<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Umitomo</title>
    <description>The latest articles on DEV Community by Umitomo (@umitomo-lab).</description>
    <link>https://dev.to/umitomo-lab</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3830906%2Ff8ab1f50-43b4-40ee-b21a-a120d3344f42.jpg</url>
      <title>DEV Community: Umitomo</title>
      <link>https://dev.to/umitomo-lab</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/umitomo-lab"/>
    <language>en</language>
    <item>
      <title>Weekly Dev Log 2026-W12</title>
      <dc:creator>Umitomo</dc:creator>
      <pubDate>Fri, 03 Jul 2026 04:42:07 +0000</pubDate>
      <link>https://dev.to/umitomo-lab/weekly-dev-log-2026-w12-5hin</link>
      <guid>https://dev.to/umitomo-lab/weekly-dev-log-2026-w12-5hin</guid>
      <description>&lt;h2&gt;
  
  
  🗓️ This Week
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;I had &lt;strong&gt;less time to work on my personal projects&lt;/strong&gt; this week😅, but &lt;strong&gt;I was still able to make some progress&lt;/strong&gt; on both my iOS app and web development projects.&lt;/li&gt;
&lt;li&gt;One reason I was able to keep moving forward was that &lt;strong&gt;I used ChatGPT and Codex to work more efficiently&lt;/strong&gt;. This week reminded me &lt;strong&gt;how helpful AI can be for personal development projects&lt;/strong&gt;🦾.&lt;/li&gt;
&lt;li&gt;I continued &lt;strong&gt;refining the UI direction for ToneDrill mini&lt;/strong&gt;, the minimum-feature iOS app I implemented in Xcode last week.&lt;/li&gt;
&lt;li&gt;Last week, I was excited to build the basic functionality of a working minimum-feature app in Xcode. This week, I shifted my focus to &lt;strong&gt;creating a clearer UI image&lt;/strong&gt; for the app🎯.&lt;/li&gt;
&lt;li&gt;I was not sure how to approach the UI design at first, but after discussing it with AI, I decided on a direction. I would like to keep using this approach as a base going forward🐎.&lt;/li&gt;
&lt;li&gt;For web development, I &lt;strong&gt;finished reviewing the implementation of the portfolio site&lt;/strong&gt; that Codex created last week❤️‍🔥.&lt;/li&gt;
&lt;li&gt;I gained a better understanding of &lt;strong&gt;shadcn/ui&lt;/strong&gt; and realized how convenient it is for building consistent UI components.&lt;/li&gt;
&lt;li&gt;I was &lt;strong&gt;not able to work on TryHackMe this week&lt;/strong&gt;, so I would like to make time for it again next week🔥.&lt;/li&gt;
&lt;/ul&gt;

&lt;blockquote&gt;
&lt;p&gt;I also want to thank everyone who commented on my previous &lt;a href="https://dev.to/umitomo-lab/weekly-dev-log-2026-w11-4ga6"&gt;Weekly Dev Log 2026-W11&lt;/a&gt;✨&lt;/p&gt;

&lt;p&gt;Reading the comments on my previous Weekly Dev Log made me feel that I would also like to try writing standalone articles that go deeper into what I learned.&lt;/p&gt;

&lt;p&gt;I hope I can share my honest learning process and thoughts in different formats, not only through Weekly Dev Logs.&lt;/p&gt;

&lt;p&gt;Also, thank you so much for leaving positive comments on my personal, honest Weekly Dev Logs!&lt;/p&gt;

&lt;p&gt;I always appreciate your comments, so please feel free to leave one if you have any thoughts or feedback.&lt;/p&gt;
&lt;/blockquote&gt;




&lt;p&gt;&lt;a id="ios-swiftui"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;I used Codex and Figma to create the UI design for the minimum version of ToneDrill mini.&lt;/li&gt;
&lt;li&gt;I asked Codex to generate &lt;strong&gt;several UI design ideas&lt;/strong&gt;, then chose the one I liked and &lt;strong&gt;organized it as a design file in Figma&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;ToneDrill mini will have multiple screens in the future, but I focused on designing &lt;strong&gt;only one main interaction screen&lt;/strong&gt; first.&lt;/li&gt;
&lt;li&gt;I started &lt;strong&gt;organizing a Mini Design System&lt;/strong&gt; based on that one screen so that future screens can have a consistent UI.&lt;/li&gt;
&lt;li&gt;At first, I considered organizing the design rules in a text file like &lt;code&gt;Design.md&lt;/code&gt;, but I decided to &lt;strong&gt;organize them visually in Figma instead&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;I organized the basic color structure, including background colors, text colors, button colors, and typography rules.&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  🎸 ToneDrill mini UI Image
&lt;/h3&gt;

