DEV Community: Tilak Dave

Your AI coding agent is installing vulnerable packages. I built the fix.

Tilak Dave — Thu, 19 Mar 2026 15:11:53 +0000

This article was originally published at tiluckdave.in

I asked Claude Code to set up an Express API with auth. It installed 23 packages in under a minute. Scaffolded routes, middleware, database layer — clean code, well-structured, ready to ship.

Three of those packages had known critical vulnerabilities. One had a CVSS score of 9.8.

Claude didn't mention it. It didn't know.

This affects you right now

If you use Claude Code, Cursor, Copilot, or any AI coding agent — your agent is recommending and installing packages based on popularity and relevance. Not security. Not license compatibility. Not whether the package was last updated in 2021.

npm audit exists. Snyk exists. Socket exists. But these are human tools — they require a human to run them, read the output, and decide what to do. Your AI agent doesn't use any of them. It just installs and moves on.

Think about how you work with AI agents now. You ask for a feature. The agent picks libraries, installs them, writes code, and you review the output. At no point in that workflow does anyone — human or AI — check whether those dependencies are safe.

Every project you've built with an AI agent likely has unreviewed vulnerabilities in its dependency tree. The 2024 State of Open Source Security report found the average application carries 49 of them.

I built Hound because this gap shouldn't exist.

Hound running hound_inspect on requests@2.31.0 — vulnerabilities, license, and publish date in one call

60 seconds to fix it

One command. No API keys. No accounts. No config files.

claude mcp add hound -- npx -y hound-mcp

That's it. Your AI agent now has 12 security tools it can use automatically — vulnerability scanning, license checking, typosquat detection, dependency auditing — across npm, PyPI, Go, Cargo, Maven, NuGet, and RubyGems.

You don't learn the tools. You don't configure anything. You just keep working the way you already do, and your agent starts making safer decisions.

Using Cursor, Windsurf, or Claude Desktop? Add this to your MCP config:

{
  "mcpServers": {
    "hound": {
      "command": "npx",
      "args": ["-y", "hound-mcp"]
    }
  }
}

VS Code Copilot:

{
  "mcp": {
    "servers": {
      "hound": {
        "type": "stdio",
        "command": "npx",
        "args": ["-y", "hound-mcp"]
      }
    }
  }
}

Tip: Config file locations: Claude Desktop (macOS) at ~/Library/Application Support/Claude/claude_desktop_config.json, Cursor at ~/.cursor/mcp.json, Windsurf at ~/.codeium/windsurf/mcp_config.json.

What your agent can do now

"Audit this project"

You join a new team. Inherit a codebase. Say "audit the dependencies for security issues" and your agent reads the lockfile and runs hound_audit:

🐕 Hound Audit — package-lock.json
══════════════════════════════════════════════════
Scanned 142 packages

🔴 CRITICAL — 2 packages
──────────────────────────────
  lodash@4.17.20
    GHSA-35jh-r3h4-6jhm · Prototype pollution via zipObjectDeep
    Fix: upgrade to 4.17.21

  axios@0.21.1
    GHSA-42xw-2xvc-qx8m · Server-side request forgery
    Fix: upgrade to 0.21.2

🟠 HIGH — 1 package
──────────────────────────────
  minimist@1.2.5
    GHSA-xvch-5gv4-984h · Prototype pollution
    Fix: upgrade to 1.2.6

✅ 139 packages clean

Source: OSV.dev

142 packages. Three flagged. Fix versions included. The agent upgrades them without you reading a single line of audit output. That's the entire workflow — you say "audit", it's done.

"Is this package safe to install?"

Before your agent runs npm install, it can now check first:

🚫 Pre-install check: lodash@4.17.20 (npm)
════════════════════════════════════════════════════════════
Verdict: NO-GO

🚫 Blockers
──────────────────────────────
  • 2 CRITICAL/HIGH vulnerabilities known for this version

⚠️  Warnings
──────────────────────────────
  • Package version is 3 year(s) old — may be abandoned

💡 Run hound_vulns for full vulnerability details.
💡 Run hound_upgrade to find a safe version.

GO. CAUTION. NO-GO. A clear verdict your agent can act on — pick a safe version, suggest an alternative, or warn you before proceeding.

"Express or Fastify?"

Instead of guessing or Googling, your agent compares with actual security data:

⚖️  Package Comparison (npm)
══════════════════════════════════════════════════
                        express         fastify
──────────────────────────────────────────────────
Version                 4.18.2          4.26.2
Vulnerabilities         0               0
OpenSSF Scorecard       6.8/10          7.2/10
Stars                   64,128          31,204
Days since release      821             45
License                 MIT             MIT

🏆 Recommendation: fastify
   More recently maintained and slightly higher security score.

