AI Agents
OpenInspect
Open-source, self-hostable infrastructure for background coding agents that run in cloud dev environments and turn team workflows into reviewable pull requests.
View project
Hi, I’m Cole - Founder of CM Engineering
I help B2B SaaS teams ship production AI, harden LLM security, and uplevel engineering workflows. Previously, Co-founder & CTO at Empiric.
Projects
See all projectsplaten.ai - An AI writer that rivals or surpasses human capabilities
platen.ai is an AI writer that leverages the latest advancements in GPT-4 to generate high-quality content at scale. Learn more about the journey and the future of platen.ai.
View project
Building a Self-driving Robot in a Weekend
Learn about my journey to build a self-driving robot in a weekend for a hackathon, including the unexpected challenges and key learnings along the way.
View project
Recent Writing
See all postsHow Cline Was Compromised: Prompt Injection and Dangling Commits in the Cline Supply Chain Attack
A deep dive into the Cline compromise: how an attacker used a GitHub dangling commit, a typosquatted account, and prompt injection against an AI triage agent to achieve remote code execution on Cline's GitHub Actions CI/CD runners.
Read more
How CodeQL Could Have Detected the Critical n8n Vulnerability (CVE-2026-21858)
A deep dive into why traditional SAST tools missed the CVSS 10.0 n8n vulnerability and how CodeQL's taint tracking with barriers can detect this class of missing validation bugs.
Read more
Detecting n8n's Git Node RCE Vulnerability with CodeQL (CVE-2026-21877)
How a missing path validation check in n8n's Git node enabled authenticated RCE, and how CodeQL's taint tracking can catch this pattern of external library bypass vulnerabilities.
Read more