&lt;p&gt;Here are &lt;strong&gt;two UI images&lt;/strong&gt; of ToneDrill mini: the current UI before creating the Figma design, and the temporary UI direction I created this week using Codex and Figma🥰.&lt;/p&gt;

&lt;p&gt;I am excited to start implementing the app based on this new UI image🔥&lt;/p&gt;

&lt;p&gt;&lt;em&gt;(Current ToneDrill mini UI screenshot)&lt;/em&gt;&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F411rxuypf50dsv4k521s.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F411rxuypf50dsv4k521s.png" alt="ToneDrillmini_UIimage_now" width="800" height="369"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;(ToneDrill mini UI screenshot decided this week)&lt;/em&gt;&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fj4rf6ae317wtgnpjwde6.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fj4rf6ae317wtgnpjwde6.png" alt="ToneDrillmini_UIimage_future" width="800" height="369"&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Posted my weekly dev log on Dev.to 📝.&lt;/li&gt;
&lt;li&gt;Reviewed the structure of the portfolio home page created with React Router v7.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;I was not able to work on TryHackMe this week. I would like to make time for it again next week!&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  💡 Key Takeaways
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 SwiftUI Learning
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;I noticed that if I ask Codex to &lt;strong&gt;create UI designs each time without clear rules&lt;/strong&gt;, the colors, spacing, and font sizes can &lt;strong&gt;easily become inconsistent&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;I learned that it is better to create one &lt;strong&gt;base UI design&lt;/strong&gt; first, then &lt;strong&gt;organize the frame structure and Mini Design System&lt;/strong&gt; based on that design.&lt;/li&gt;
&lt;li&gt;I also considered asking Codex to implement a SwiftUI prototype first and then adjusting it in Xcode, but I felt that &lt;strong&gt;organizing the UI visually in Figma first&lt;/strong&gt; was easier for me to understand.&lt;/li&gt;
&lt;li&gt;Having the UI structure and color roles visible in Figma made it easier to understand the design than organizing everything only in text.&lt;/li&gt;
&lt;li&gt;I learned that a visual design reference also makes it easier to imagine what needs to be changed after implementing the UI in SwiftUI.&lt;/li&gt;
&lt;li&gt;For a personal iOS app like this, I felt that it is better to start with a small set of design rules based on one screen, rather than trying to build a large design system from the beginning.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development Learning
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Learned that &lt;code&gt;sticky top-0&lt;/code&gt; keeps the sidebar content visible near the top of the screen while scrolling.&lt;/li&gt;
&lt;li&gt;Reviewed how Tailwind CSS utility classes are used to control layout in the profile sidebar.&lt;/li&gt;
&lt;li&gt;Learned that &lt;code&gt;flex flex-wrap&lt;/code&gt; is useful for arranging small elements naturally and letting them wrap when space is limited.&lt;/li&gt;
&lt;li&gt;Learned that &lt;code&gt;flex&lt;/code&gt; is better for content-sized inline groups, while &lt;code&gt;grid&lt;/code&gt; is better for structured row-and-column layouts.&lt;/li&gt;
&lt;li&gt;Reviewed the shadcn/ui &lt;code&gt;Button&lt;/code&gt; component and learned that &lt;code&gt;asChild&lt;/code&gt; lets a child element, such as an &lt;code&gt;&amp;lt;a&amp;gt;&lt;/code&gt; tag, receive the button styles while keeping its original HTML meaning.&lt;/li&gt;
&lt;li&gt;Rearned that this makes it possible to create a link that looks like a button, while still using the correct semantic element for navigation.&lt;/li&gt;
&lt;li&gt;Reviewed the official shadcn/ui &lt;code&gt;Button&lt;/code&gt; documentation and learned how &lt;code&gt;asChild&lt;/code&gt;, &lt;code&gt;variant&lt;/code&gt;, and &lt;code&gt;size&lt;/code&gt; help create consistent button UI patterns.&lt;/li&gt;
&lt;li&gt;Learned that shadcn/ui helps create consistent UI while allowing predefined design variations through component props, and its documentation makes it easy to understand how each prop affects the result.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🚀 Next Week
&lt;/h1&gt;