Not "which one is more popular" — which one is actively maintained, has better security practices, and was updated this century.

"Is this a real package or a typosquat?"

Supply chain attacks use package names that are one character off from popular libraries. hound_typosquat generates likely variants and checks if they exist in the registry — catching attacks like lodahs or axois before they land in your lockfile.

Watch the full demo →

All 12 tools

You'll use three or four daily. The rest are there when you need them.

Tool	What it does
`hound_audit`	Scan an entire lockfile for vulnerabilities
`hound_preinstall`	GO / CAUTION / NO-GO before installing
`hound_score`	0–100 health score with letter grade (A–F)
`hound_compare`	Side-by-side two packages with a recommendation
`hound_upgrade`	Find the minimum safe version that fixes all vulns
`hound_vulns`	All known CVEs for a specific package version
`hound_inspect`	Full package profile — license, vulns, scorecard, stars
`hound_license_check`	Scan a lockfile against a license policy
`hound_tree`	Full resolved dependency tree with transitive deps
`hound_typosquat`	Detect typosquatting variants of a package name
`hound_advisories`	Full advisory details by GHSA, CVE, or OSV ID
`hound_popular`	Scan popular packages in an ecosystem for vulns

Works across seven ecosystems: npm, PyPI, Go, Maven, Cargo, NuGet, and RubyGems. Same tools, same output, regardless of language.

Three built-in prompts — security_audit, package_evaluation, and pre_release_check — chain these tools into multi-step workflows your agent follows automatically.

Why zero config is non-negotiable

Most security tools: sign up → generate API key → set env vars → configure YAML → maybe install a GitHub App → restart your editor. Each step is small. Together they're enough friction that most developers never bother.

Hound uses two free, unauthenticated public APIs maintained by Google: deps.dev for package metadata and OpenSSF Scorecards, and OSV for vulnerability data. No keys, no tokens, no accounts.

This is a hard rule, not a temporary shortcut. It's in the contributing guidelines: Hound must stay zero-config and free forever. PRs that require API keys don't get merged.

The people who need security tooling most — solo developers, students, early-stage startups, open source maintainers — are the ones least likely to pay for it. Hound is built for them.

How it works under the hood

Hound is an MCP server — Model Context Protocol, an open standard by Anthropic that lets AI agents talk to external tools through a unified interface. Think USB-C for AI: one plug, any tool, any agent.

It runs as a local subprocess on your machine. When your agent calls a Hound tool, the request stays local — Hound reads your lockfile, queries the two Google APIs over HTTPS, and returns formatted results. Your code never leaves your machine.

The lockfile parser handles six formats natively — package-lock.json, yarn.lock, pnpm-lock.yaml, requirements.txt, Cargo.lock, and go.sum — with pure TypeScript regex, no external parser dependencies. The batch query to OSV checks up to 100 packages in a single API call, which is why a full audit takes seconds, not minutes.

What's coming

hound_diff — compare two lockfile snapshots to catch newly introduced risks in PRs
GitHub Action — run hound_audit as an automated PR check, no AI agent required
Docker support — Hound in CI/CD pipelines
Bun and Gradle parsers — more ecosystems, more coverage

Try it, break it, improve it

Hound is MIT-licensed and open for contributions. The codebase is TypeScript, tests use Vitest, CI runs across Node 18, 20, and 22.

If you've never contributed to open source before — the issues labeled good first issue are genuinely approachable. Adding lockfile parser tests, extracting duplicated constants, fixing version string inconsistencies. Real issues, real impact, good entry points.

If you've used Hound and something broke or felt wrong — open an issue. That's equally valuable.

The one rule: zero config, free forever.

GitHub · npm · Issues · Discussions

Communication

Tilak Dave — Mon, 16 Mar 2026 20:14:10 +0000

This article was originally published at tiluckdave.in

Precision beats vocabulary

If a word can mean anything, it means nothing
Don't tell people to imagine — show them
Replace "good" with proof

Frame like a leader

Problems you solve > problems others create
"I fixed it" is junior. "I fixed it and it won't happen again" is senior

Read the room, switch the gear

Same information, different audience, different words
Anchor in their world, stay there
Match what they care about, not what you care about

Confidence lives in your language

If it's done, say it's done — never "should be"

Who Am I?

Tilak Dave — Tue, 10 Mar 2026 13:09:07 +0000

This article was originally published at tiluckdave.in

I'm Tilak. I'm 22. I build software.

