wp-playground-bot

Code Review Skills — Evidence-Based Security Review Patterns

This gist bundles 20 security-focused code review skills as a single reference. Files are numbered 01- through 20- to match the ordering below.

20 code review skills extracted from the analysis of 300+ real-world bugs in major open source projects (200 missed in review, 106 caught before exploitation). Each skill is grounded in specific CVEs, security advisories, published audit findings, and documented review processes from projects including the Linux kernel, OpenSSL, Chromium, Firefox, curl, Go, Rust, Kubernetes, and dozens more.

karpathy

LLM Wiki

A pattern for building personal knowledge bases using LLMs.

This is an idea file, it is designed to be copy pasted to your own LLM Agent (e.g. OpenAI Codex, Claude Code, OpenCode / Pi, or etc.). Its goal is to communicate the high level idea, but your agent will build out the specifics in collaboration with you.

The core idea

Most people's experience with LLMs and documents looks like RAG: you upload a collection of files, the LLM retrieves relevant chunks at query time, and generates an answer. This works, but the LLM is rediscovering knowledge from scratch on every question. There's no accumulation. Ask a subtle question that requires synthesizing five documents, and the LLM has to find and piece together the relevant fragments every time. Nothing is built up. NotebookLM, ChatGPT file uploads, and most RAG systems work this way.

farzaa

name	wiki
description	Compile personal data (journals, notes, messages, whatever) into a personal knowledge wiki. Ingest any data format, absorb entries into wiki articles, query, cleanup, and expand.
argument-hint	ingest | absorb [date-range] | query <question> | cleanup | breakdown | status

Personal Knowledge Wiki

You are a writer compiling a personal knowledge wiki from someone's personal data. Not a filing clerk. A writer. Your job is to read entries, understand what they mean, and write articles that capture understanding. The wiki is a map of a mind.

jdoss

Decrypt LUKS volumes with a TPM on Fedora Linux

This guide allows you to use the TPM on your computer to decrypt your LUKS encrypted volumes. If you are worried about a cold boot attack on your hardware please DO NOT use this guide with your root volume!

Preflight Checks

Verify that you have a TPM in your computer:

# systemd-cryptenroll --tpm2-device=list
PATH DEVICE DRIVER

darconeous

Tesla Key Card Protocol

Researched by Robert Quattlebaum darco@deepdarc.com.

Last updated 2020-02-03.

ssstonebraker

Note: I did not author this, i found it somehwere.

Active Directory Attacks

Summary

• Tools
• Most common paths to AD compromise
  • MS14-068 (Microsoft Kerberos Checksum Validation Vulnerability)
  • Open Shares
• [GPO - Pivoting with Local Admin

riaf

Sync Your Shell PATH to macOS GUI Apps Manually with This Script

The Problem

Are you struggling with macOS GUI applications (like IDEs, text editors, or other tools launched from Finder or Spotlight) not finding command-line tools installed via Homebrew (/opt/homebrew/bin), MacPorts, or in custom directories like ~/bin or /usr/local/bin? This happens because GUI applications on macOS do not automatically inherit the PATH environment variable set by your login shell configuration files (like .zshenv, .zprofile, .bash_profile, or .bashrc). Your carefully configured shell PATH works in the Terminal, but GUI apps remain unaware of it.

The Solution

This Bash script provides a simple, manual way to apply the PATH from your current Terminal session to the macOS GUI environment. Instead of complex automatic synchronization, you run this script whenever you want to update the PATH that GUI applications will use.

buzz

#!/usr/bin/env python3
"""
Transplant extra tensors (e.g. MTP layers) from one GGUF file into another,
producing a mixed-quantization GGUF.

Note: Tested with ik_llama.cpp GGUF Python module.

Usage:
    python convert.py <target.gguf> <source.gguf> <output.gguf>