&lt;ul&gt;
&lt;li&gt;Finish organizing the Mini Design System for ToneDrill mini in Figma.&lt;/li&gt;
&lt;li&gt;Organize the UI adjustment points for the portfolio site implemented by Codex in Notion, then start making small UI refinements.&lt;/li&gt;
&lt;li&gt;Continue working on the AI Security Learning Path.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🌈 Goals for This Year
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Build a solid foundation in SwiftUI and create at least one iOS app.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue posting learning logs on Dev.to and eventually turn them into a portfolio site using React Router v7.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue learning cybersecurity on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>beginners</category>
      <category>devjournal</category>
      <category>webdev</category>
      <category>swift</category>
    </item>
    <item>
      <title>Weekly Dev Log 2026-W11</title>
      <dc:creator>Umitomo</dc:creator>
      <pubDate>Fri, 26 Jun 2026 21:04:23 +0000</pubDate>
      <link>https://dev.to/umitomo-lab/weekly-dev-log-2026-w11-4ga6</link>
      <guid>https://dev.to/umitomo-lab/weekly-dev-log-2026-w11-4ga6</guid>
      <description>&lt;h2&gt;
  
  
  🗓️ This Week
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;While reviewing the code for &lt;strong&gt;the minimum-feature iOS app&lt;/strong&gt; that Codex implemented for &lt;strong&gt;ToneDrill&lt;/strong&gt;, I started coming up with &lt;strong&gt;many ideas for small improvements&lt;/strong&gt;💡.&lt;/li&gt;
&lt;li&gt;When I first started building the iOS app, I thought &lt;strong&gt;it would be enough to recreate the web version&lt;/strong&gt; I had casually built before. However, once the app started taking shape, I naturally began wanting to add &lt;strong&gt;more features and improve the design&lt;/strong&gt;🌋. At the same time, this is &lt;strong&gt;my first time building an iOS app&lt;/strong&gt;, so I often &lt;strong&gt;do not know the best way to move forward&lt;/strong&gt;. Human curiosity and ambition are interesting 😅.&lt;/li&gt;
&lt;li&gt;Because of that, I discussed my ideas with ChatGPT, &lt;strong&gt;separated them into short-term tasks and medium- to long-term ideas&lt;/strong&gt;, and &lt;strong&gt;organized a realistic development plan&lt;/strong&gt; in Notion🗃️.&lt;/li&gt;
&lt;li&gt;For now, I decided to focus on &lt;strong&gt;completing the minimum-feature version implemented by Codex&lt;/strong&gt;. I changed the app layout from the default portrait orientation to landscape orientation and organized several UI ideas🦾.&lt;/li&gt;
&lt;li&gt;I &lt;strong&gt;reviewed the program&lt;/strong&gt; that Codex implemented last week based on my Figma design.&lt;/li&gt;
&lt;li&gt;I learned more about &lt;strong&gt;React Router v7 features and several CSS functions&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;Worked on the &lt;strong&gt;AI System Reconnaissance&lt;/strong&gt; room from the AI Security Learning Path on TryHackMe this week 🤖.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Organized feature ideas I would like to add to ToneDrill in Notion and separated them into short-term tasks and medium- to long-term tasks.&lt;/li&gt;
&lt;li&gt;Changed the app layout from the default portrait-oriented design to a landscape-oriented design.&lt;/li&gt;
&lt;li&gt;Planned the next UI improvement for the app: replacing horizontal scrolling with left and right buttons to switch the visible fret range.&lt;/li&gt;
&lt;li&gt;Explored a design direction for a SwiftUI-drawn guitar fretboard background before using a real image background.&lt;/li&gt;
&lt;li&gt;Worked with ChatGPT to define the direction for a fretboard-style UI in SwiftUI, organized the required display elements, and prepared them as a specification for Codex.&lt;/li&gt;
