Mark Wolfe's Avatar

Mark Wolfe

@mark.wolfe.id.au

Software Developer, Hardware Enthusiast and AWS wrangler.

23 Followers  |  71 Following  |  26 Posts  |  Joined: 30.08.2023  |  1.665

Latest posts by mark.wolfe.id.au on Bluesky

Preview
GitHub - anthropic-experimental/sandbox-runtime: A lightweight sandboxing tool for enforcing filesystem and network restrictions on arbitrary processes at the OS level, without requiring a container. A lightweight sandboxing tool for enforcing filesystem and network restrictions on arbitrary processes at the OS level, without requiring a container. - anthropic-experimental/sandbox-runtime

It is interesting to see forward proxies making a comeback in agent infrastructure github.com/anthropic-ex... I used claude to describe how this works, is quite interesting pulling this project apart. The structure highlights where security concerns with agents are. #ai #agents

25.10.2025 03:33 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
GitHub - wolfeidau/go-mcp-evals: A Go library and CLI for evaluating Model Context Protocol (MCP) servers using Claude. A Go library and CLI for evaluating Model Context Protocol (MCP) servers using Claude. - wolfeidau/go-mcp-evals

Been working on my own evals tool, for learning, as well as to have some control over how things work. LLMs really are a "unique" system to work with. Still new so lots to improve github.com/wolfeidau/go... #golang #evals #mcp

03.10.2025 10:18 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Can you change the expiration of an object yet? Needing to copy the object to extend it's expiration is a pain.

20.06.2025 09:25 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Amp Everything will change.

Just found out about ampcode.com new coding agent?! from @sourcegraph.com super keen to try it πŸ™ for invite. Also love the site design πŸ€– #agents #ai

08.05.2025 00:53 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Hardening GitHub Actions: Lessons from Recent Attacks | Wiz Blog Build resilient GitHub Actions workflows with insights from real attacks, missteps to avoid, and security tips GitHub’s docs don’t fully cover.

In light of recent GitHub Actions incidents (Ultralytics, tj-actions...), I wrote up a practical guide to hardening for @wizsecurity.bsky.social

Covers permissions, secrets, 3rd-party Actions, ++

Use it to avoid learning these lessons the hard way:
www.wiz.io/blog/github-...

05.05.2025 15:45 β€” πŸ‘ 7    πŸ” 4    πŸ’¬ 0    πŸ“Œ 0
Post image

Breakfast of champions and voting is done βœ… Great morning for a walk! #auspol

02.05.2025 23:36 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

What we are seeing is stricter enforcement.

So expect fewer software engineers (who can an often log on and do some remote while being a tourist!) to visit the US

In the past, this was not enforced: now it clearly is. And neither ESTA nor other tourist visas allow working remote, yes

19.04.2025 11:26 β€” πŸ‘ 54    πŸ” 14    πŸ’¬ 7    πŸ“Œ 6

Been really enjoying using MCP servers, it is interesting how they extend the capabilities of LLMs. That said, like anything you need to be careful and only MCP servers from trusted sources and ensure you review/vet code and docs they produce. πŸ€–

Overall I think they are positive. #MCP #AI #llms

16.04.2025 11:06 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Yeah I also encountered this recently, I think what was most frustrating and concerning was how it rejected the credentials...

09.04.2025 22:34 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Working in an office in the city for a few days certainly is a change of pace. Great being able to chat with colleagues without a box around everyone πŸ§‘β€πŸ’»

17.03.2025 21:39 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Go 1.24 interactive tour Weak pointers, faster maps, directory-scoped access, and more.

This interactive tour is fantastic way to learn about the new features in Go 1.24 antonz.org/go-1-24/ #golang

12.02.2025 21:14 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

We can only hope. #aws #ipv6

12.02.2025 02:00 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

AWS just released RCP examples to prevent OIDC misconfigurations from many third-party vendors. 😍 github.com/aws-samples/...

This prevents the problem I wrote about here: www.wiz.io/blog/avoidin...

07.02.2025 19:07 β€” πŸ‘ 25    πŸ” 6    πŸ’¬ 0    πŸ“Œ 1

Can't help but thank @anthropic.com Claude some times, using it to rubber duck an idea and it provides some options, writes some tests and benchmarks so I can tweak things further without writing whole lot of boilerplate. #golang #llms

01.02.2025 10:43 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
GitHub - deepseek-ai/DeepSeek-R1 Contribute to deepseek-ai/DeepSeek-R1 development by creating an account on GitHub.

