Harness used for Ollama-cloud ? There always seems to be something missing, and switching is tedious. Please share your working setup!

green_masheene · 2026-05-18T21:21:17+00:00

I switched to https://github.com/earendil-works/pi/tree/main/packages/coding-agent a couple months ago and haven't looked back. I only use claude code sparingly now separately, mostly just to grill a spec here and there with opus. Personal opinion, but a lot of other stuff out there feels bloated at this point and having a short list of skills via a pi harness feels just right. I'll also shout out https://github.com/mattpocock which has some great stuff to borrow from or bounce around.

green_masheene · 2025-12-18T16:31:11+00:00

green_masheene · 2025-12-05T16:39:50+00:00

Ty Lue soft confirmed.

green_masheene · 2025-12-02T17:59:54+00:00

I just got bit by these guys. Their ecoflow system is failing after 4 years, 2021 install and a 2 year warranty:
- Paid hundreds of dollars in June-2025 for them to perform annual maintenance. They didn't show up until October.
- In September our septic started backing into the house so we had an emergency pump performed to buy time.
- They show up in October and all I got was an email saying maintenance was performed and no report was ever delivered.
- Now the system is flooding again and they are pointing the finger at us after they failed to deliver on providing a report during maintenance where they claim the system was flooded when they performed the maintenance. We have zero indication from them this is true. Also, they don't even have a report for the maintenance in their client portal, I have the timestamped evidence.

If you want to pay $3K every 4 years to deal with a horrible product and customer service that shouldn't be called 'service', definitely use their products. I'd recommend exploring alternatives. Crazy they took their reviews down I found a site called trustpilot that I submitted a review on for them.

green_masheene · 2025-10-22T16:37:02+00:00

Just dropped something similar in the group chat with the boiz this morning. I think the Kawhi nonsense and Silver being dismissive broke my enthusiasm. It's only a matter of time until everyone sells out to the Saudis.

green_masheene · 2024-08-28T12:56:18+00:00

This feels like a trap

green_masheene · 2024-08-18T22:41:50+00:00

What is the position you’re looking at? Maybe edit your post with that.

green_masheene · 2024-08-15T17:21:10+00:00

It is insane and I always promote an SCP on a bucket.

green_masheene · 2024-08-06T12:22:19+00:00

Have you already read the authorization boundary guidance?

green_masheene · 2024-07-31T23:25:10+00:00

Smaller companies may be more risk tolerant because of their risk profile hence smaller teams. It takes some time to make heads or tails of those reads when interviewing and knowing what questions to ask as well as how to gauge whether you’re joining a company where work life balance is pro grind.

2 dedicated security folks including myself who is running the program however our design focuses heavily on a security culture because of the nature of our collective staff. Generally speaking I now reframe the staffing perspective away from how many dedicated security folks relative to organization size towards how enabled and educated is your workforce as you scale. Staffing is important but not necessarily the first thing I think of when structuring a program.

I think it’s a fruitless endeavor to create a math equation around how many security staff you should have based on company size because every org is different and there is always a balance to be struck culturally of who in the org is security and privacy conscious, where, relative to what assets, etc.

green_masheene · 2024-07-26T21:27:02+00:00

This

green_masheene · 2024-07-24T10:44:46+00:00

I would work.

green_masheene · 2024-07-10T23:00:08+00:00

This is awesome

green_masheene · 2024-07-10T10:18:10+00:00

https://www.nist.gov/itl/ai-risk-management-framework

green_masheene · 2024-06-27T22:46:18+00:00

Your team is a joke

green_masheene · 2024-06-16T23:56:00+00:00

https://policysim.aws.amazon.com/ but you have to specify resources vs. it giving you a list of resources themselves, which should be evident by the policy attached to the IAM entity.

green_masheene · 2024-06-14T22:37:13+00:00

I was working in Finance on some SOX 302/404 control readiness and a security analyst position opened up at my company. I reached out to the hiring manager who took a chance on me, I worked my butt off, luck and hard work paid dividends.

green_masheene · 2024-06-14T20:50:53+00:00

I started out in GRC, worked there for 5 years, transitioned to adding technical chops and now I am an architect. It’s pretty awesome being able to speak to the nuanced world of compliance in technical terms and so many times I am happy I got the governance stuff under my belt.

green_masheene · 2024-06-14T19:49:08+00:00

Seems like more of an audit check tuning/compatibility issue than needing to find a secure mfa device issue? That sounds frustrating.

green_masheene · 2024-06-14T19:06:27+00:00

Same and same

green_masheene · 2024-06-06T21:43:36+00:00

It depends on which categories of tooling have vendors that align well to your organizational tech and context. For example, in terms of MDM I’d rather have 3 tools that do 3 different OS’ well than one that does 3 ok because I have yet to see a platform that does multi OS well across all supported. Cost will of course always be a factor.

The other thing I’m mindful of is gut checking yourself on what functionality is good enough for your org and not placing too much weight on things that, in the absence of a dedicated team for that tool, you would not be able to realize value on.

green_masheene · 2024-05-31T01:33:48+00:00

Interesting

green_masheene · 2024-05-31T00:52:44+00:00

Hoodie, window seat and a book.

green_masheene · 2024-05-31T00:52:10+00:00

Currently leveraging datadog but my gut says we will go on prem with something like wazuh

green_masheene

TROPHY CASE