&lt;li&gt;Prepared a concrete Codex prompt for generating a Figma draft based on the design task document and reference image.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Posted my weekly dev log on Dev.to 📝.&lt;/li&gt;
&lt;li&gt;Reviewed the structure of the portfolio home page created with React Router v7.&lt;/li&gt;
&lt;li&gt;Checked how &lt;code&gt;root.tsx&lt;/code&gt;, &lt;code&gt;routes.ts&lt;/code&gt;, and &lt;code&gt;home.tsx&lt;/code&gt; work together to render the top page.&lt;/li&gt;
&lt;li&gt;Studied how the &lt;code&gt;loader&lt;/code&gt; function passes page data to the home component.&lt;/li&gt;
&lt;li&gt;Looked through &lt;code&gt;home-page-layout.tsx&lt;/code&gt; and checked how the main area and profile sidebar are arranged.&lt;/li&gt;
&lt;li&gt;Reviewed &lt;code&gt;app.css&lt;/code&gt; to understand the layout, responsive design, and light/dark color settings.&lt;/li&gt;
&lt;li&gt;Looked up &lt;code&gt;grid-template-columns&lt;/code&gt;, &lt;code&gt;minmax()&lt;/code&gt;, &lt;code&gt;clamp()&lt;/code&gt;, and &lt;code&gt;@media&lt;/code&gt; using MDN and ChatGPT.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Worked on the AI System Reconnaissance room, part of the AI Security Learning Path on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  💡 Key Takeaways
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 SwiftUI Learning
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Learned how to configure an iOS app to support landscape orientation.&lt;/li&gt;
&lt;li&gt;Learned how to adjust the UI layout so it fits neatly on the screen in landscape mode.&lt;/li&gt;
&lt;li&gt;Learned that a SwiftUI-drawn fretboard background is a safer first step than placing buttons directly on top of a real guitar image.&lt;/li&gt;
&lt;li&gt;Learned that building the fretboard UI with separate background and button layers will make it easier to replace the background with an image later.&lt;/li&gt;
&lt;li&gt;Learned that Codex should first explain its planned Figma structure before actually creating or modifying the design.&lt;/li&gt;
&lt;li&gt;Learned that giving Codex a task document, a reference image, and clear constraints helps reduce unexpected changes.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development Learning
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Learned that &lt;code&gt;root.tsx&lt;/code&gt; provides the base HTML layout, and child routes are rendered through &lt;code&gt;&amp;lt;Outlet /&amp;gt;&lt;/code&gt;.&lt;/li&gt;
&lt;li&gt;Learned that &lt;code&gt;loader&lt;/code&gt; prepares data before the page component is rendered.&lt;/li&gt;
&lt;li&gt;Learned that &lt;code&gt;home-page-layout.tsx&lt;/code&gt; mainly controls the page structure, while &lt;code&gt;app.css&lt;/code&gt; controls most of the visual design.&lt;/li&gt;
&lt;li&gt;Learned how CSS Grid is used to create a two-column layout with a flexible main area and a fixed-width sidebar.&lt;/li&gt;
&lt;li&gt;Learned that &lt;code&gt;grid-template-columns&lt;/code&gt; defines the width rules for each grid column.&lt;/li&gt;
&lt;li&gt;Learned that &lt;code&gt;minmax()&lt;/code&gt; sets the minimum and maximum size of a grid column.&lt;/li&gt;
&lt;li&gt;Learned that &lt;code&gt;clamp()&lt;/code&gt; lets a value change flexibly within a minimum and maximum range.&lt;/li&gt;
&lt;li&gt;Learned that &lt;code&gt;@media&lt;/code&gt; rules can be used for different CSS conditions. In this project, they are used to change the layout based on the screen width.&lt;/li&gt;
&lt;li&gt;Learned how media queries change the layout from three-column cards to two columns, and then to one column on smaller screens.&lt;/li&gt;
&lt;li&gt;Learned how CSS variables are used to manage colors for light mode, dark mode, and portfolio-specific design tokens.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 TryHackMe Learning
&lt;/h2&gt;

&lt;h3&gt;
  
  
  AI System Reconnaissance
&lt;/h3&gt;

&lt;h4&gt;
  