That sentence is both completely true and somehow not enough.

Road Rash

I grew up in Akola, Maharashtra, India — though my roots are in Rajasthan. Small city. Regular life. My dad worked a regular job and at some point his office laptop came home, the kind companies let employees buy out after a few years of service.

My brother and I used to fight over it to play Road Rash.

That laptop was our whole world for a while. I don't remember exactly when the fighting stopped being about games and started being about something else — about figuring out what the machine could actually do, what lived inside it, why it worked the way it did. But I remember being in school and making PowerPoint presentations with animations in them while my classmates and teachers stared like I had done something remarkable.

I hadn't. I had just spent more time on the computer than they had.

But that look — that moment of being the person in the room who understood something others didn't — I chased it without knowing I was chasing it. I started showing off my computer knowledge at school, to friends, to teachers. No one else knew how to make slides move. No one else knew the shortcuts. I was the kid people came to when the projector acted up or the file wouldn't open.

It sounds small. But that feeling of being useful with a machine — of understanding something invisible — is where everything started.

From there I kept going deeper. CS50 on YouTube. Long hours just reading, clicking around, breaking things to see what happened. By the time I had to decide what to study, there was never really a decision to make. I just knew.

The Road Not Taken

When I was finishing school, most of my batchmates were preparing for 11th and 12th and then JEE — the standard path, the rat race everyone quietly agreed to run without asking why. Top college, four-year degree, placement.

I took a different road. I enrolled in a Diploma in Computer Engineering at Government Polytechnic Pune.

It was both a practical and a strategic decision. The diploma was three years, then the degree was three more — same total time as the traditional path. But instead of spending two of those years writing English passages and memorising theorems I'd never use, I was building things. Actual things. Websites. Applications. Real projects.

While my friends back home were still in the theory phase of their education, I already had years of practical work under my hands. That head start mattered more than any entrance exam rank ever could have.

I don't regret it for a second. I'd make the same choice again tomorrow.

16 and Alone in Pune

I was 16 when I moved to Pune. I had never lived away from home.

The first few weeks felt like freedom. Genuinely — I had wanted this. A new city, no curfew, no one watching. It felt like the beginning of something.

Then I had my first bad day.

I don't remember exactly what it was — a bad result, an argument, just one of those days where nothing works and everything feels heavy. What I remember is coming back to my room and realising there was no one to sit with. No one to rant to. No familiar smell from the kitchen, no plate of food waiting, no voice asking how my day went. I had to do my own laundry. Cook my own meals. Handle my own problems. Then go to sleep and do it all again tomorrow.

I cried. I genuinely hated it for a while.

Then slowly, bit by bit, I got better at it. Not just at the chores — at being a person on my own. You learn things when you're alone that you can't learn any other way. How finances actually work. That not everyone who smiles at you is your friend. How to say no. How to read people without the safety net of a support system cushioning every interaction.

Pune shaped me from the inside. I'm grateful for every hard part of it.

I think everyone should live alone for at least a few years — not because it's romantic or noble, but because it's honest. You find out who you actually are when there's nobody else's version of you to live up to.

Six years after leaving home at 16, I graduated from Vishwakarma Institute of Technology in 2025.

Graduation, 2025 — VIT Pune

Nobody Taught Me

Nobody taught me to code. I mean, technically people did — there were teachers, and CS50, and a hundred tutorials. But the real learning didn't happen in any classroom.

The hardest part of learning to code is starting. The second hardest part is the phase after starting — when you've gotten far enough to know how much you don't understand, and everything feels impossible, and you don't know why anything works. I spent a long time in that second place. Longer than I'd like to admit.

What pulled me through wasn't talent. It wasn't a great mentor or a perfect course. It was just showing up every day. Getting stuck. Coming back the next day. Getting a little less stuck. Rinse and repeat, for months, for years.

No teacher could have given me what that process gave me. The discipline of building something broken and then fixing it. The patience of debugging at 2am when the error makes no sense. The quiet satisfaction of finally understanding something that had confused you for weeks.

I'm still in the middle of it. There are concepts I don't understand yet. There probably always will be. I stopped being bothered by that somewhere along the way. The goal was never to know everything. The goal was to build things. I do that.

Hackathons

I've won over 20 hackathons. I say that not to impress but to give context — hackathons were a real part of how I learned to build fast, think under pressure, and ship something real in a room full of people trying to beat you.

But Smart India Hackathon 2023 was different. And it was the last one I competed in.

