| Follow @lancinimarco | Subscribe to CloudSecList

Applied AI for Security & Engineering

A collection of posts on applying AI and LLMs to real security and engineering work: building AI tools, automating operations, and rethinking everyday workflows.

This is the high-level outline of the different sections:

How to make your content interactive by building a conversational knowledge base. A practical walkthrough using CloudSecList, LLMs, and Cloudflare Workers.

    • AI - RAG Pipeline
    • AI - Query & Retrieval
    • Website (Static Hosting)
    • Deployment (CI/CD)
    • Security Guardrails

Tested three approaches to automating security questionnaires with AI: expensive SaaS vendors, custom RAG solutions, and direct LLM use. Skip the vendors and try these alternatives instead.

    • [Option 1] SaaS Vendors: the quick and (not so) easy option
    • [Option 2] Build your own RAG
    • [Option 3] Just use ChatGPT/Claude
    • Conclusions

A walkthrough of my Claude Code setup across a multi-project monorepo: global settings, safety guardrails, a context/plan/code workflow, subagents and plugins, and the StarCraft-themed customisations that make the terminal feel like mine.

    • Global Settings
    • Guardrails
    • Development Workflow
    • Agents
    • Skills
    • Plugins
    • Remote Control
    • Customisation

I redesigned the CloudSecList landing page using Claude Design and Claude Code. The interesting part of the workflow was what didn't get automated.

    • Phase 1: Getting a mockup
    • Phase 2: From mockup to code
    • Phase 3: What about the rest of the website?
    • What didn't get faster
    • Conclusions

A Claude Code Routine that triages every Renovate PR by risk, flags dead deps, and catches deprecated framework configs before I touch the diff.

    • The Renovate Setup
    • The Claude Skill
    • The Claude Code Routine
    • Putting It to Work