  
  Task 2: The AI Infrastructure Stack
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;I learned that AI infrastructure is not just a single AI model or server, but a collection of specialized services that support the whole machine learning lifecycle.&lt;/li&gt;
&lt;li&gt;I understood that AI systems often expose unfamiliar ports and APIs, so traditional network scanning alone may miss important AI-related services.&lt;/li&gt;
&lt;li&gt;I learned that services such as model serving endpoints, experiment tracking tools, vector databases, model registries, Jupyter notebooks, MinIO, and Prometheus can all become important reconnaissance targets.&lt;/li&gt;
&lt;li&gt;Although there were many new terms and I could not fully understand every single one, I was able to understand the main purpose of this task: building a mental map of AI infrastructure components and their common ports.&lt;/li&gt;
&lt;li&gt;Through the exercise, I learned how to compare AI-specific ports with traditional service ports and identify which hosts are likely running AI infrastructure.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🚀 Next Week
&lt;/h1&gt;

&lt;ul&gt;
&lt;li&gt;Design the UI structure for the minimum-feature version of ToneDrill in Figma.&lt;/li&gt;
&lt;li&gt;Finish reviewing the program that Codex implemented last week based on my Figma design and deepen my understanding of how the code works.&lt;/li&gt;
&lt;li&gt;Continue working on the AI Security Learning Path.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🌈 Goals for This Year
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Build a solid foundation in SwiftUI and create at least one iOS app.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue posting learning logs on Dev.to and eventually turn them into a portfolio site using React Router v7.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue learning cybersecurity on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>beginners</category>
      <category>devjournal</category>
      <category>security</category>
      <category>swift</category>
    </item>
    <item>
      <title>Weekly Dev Log 2026-W10</title>
      <dc:creator>Umitomo</dc:creator>
      <pubDate>Thu, 18 Jun 2026 06:39:33 +0000</pubDate>
      <link>https://dev.to/umitomo-lab/weekly-dev-log-2026-w10-33a9</link>
      <guid>https://dev.to/umitomo-lab/weekly-dev-log-2026-w10-33a9</guid>
      <description>&lt;h2&gt;
  
  
  🗓️ This Week
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;While organizing ideas for &lt;strong&gt;my first iOS app&lt;/strong&gt;, I remembered an old web app idea called &lt;strong&gt;ToneDrill&lt;/strong&gt;, which I had casually built before to help practice note names on a guitar fretboard🎸. I decided to try &lt;strong&gt;turning it into an iOS app&lt;/strong&gt;🛠️.&lt;/li&gt;
&lt;li&gt;I clarified the purpose of &lt;strong&gt;ToneDrill&lt;/strong&gt;, its &lt;strong&gt;minimum requirements&lt;/strong&gt;, and its &lt;strong&gt;core features&lt;/strong&gt;, then &lt;strong&gt;organized them in Notion&lt;/strong&gt;📝.&lt;/li&gt;
&lt;li&gt;I was curious to see &lt;strong&gt;how well Codex could implement an iOS app from those minimum requirements&lt;/strong&gt;, so I gave it a try right away💡.&lt;/li&gt;
&lt;li&gt;I reviewed the SwiftUI code generated by Codex and &lt;strong&gt;worked through the app logic to understand how it was implemented&lt;/strong&gt;🔍. For now, I was able to create a working app, which felt like &lt;strong&gt;a meaningful step forward&lt;/strong&gt;🚶.&lt;/li&gt;
&lt;li&gt;I created &lt;strong&gt;the top page UI design&lt;/strong&gt; for my portfolio website in &lt;strong&gt;Figma&lt;/strong&gt;🎨. I focused on keeping the structure simple and implementation-friendly, and designed the UI with reusable components for each major part.&lt;/li&gt;
&lt;li&gt;Based on what I learned from my previous failed attempt, I &lt;strong&gt;tried again to see how well Codex could implement a prototype from the Figma UI design&lt;/strong&gt; (You can read about &lt;a href="https://dev.to/umitomo-lab/i-thought-figma-mcp-could-recreate-any-design-i-was-wrong-1ab3"&gt;my previous attempt that didn’t go so well&lt;/a&gt; here😅.)&lt;/li&gt;
&lt;li&gt;Worked on the &lt;strong&gt;AI Threat Modelling&lt;/strong&gt; room from the AI Security Learning Path on TryHackMe this week🤖.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Revisited an old web app idea called ToneDrill, which I had previously built casually as a guitar note-training app, and considered turning it into an iOS app.&lt;/li&gt;
&lt;li&gt;Organized the app idea in Notion, including its purpose, target use case, minimum requirements, and core features.&lt;/li&gt;
&lt;li&gt;Decided to aim for an MVP-level version first, instead of trying to build a fully featured app from the beginning.&lt;/li&gt;
&lt;li&gt;Wrote down simple requirements and tested how accurately Codex could implement the initial version of the app.&lt;/li&gt;
&lt;li&gt;Reviewed the iOS app implementation generated by Codex and examined the code in detail to understand how the logic worked.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Posted my weekly dev log on Dev.to📝&lt;/li&gt;
&lt;li&gt;Completed the top page UI design for my portfolio website in Figma.&lt;/li&gt;
&lt;li&gt;Tried using Codex again to generate a prototype app based on the Figma UI design.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Worked on the AI Threat Modelling room (part of the AI Security Learning Path) on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  💡 Key Takeaways
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 SwiftUI Learning
&lt;/h2&gt;

