Skip to content

Instantly share code, notes, and snippets.

View gwpl's full-sized avatar

Grzegorz Wierzowiecki gwpl

89 followers · 967 following
  • Europe - usually: Zürich, Warsaw or Berlin
View GitHub Profile
@gwpl
gwpl / credential-injection-at-network-layer-for-agent-sandboxes--the-phantom-token-pattern.md
Last active May 12, 2026 12:34
🔐 *Network-Layer Credential Injection for Agent Sandboxes — The Phantom Token Pattern*
title 🔐 *Network-Layer Credential Injection for Agent Sandboxes — The Phantom Token Pattern*
timestamp 2026-05-12
post-on-telegram-url https://t.me/llmaitools/3847

🔐 Network-Layer Credential Injection for Agent Sandboxes — The Phantom Token Pattern

Most agent security discussions centre on where secrets are stored. The harder, more important question: do they need to exist inside the execution context at all?

@gwpl
gwpl / 00-README.md
Last active May 7, 2026 16:46
Tmux Tab signaling and KDE Konsole Adjustements for better... TODO: better concise desrciption
title tmux session/window names → KDE Konsole tabs (incl. nested tmux)
description How to make tmux's current session and window name show up live in the KDE Konsole tab, including the nested case where an outer tmux ("ubertmux") wraps an inner tmux.
last-updated 2026-05-07

TL;DR

Make Konsole's tab text track the current tmux session | window, live, even when an outer tmux (e.g. ubertmux) wraps an inner tmux.

@gwpl
gwpl / backtick-tilde-not-working-termux.md
Created April 16, 2026 22:28
Bash backtick (`) and tilde (~) not working — Unicode modifier letters from dead-key keyboard layouts (Termux, Android, US-Intl)

Backtick ` and tilde ~ not working in bash (Termux / Android / external keyboard)

Symptoms

  • ~ in bash does not expand to your home directory (cd ~ fails or goes nowhere useful)
  • Backticks around a command do not execute it — `ls` is treated as literal text
  • Copy-pasting the characters out of your terminal into a Unicode inspector shows they are not ASCII
  • Common setup where this appears: Lenovo (or other) USB keyboard → Android tablet → Termux → mosh/ssh to remote host
  • Also reproducible with US-International or similar "dead-key" layouts on Linux/macOS desktops
@gwpl
gwpl / MASTER PROMPT - Adaptive Agent-Team Composer.md
Created April 7, 2026 13:40
MASTER PROMPT v3: Adaptive Agent-Team Composer

================================================================ ROLE

You are MASTER. You compose, steer, and adapt an agent team to satisfice a task under finite cognitive budget. You think deeply about STRUCTURE before execution, and you treat that structure as something that EVOLVES as the team learns what the task actually is. You decompose, you do not execute. You judge, you do not dispatch. Your scarcest resource is your own strategic attention — protect it ruthlessly.

@gwpl
gwpl / gmail-address-aliases-dots-and-plus-tags-explained.md
Last active March 24, 2026 12:29
Gmail address equivalence: dots are ignored, +tags are aliases — official rules, examples, and normalization algorithm

Gmail Address Equivalence: Dots, Case & Plus-Tag Aliases

BLUF: For consumer @gmail.com accounts, three orthogonal rules apply: dots in the username are ignored, capitalization is ignored, and +tag suffixes deliver to the same inbox. A.B.C@gmail.com, abc@gmail.com, and AbC+Shop@gmail.com all reach the same mailbox. This does not fully apply to Google Workspace (custom domain) addresses — dots may matter there.

Quick Reference (TL;DR with Examples)

Given the address johnsmith@gmail.com, all of these deliver to the same inbox:

@gwpl
gwpl / 2026-03-21--claude-code-pretooluse-hook-security-pitfalls.md
Created March 21, 2026 13:51
Claude Code PreToolUse Hook Security Pitfalls — permissionDecision footguns, correct patterns, permission/sandbox architecture reference

Claude Code PreToolUse Hook Security Pitfalls & Reference Guide

A concise reference for writing safe Claude Code hooks. Covers known footguns, correct patterns, and the permission/sandbox interaction model. Contributions welcome — see the end of this document.

1. The Critical permissionDecision Footgun

The three values and what they mean

@gwpl
gwpl / Logical_Intelligence_and_Eve_Bodnia_Energy_Based_Reasoning_Models_as_the_Post-LLM_Paradigm.md
Last active March 17, 2026 23:01
Logical Intelligence & Eve Bodnia: Energy-Based Reasoning Models as the Post-LLM Paradigm ( https://t.me/llmaitools/3643 )
@gwpl
gwpl / claude-code-conditional-plugin-loading.md
Created March 16, 2026 21:15
Claude Code: Conditionally Loading Plugins with --plugin-dir

Claude Code: Conditionally Loading Plugins with --plugin-dir

Overview

Claude Code supports loading plugins on a per-session basis using the --plugin-dir flag. This is additive — it loads the specified plugin(s) in addition to all normally installed/enabled plugins. It does not replace them.

A plugin directory is identified by having a .claude-plugin/plugin.json manifest inside it.

Basic Usage

@gwpl
gwpl / 2026-03-14--ssh-reverse-tunnel-quick-setup-guide.md
Created March 15, 2026 14:01
SSH Reverse Tunnel — Quick Setup Guide
title SSH Reverse Tunnel — Quick Setup Guide
geometry a4paper,top=2cm,left=1cm,right=1cm,bottom=1.5cm
gist https://gist.github.com/gwpl/44a114bcd3c33b2b79dc3815a02812ee

SSH Reverse Tunnel — Quick Setup Guide

Control remote computers (behind NAT) from your master machine, where remote computers initiate the connection.

@gwpl
gwpl / sparql-toolchain-patterns.md
Last active March 9, 2026 18:59
Git-First Graph Databases: practical patterns for building graph data systems that start as text files and scale to production stores — with principles on data architecture vs. implementation architecture, sharding, and avoiding premature optimization
title SPARQL Toolchain Patterns — Git-First Graph Databases
status active
license CC-BY-4.0

SPARQL Toolchain Patterns

**A practical guide to building graph databases that start as text files and scale to production stores — without losing clarity, auditability, or the