This deepseek r1 one thing really has blown up, props to the team behind the model. Publishing this paper, and releasing the model with open weights is really cool. Well worth a read over the GitHub repo github.com/deepseek-ai/... #deepseek #llms

28.01.2025 06:52 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
GitHub - wolfeidau/lambda-otel-container: AWS Lambda deployed in a container with the OTEL extension. AWS Lambda deployed in a container with the OTEL extension. - wolfeidau/lambda-otel-container

Spent a couple of hours hacking on open telemetry for AWS lambda functions, what a fun journey, so much out of date information.

I am surprised I got it working, I had to go back to an old revision as things take a while to propagate. πŸ˜…πŸ”πŸͺ“ #AWS #OpenTelemetry #golang github.com/wolfeidau/la...

27.01.2025 04:16 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

β€œhow do i become more technical?” fuck something up & fix it. repeat

26.01.2025 17:15 β€” πŸ‘ 354    πŸ” 48    πŸ’¬ 25    πŸ“Œ 16
Post image

I definitely need to play with Zig now to decide how I feel about it.
I understand Mitchell Hashimoto's verdict of "it's funner than Rust" somewhat now, and I suspect I'll agree (not a high bar!).
I wonder how big those binaries will end up.

19.01.2025 02:39 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 2    πŸ“Œ 0
benchcmp command - golang.org/x/tools/cmd/benchcmp - Go Packages

I tend to do a manual comparison of two tags, or revisions using pkg.go.dev/golang.org/x... but you can go as far as using git bisect. You can take it even further like medium.com/@fzambia/bis... lots of options around git bisect. πŸ˜…

18.01.2025 21:07 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

When ever I start looking at performance of the code I am working on, I always find a few bugs. Adding a quick benchmark validates the codes behavior under load, and measures it's performance. As a bonus it also leaves a baseline for future changes. πŸ˜…πŸŽοΈπŸ” #golang

18.01.2025 05:20 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Gemini is now pinned on the top of my gmail app, do you need it? Nope... Well your getting it anyway... Can you turn it off? Nope... Forcing #AI on your users is all the rage... #gmail #google This video is so on point it hurts.

18.01.2025 02:57 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I am surprised just how useful @anthropic.com claude is when building out a GRPC / connectrpc.com service. It is a pretty steep learning curve, even for those with lots of backend experience, however the LLM helps you to navigate the new terminology and get things working quickly. πŸ˜… #golang #grpc

12.01.2025 01:39 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

It has been interesting how clueless @sourcegraph.com Cody is when editing cedar policies, and schema files. I need to figure out how to disable it for this file type as it is really annoying. Mostly of the time it is super helpful lol. #ai #coding

05.01.2025 01:14 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Cedar Language Playground

Currently catching up on the cedar policy language, which after the initial hype seems to have stalled a bit. That said with the help of some community resources, GitHub searches and the playground I managed to get it working. www.cedarpolicy.com/en/playground is really handy. #AWS #cedar #golang

05.01.2025 00:27 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Don’t Security Engineer Asymmetric Workloads The best way to keep up with cybersecurity research. Join >90,000 security professionals getting the best tools, talks, and resources right in their inbox for free.

Quick shout out to this excellent piece of work by @ramimac.me

tldrsec.com/p/dont-secur...

30.12.2024 02:20 β€” πŸ‘ 6    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
How to Say β€œNo” Well Security’s pivot from β€˜Department of No’ to β€˜Department of Yes’ misses the real lesson - how to say β€˜No’ the right way.

Lately, every BSides seems to have a talk on reframing security teams as a β€œDepartment of Yes”

We don’t hear nearly as much about the value of a well-considered, strategically deployed β€œNo”

I've pulled together guidance on giving a better, more constructive No:
ramimac.me/saying-no

30.12.2024 15:08 β€” πŸ‘ 21    πŸ” 10    πŸ’¬ 0    πŸ“Œ 0
Fresh banana bread still in the tin

Fresh banana bread still in the tin

Baked up some banana bread 🍌🍞 to have with coffee. #baking

25.12.2024 00:21 β€” πŸ‘ 3    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Go Vulnerability Management - The Go Programming Language

If dependabot vulnerabilities are getting you down at the moment, don't forget go.dev/doc/security... helps you understand what ACTUALLY effects your code... #golang #opensource

22.12.2024 04:29 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Yes, just merged a couple of PRs after our security software went bananas...

13.12.2024 01:45 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I agree, it is a mine field most devs won't bother navigating. #aws #ai

> Gaining API access to anything on AWS remains horrifyingly difficultβ€”seriously, 17 steps! Some day a PM at AWS is going to figure out that fixing this will have a material impact on Amazon’s bottom line.

04.12.2024 22:37 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@mark.wolfe.id.au is following 20 prominent accounts