&lt;h4&gt;
  
  
  🦄 What I learned by starting with a small app and minimum features
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;I started building the app with the mindset of &lt;strong&gt;creating small&lt;/strong&gt;, &lt;strong&gt;steady progress&lt;/strong&gt; instead of trying to build a large app right away.&lt;/li&gt;
&lt;li&gt;Starting small made it &lt;strong&gt;much easier to take the first step mentally and actually&lt;/strong&gt; begin building the app.&lt;/li&gt;
&lt;li&gt;Even though the app is small, I realized that the knowledge I gained from &lt;strong&gt;tutorials alone was not enough to fully understand the implementation details&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;I had to review and research the code &lt;strong&gt;step by step&lt;/strong&gt; to understand how each part worked.&lt;/li&gt;
&lt;li&gt;This made me realize that if I started with &lt;strong&gt;a much larger app&lt;/strong&gt;, it would &lt;strong&gt;take a lot more time to understand the implementation&lt;/strong&gt; while building it.&lt;/li&gt;
&lt;li&gt;I also learned that I should define more clearly when and how I use Codex during development.&lt;/li&gt;
&lt;li&gt;For now, my plan is to &lt;strong&gt;keep using AI actively until I can complete one working app&lt;/strong&gt;, then evaluate where AI is most helpful and where I need to review the code more carefully myself.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development Learning
&lt;/h2&gt;

&lt;h4&gt;
  
  
  ❤️‍🔥 What I learned from retrying prototype generation with Figma MCP and Codex
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Learned that I should &lt;strong&gt;first ask Codex to review the design system&lt;/strong&gt; in the Figma UI design, then have it &lt;strong&gt;create rule files&lt;/strong&gt; such as &lt;code&gt;app.css&lt;/code&gt; and &lt;code&gt;FIGMA_DESIGN_SYSTEM.md&lt;/code&gt; based on &lt;strong&gt;those design rules&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;Learned that &lt;strong&gt;designing a Figma UI with implementation in mind&lt;/strong&gt; is important when asking Codex to generate a prototype.&lt;/li&gt;
&lt;li&gt;Instead of only creating a visual mockup, I structured the UI with &lt;strong&gt;clear frames&lt;/strong&gt;, &lt;strong&gt;reusable components&lt;/strong&gt;, and &lt;strong&gt;layout rules&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;I also documented the design system in rule files so Codex could better understand the intended structure, spacing, colors, and component styles.&lt;/li&gt;
&lt;li&gt;As a result, Codex was able to generate a prototype that &lt;strong&gt;closely matched the Figma design&lt;/strong&gt;🔥.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 TryHackMe Learning
&lt;/h2&gt;

&lt;h3&gt;
  
  
  AI Threat Modelling
&lt;/h3&gt;

&lt;h4&gt;
  
  
  Task 6: OWASP LLM Top 10 — Mapping Risks to Components
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;I learned that the OWASP LLM Top 10 helps map LLM-specific risks to the components where they occur.&lt;/li&gt;
&lt;li&gt;OWASP LLM Top 10 is useful not only as a checklist, but also as an assessment tool for reviewing LLM architecture.&lt;/li&gt;
&lt;li&gt;I learned that the LLM inference endpoint has the highest risk concentration, including prompt injection, sensitive information disclosure, excessive agency, system prompt leakage, misinformation, and unbounded consumption.&lt;/li&gt;
&lt;li&gt;Vector databases and RAG pipelines require special attention because they can introduce indirect prompt injection, embedding weaknesses, and misinformation from stale or incorrect sources.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🚀 Next Week
&lt;/h1&gt;

