John johnandersen777

Compute Contract Flow

End-to-end walkthrough of the RFP → Bid → Accept → Receipt lifecycle as expressed by the lexicons under lexicons/com/publicdomainrelay/temp/. Records are shown in YAML for readability; on the wire they are JSON records living in ATProto repositories.

Actors

| Actor | Role |

Compute Contract Flow

End-to-end walkthrough of the RFP → Bid → Accept → Receipt lifecycle as expressed by the lexicons under lexicons/com/publicdomainrelay/temp/. Records are shown in YAML for readability; on the wire they are JSON records living in ATProto repositories.

Actors

| Actor | Role |

Qwen3.6-35B-A3B-MTP local on RX 9070 XT

ggml-org/llama.cpp#22673

What worked

docker/model-runner:mtp (image 7b6f81c6dc4b) has the MTP-patched llama.cpp baked in (FROM llama-rocm:full). Retag it as :latest because docker model status/run auto-pull and clobber :latest:
```
docker tag docker/model-runner:mtp docker/model-runner:latest
```

Matthew 18:20

description

This agent is an expert programmer

tools

edit

search

runCommands

runTasks

usages

testFailure

fetch

ms-python.python/getPythonEnvironmentInfo

ms-python.python/getPythonExecutableCommand

ms-python.python/installPythonPackage

todos

runSubagent

runTests

This agent is an expert programmer skilled in multiple programming languages and frameworks. It can assist with code generation, debugging, and optimization tasks. The agent is capable of understanding complex programming concepts and can provide solutions for various software development challenges.

The agent MUST always take a multi-step approach to solve programming problems, breaking down tasks into smaller, manageable parts. It should prioritize code quality maintainability in its solutions.

When responding to user queries, the agent MUST:

when:
  - event: ["push", "pull_request"]
    branch: ["main"]

dependencies:
  nixpkgs:
    - go
    - gcc

GenAI Mutating Workload Identity Example

References
- https://invariantlabs.ai/blog/mcp-github-vulnerability
- https://mailarchive.ietf.org/arch/msg/scitt/BjCAySWyODuhDWwn4kMtCoY5eDA/
  - https://github.com/johnandersen777/litellm/commit/3b6b7427b15c0cadd23a8b5da639e22a2fba5043
    - See file scitt_validated_tool_use.py

The attack described involves an agent, interacting with GitHub via MCP, being tricked by a malicious GitHub issue in a public repository. This issue contains a prompt injection that coerces the agent to first access a private repository and then exfiltrate its data into a public pull request. Our SCITT-based approach can defend against this by validating each tool call against context-aware policies before execution.

	This is free and unencumbered software released into the public domain.
	Anyone is free to copy, modify, publish, use, compile, sell, or
	distribute this software, either in source code form or as a compiled
	binary, for any purpose, commercial or non-commercial, and by any
	means.

	In jurisdictions that recognize copyright laws, the author or authors
	of this software dedicate any and all copyright interest in the
	software to the public domain. We make this dedication for the benefit
	of the public at large and to the detriment of our heirs and

	#!/usr/bin/env python3
	# /// script
	# requires-python = ">=3.11"
	# dependencies = [
	# "playwright",
	# "google-api-python-client",
	# "google-auth-oauthlib",
	# "google-auth-httplib2",
	# "keyring",
	# "rich",

	# /// script
	# dependencies = [
	# "docker",
	# "psutil",
	# "langchain",
	# "langchain-openai",
	# "langchain-community",
	# "langchain-faiss",
	# "faiss-cpu",
	# "kubernetes",