More

coderinsan · 2025-07-07T17:53:31 1751910811

We power Tramlines.io, a platform that offers runtime guardrails to secure MCP interactions. Tools like Shortwave AI Email, when combined with MCP, open up rich capabilities—but also new attack surfaces. Tramlines acts as a protective layer to intercept and constrain malicious or unintended MCP tool usage

coderinsan · 2025-07-02T18:05:04 1751479504

We wrote a blogpost on the runtime guardrails tramlines.io powers to stop token bleeding that is common with browser automation MCPs like Playwright etc.

These guardrails should allow for smoother usage of Playwright with automation workflows in Claude Code, Cursor etc

coderinsan · 2025-06-09T17:18:36 1749489516

Hey everyone, It’s currently very difficult to block control flow and data flow exploit attacks on agentic AI systems. To demonstrate this, we built a dashboard that models specific tool call sequences to replicate real-world exploit scenarios.

coderinsan · 2025-06-09T05:33:02 1749447182

On another note it is ridiculously easy to find attack exploits for any of the popular MCP servers serving traffic. We build a dashboard where you can model exploits yourself - https://hack.mcpwned.com

coderinsan · 2025-06-08T23:47:48 1749426468

We wrote a fun tool where we trained an LLM to find end to end control flow, data flow exploits for any open source MCP server - https://hack.mcpwned.com/dashboard/scanner

coderinsan · 2025-06-06T19:28:37 1749238117

Check out the MCPwned scanner—it generates detailed control flow, data flow, and side channel exploits for popular MCP servers.

coderinsan · 2025-05-28T05:34:55 1748410495

Check out our project Mutahunter - we made use of LLMs to do the mutations at the AST level - https://github.com/codeintegrity-ai/mutahunter

coderinsan · 2025-05-21T19:36:42 1747856202

Our team has been running some interesting exploit scenarios within MCP interactions—mirroring the kinds of events an EDP would typically log on a Mac. This led us to build an EDP for Mac, paired with a purpose-built SIEM designed to analyze MCP logs.

We’re now opening a waitlist for the private beta.

coderinsan · 2025-04-28T01:29:18 1745803758

Venture backed thing on language agnostic semantic mutation testing- testcode.ai

coderinsan · 2025-03-20T20:13:53 1742501633

In today’s rapidly expanding world of AI development tooling, vibe coders—regardless of their software engineering background—are effectively rate-limited for production cases by how quickly and how early in the development cycle they can test their code.

Because the quality of LLM-generated code depends on both prompt quality and a developer’s software experience, writing code faster with LLMs puts more stress on these constraints, often resulting in reduced code quality.

As we move further “to the right” in the dev cycle, the cost and duration of software testing grow exponentially. Vibe code is harder to test, slowing the testing process and ultimately restricting software development speed—undermining the very benefits of vibe coding.

Our goal is to minimally reduce the efficiency gains of vibe coding while fully leveraging trusted shift-left testing approaches.

At https://testcode.ai/products, we are pushing for mutation testing to become the standard companion for vibe coders. Highly targeted semantic mutations optimally challenge the seams of vibe code, giving vibe coders the confidence to keep shipping code while knowing that edge cases are being covered.