We built NyaySathi — an AI assistant for legal help, built specifically for people from communities that don't speak legal language, don't have access to lawyers, can't afford to figure out what their own rights are. It worked in any local language. You spoke to it in whatever tongue felt natural and it answered you.

That's the one-line description. The reality of that night is something else entirely.

We failed probably twenty times before something worked. We didn't eat. Some of us cried — the kind of crying that happens when you're exhausted and scared and you've stopped believing the thing you're building is going to work. Our first two evaluations went badly and we knew it. There was a real possibility we were going home with nothing.

Then somewhere in the early hours of the morning, something shifted. One of us said something — I don't remember the exact words, but the energy in the room changed. We stopped spiralling and started moving. We got into a rhythm. The pieces started clicking. We finished.

At 10pm that night, the winners were announced by problem statement. Our statement came up. They called our name.

None of us expected it. We had talked ourselves out of believing it was possible. And then suddenly it was happening — our name in the air, the announcement real and irreversible — and we all fell apart. The whole team. Standing there, not able to speak, not able to stop crying.

That kind of crying where you can't fully believe the thing that's happening to you.

I think about that night a lot. Not because of the win, but because of what the team did before it — the way we held each other up when we had nothing left. That's the thing I carry with me.

Smart India Hackathon 2023 — the team that cried twice that night

TEDxVITPune

I joined TEDxVITPune on Day 1 of college. Someone I'd just met — a complete stranger — mentioned it in passing. I filled out the form. With zero expectations, I somehow made the team.

For the first few months I kept mostly to myself. I was introverted, a little unsure what I was doing there. TEDx was just something on the side. A way to stay engaged beyond lectures. Something to put on a resume, maybe.

Then slowly, without me noticing, it became more.

The idea of a small group of people grinding together for months to pull off one of the biggest events on campus — that idea got under my skin. I started feeling it every day. The weight of it, but also the warmth of it. Then the first event happened. And when it ended, I looked around and saw tears in my teammates' eyes.

I felt it in mine too.

It wasn't a club anymore. It was something I couldn't walk away from.

I stayed for pre-final year, when most of my batchmates had shifted their entire attention to placements. I couldn't do it. Teammates had become my closest friends. I had seen what we were capable of from the inside — the chaos, the things that nearly broke us, the things that somehow came together anyway because this team refused to let them fall apart.

When that year's event wrapped, I cried properly. Not the scared crying from SIH — this was different. Peak happiness. The kind you only feel when something you love actually works.

Then came final year.

I became the licensee. Head organizer. Seven of my closest friends beside me and the weight of nine editions of history behind us.

That year was the hardest thing I have ever organised. Setbacks every week. Things going wrong that we hadn't planned for. I broke down a couple of times — genuinely broke down, the kind where everything feels like shattered glass and you can't find all the pieces and you don't know if you have the energy to try. But the people around me held it together when I couldn't. And I held it together when they couldn't. That's the only way something like this works. Not one strong person — a group of people taking turns being strong for each other.

We made the 10th edition of TEDxVITPune. We called it Dimes of Dynamism.

A few months ago I officially closed my license. Signed the papers, passed the baton, handed the whole thing to a new team who will pour their own hearts into it. I watched it go.

Some part of me still hasn't let go. Some part probably never will. TEDx was my home on campus in a way that nothing else was, and I don't say that lightly.

TEDxVITPune — Dimes of Dynamism, 10th edition

What I Do Now

I'm an Associate Software Engineer at Workato — an enterprise AI and automation company based in the US, with presence across the world. Right now I'm building enterprise-grade MCP servers. The company started in automation orchestration and has moved deep into AI, and I'm right in the middle of that.

Outside of work I build things for clients — SaaS tools, AI agents, landing pages, integrations. And I built a full product suite for my brother's food brand, Prempushp: the website, the billing system, the admin dashboard. That one's different. Building something for your family hits in a way client work doesn't. Every time the site loads correctly or an order goes through, it feels personal.

About 80% of the things I start don't get finished. I lose momentum, put it down, start something else. I used to feel bad about this. Now I just think it's honest — most things don't make it. The ones that do are the ones where I'm genuinely in it, not just initially interested. There's a difference, and I've learned to feel it early.

When I'm genuinely in something, I don't notice time. I'll sit at my desk for twelve, fifteen hours and look up to find it's 3am and I'm not tired. Not because I'm forcing it — because I forgot there was anything else to do. That kind of absorption is the most honest thing I know about myself. When it's there, I trust it.

Where most of it happens

The Two Sides

Most people who meet me think I'm just another software developer. They're not wrong. But they're not seeing the whole thing.

