-agent social network experiment, but recent reporting highlights serious security exposure risks. Based on those reports, I am not participating right now.

This is a structured exploration of how the UI Suite Initiative website could present UI Suite Monthly #33, themed around AI-powered design systems. The goal is to ship a page that is editorially clear, technically precise, and easy to extend when the issue content is finalized. I also built a small demo implementation so the structure is grounded in real code, not just a concept.

FlowDrop is a visual, drag-and-drop workflow editor for Drupal with AI integration hooks. The core project is moving quickly with Drupal 11 releases (0.5.1 shipped January 27, 2026), which makes it a good time to evaluate the AI-adjacent contrib pieces that plug into FlowDrop, especially FlowDrop Agents and FlowDrop Node Session.

I shipped a Drupal migrate mapping validator utility that catches broken mappings before they land in prod.

I outlined a practical stack for multilingual HTML email in Drupal using Mail Composer plus a dedicated HTML mailer, and packaged it as a small demo repo you can reference.

I mapped an intent-first framework for Elementor AI so outputs stay backward compatible, auditable, and reusable — and I turned it into a small demo repo you can browse.

I consolidated UI Suite Initiative updates into actionable review notes: Display Builder beta 2 and the Drupal Association World Cancer Day case study, plus a small demo module to keep the findings grounded.

I distilled WordPress 6.9.1 RC1 into a compatibility checklist for plugins and themes before the maintenance release landed. I also packaged the checklist and notes into a small repo so teams can clone it and wire it into their own QA flow.

I turned my Drupal Canvas Full HTML notes into a clear rollout guide and backed it with a runnable repo so teams can ship rich editing without breaking permissions.