&lt;ul&gt;
&lt;li&gt;Review the issues and improvements needed in the minimum-feature app generated by Codex, then start making code changes.&lt;/li&gt;
&lt;li&gt;Ask Codex to help explore UI design ideas for the &lt;strong&gt;ToneDrill&lt;/strong&gt; app and decide on the overall UI direction.&lt;/li&gt;
&lt;li&gt;Review and understand the implementation details of the portfolio website prototype generated by Codex.&lt;/li&gt;
&lt;li&gt;Continue posting small articles on Dev.to.&lt;/li&gt;
&lt;li&gt;Continue working on the AI Security Learning Path.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🌈 Goals for This Year
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Build a solid foundation in SwiftUI and create at least one iOS app.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue posting learning logs on Dev.to and eventually turn them into a portfolio site using React Router v7.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue learning cybersecurity on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>beginners</category>
      <category>devjournal</category>
      <category>security</category>
      <category>swift</category>
    </item>
    <item>
      <title>Weekly Dev Log 2026-W09</title>
      <dc:creator>Umitomo</dc:creator>
      <pubDate>Fri, 12 Jun 2026 00:10:44 +0000</pubDate>
      <link>https://dev.to/umitomo-lab/weekly-dev-log-2026-w09-55b6</link>
      <guid>https://dev.to/umitomo-lab/weekly-dev-log-2026-w09-55b6</guid>
      <description>&lt;h2&gt;
  
  
  🗓️ This Week
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Completed the SwiftUI app development tutorial&lt;/strong&gt; and tested the app I built on a real iPhone🦾&lt;/li&gt;
&lt;li&gt;Learned &lt;strong&gt;the overall flow of building an iOS app with SwiftUI&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;Organized my app ideas in Notion because I want to start building a real app next week🤔 I also realized that &lt;strong&gt;starting with a small app&lt;/strong&gt; is important at this stage💡&lt;/li&gt;
&lt;li&gt;Worked on the UI design for my portfolio site using the official shadcn/ui Figma template. I want to finish one design direction next week and then move on to implementation.&lt;/li&gt;
&lt;li&gt;Worked on the &lt;strong&gt;AI Threat Modelling&lt;/strong&gt; room from the AI Security Learning Path on TryHackMe this week🤖&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Completed the SwiftUI app development tutorial.&lt;/li&gt;
&lt;li&gt;Learned how to run an app on a real iPhone by connecting it to my computer, without joining the Apple Developer Program yet.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Posted my weekly dev log on Dev.to📝&lt;/li&gt;
&lt;li&gt;Worked on my portfolio site UI design using the official shadcn/ui Figma template.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Worked on the AI Threat Modelling room (part of the AI Security Learning Path) on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  💡 Key Takeaways
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 SwiftUI Learning
&lt;/h2&gt;

&lt;h3&gt;
  
  
  🔬 What I learned from testing an app on a real iPhone
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;I need to connect my iPhone, choose it as the run destination, and configure Signing &amp;amp; Capabilities before running the app.&lt;/li&gt;
&lt;li&gt;A unique Bundle Identifier is needed to identify the app.&lt;/li&gt;
&lt;li&gt;Xcode uses my personal Apple Account to sign the app for testing on my iPhone.&lt;/li&gt;
&lt;li&gt;I need to enable Developer Mode and trust the developer profile on the iPhone before launching the app.&lt;/li&gt;
&lt;li&gt;Preview data and real app data are handled differently in SwiftUI/SwiftData.&lt;/li&gt;
&lt;li&gt;In previews, &lt;code&gt;sampleContainer&lt;/code&gt; is used, so &lt;code&gt;includeSampleMoments&lt;/code&gt; is passed as &lt;code&gt;true&lt;/code&gt;.&lt;/li&gt;
&lt;li&gt;The diary entries I create on the real iPhone are saved in the app’s local storage on the device.&lt;/li&gt;
&lt;li&gt;The data is not automatically saved to my Apple Account or iCloud.&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  🦄 What I learned from organizing ideas for my first iOS app
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;As a beginner developer, I should not try to build a large, market-ready app from the beginning.&lt;/li&gt;
&lt;li&gt;Large apps usually include many hidden complexities, such as data management, user experience design, error handling, security, performance, and long-term maintenance.&lt;/li&gt;
&lt;li&gt;Since I have a full-time job, my development time is limited, so starting too big would make it harder to keep making steady progress.&lt;/li&gt;
&lt;li&gt;Starting with a small app helps me focus on one or two core ideas and understand each part more deeply.&lt;/li&gt;
&lt;li&gt;Building something small first also makes it easier to finish, test, and improve the app step by step.&lt;/li&gt;
&lt;li&gt;I realized that the goal at this stage is not to compete with polished apps on the market, but to build practical experience by completing small projects.&lt;/li&gt;
&lt;li&gt;This approach should help me stay motivated while gradually improving my skills in real app development.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development Learning
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Learned more about how to create UI designs in Figma and how to design screens using components.&lt;/li&gt;
&lt;li&gt;Practiced building a consistent portfolio site design based on a design system instead of creating each part separately.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 TryHackMe Learning
&lt;/h2&gt;