The people who know me from TEDx, from events I've organized, from teams I've led — they see someone who can move people, hold a room together, execute something complicated across weeks of chaos. Before TEDx, back in polytechnic, I was president of the Computer Society. I've consistently found myself in these organizing roles without entirely planning to be in them.

The people who know that side of me usually have no idea how deep the technical work goes. The people who know the technical side usually have no idea about the rest.

I don't mind it. I've actually come to like it — having parts of yourself that only certain people have earned the right to see. It means every new person who figures out the full picture is someone who actually paid attention.

What I'm Actually Chasing

I used to think grades mattered. I got good ones — consistently, through school and college both. Then I watched people with worse marks get ahead in ways that had nothing to do with grades, and something rearranged in my head. Not bitterness — just clarity. Marks measure your ability to perform under a specific kind of pressure, in a specific kind of room, for a specific kind of audience. That's a real skill. It's just not the one that matters most after you leave.

I wish I had spent some of those late study nights on cricket. I played as a kid. I still watch every match. I think about it sometimes — what it would have looked like to take it seriously, to practice every day, to find out how far that could go. Singing too. I used to sing. I let both of those things slip while I was busy being a good student.

Grades are not the thing. Being useful is the thing. Showing up consistently with practical answers to problems that most people wave past or overcomplicate — that's what I want to be known for. Not loudly. Just over time, by doing it.

I keep coming back to building a personal presence no matter what else I'm working on. I start, lose momentum, drop it, come back months later. The fear of not making it kills the motivation faster than anything else. And underneath that fear is a quieter belief — that I'm not ready yet, that I need to do more first, become more first. I'm working on that belief. It's not fully true and I know it.

What I actually want: financial freedom — not to stop working, but to choose the work freely. Enough to take care of the people I love. Enough to give back, to donate, to do things that matter without needing them to be profitable. And enough respect in the technical community that the people who understand the craft know my name. Not famous. Just respected by the right people.

I'm not there yet. But I know what direction I'm walking.

What I Believe

I've been thinking about this for a while — not to write it down, just to know it. But here it is.

I trust my gut. Not blindly — I know my gut has been wrong and will be wrong again. But when I hear something and it doesn't sit right, I say so. I hold strong opinions loosely. I'll argue for something and change my mind in the same conversation if the other person says something better. That's not weakness. That's the only way to actually think.

I think anecdata beats data more often than people admit. A spreadsheet full of numbers can tell you what happened. One person's specific, detailed, lived experience tells you why. I trust the story. I trust the person in the room who has actually done the thing more than the study that measured it from the outside.

Grit beats talent. I've seen talented people disappear and I've seen grinding people arrive. The second group is more reliable every time. I don't think I'm the most gifted person in any room I've been in. I think I'm often the most persistent.

Work is my hobby. I don't say this as a flex — I say it because it's just true. When I'm not working I'm thinking about work. When I'm watching cricket I'm also half thinking about something I'm building. This isn't something I engineered. It's just how I'm wired.

I believe in God's plan. There's a thought I come back to whenever things don't go the way I wanted: if it's not happening the way I planned, it's happening the way God planned. And God never wants bad for you. That's not resignation — it's trust. It takes the edge off failure. It lets me keep moving.

I believe growth potential matters more than current skill. What someone can become is more interesting than what they already are. I try to see that in people and I hope people see it in me — because if you judged me only by what I've already done, you'd be missing the point.

I try to assume good intent. Most people aren't trying to make your life harder. They're having their own bad day, carrying their own weight, moving through their own confusion. I'd rather give someone the benefit of the doubt and occasionally be wrong than spend my energy being suspicious. I also genuinely like criticism — I don't hear it emotionally. Tell me what's broken and I'll fix it.

I only work on things I'm actually excited about. This probably explains the 80% incompletion rate. But I'd rather have a graveyard of abandoned projects I cared about than a portfolio of finished things I was bored making.

And I move fast. Speed is the most underrated skill in software. I use AI extensively — not to replace thinking but to compress time. I can move ten times faster with the right tools and the right mindset, and I do. The world doesn't wait and I don't either.

Right Now

I live in Akola. I work remotely. I go to the gym in the evenings because if I don't move my body my brain stops working properly. I cook. I watch cricket and F1 and anything thrilling enough to make me forget I have a terminal open.

Most nights I'm back at my desk after dinner. Sometimes it's client work, sometimes it's open source, sometimes it's some feature on this website I've been turning over in my head for a week. I stay until I finish it or break it completely.

I'm 22. I have a lot left to figure out.

But I'm at my desk. I'm typing.