&lt;h3&gt;
  
  
  AI Threat Modelling
&lt;/h3&gt;

&lt;h4&gt;
  
  
  Task2 AI-Specific Assets and Attack Surfaces
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;AI systems add new assets such as training data, model weights, embedding vectors, system prompts, feature stores, and model registries.&lt;/li&gt;
&lt;li&gt;I learned that poisoned training data can corrupt a model’s behaviour at the source.&lt;/li&gt;
&lt;li&gt;I learned that model weights are especially valuable because they define what the model has learned.&lt;/li&gt;
&lt;li&gt;If model weights are stolen, an attacker may obtain a functional copy of the AI system.&lt;/li&gt;
&lt;li&gt;I learned that system prompts can reveal the model’s behaviour, constraints, business logic, and security guardrails.&lt;/li&gt;
&lt;li&gt;Embedding vectors are important in systems such as RAG pipelines, recommendation engines, and fraud detection systems.&lt;/li&gt;
&lt;li&gt;Manipulating embeddings can change what information the model sees at query time.&lt;/li&gt;
&lt;li&gt;Feature stores are important because they provide preprocessed data used as real-time model inputs.&lt;/li&gt;
&lt;li&gt;Tampering with feature stores can affect model decisions without changing the model itself.&lt;/li&gt;
&lt;li&gt;A compromised model registry can allow an attacker to replace a legitimate model with a backdoored one.&lt;/li&gt;
&lt;li&gt;AI threat modelling needs to consider not only traditional application risks, but also AI-specific assets, behaviours, and failure modes.&lt;/li&gt;
&lt;/ul&gt;

&lt;h4&gt;
  
  
  Task3 Data Supply Chain and STRIDE's Gaps
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;I learned that AI systems have a data supply chain in addition to a traditional software supply chain.&lt;/li&gt;
&lt;li&gt;Each stage of the AI data supply chain can become a point of compromise.&lt;/li&gt;
&lt;li&gt;Data poisoning can start from data collection, labelling, or other early pipeline stages.&lt;/li&gt;
&lt;li&gt;If poisoned data reaches training, the damage can become embedded in the model’s weights.&lt;/li&gt;
&lt;li&gt;A compromised model registry can allow attackers to replace a validated model with a backdoored one.&lt;/li&gt;
&lt;li&gt;A backdoored model may look normal until it receives specific trigger inputs in production.&lt;/li&gt;
&lt;li&gt;LLM-based systems can introduce additional injection points through retrieval pipelines during inference.&lt;/li&gt;
&lt;li&gt;AI threats such as data poisoning, adversarial manipulation, tool misuse, and model theft do not always fit neatly into traditional STRIDE categories.&lt;/li&gt;
&lt;li&gt;The key takeaway is that AI threat modelling must cover the full data supply chain and AI-specific failure modes.&lt;/li&gt;
&lt;/ul&gt;

&lt;h4&gt;
  
  
  Task4 Adapting STRIDE for AI Systems
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;I learned that STRIDE does not need to be replaced, but it needs to be adapted for AI systems.&lt;/li&gt;
&lt;li&gt;In AI systems, familiar STRIDE categories can appear in new forms, such as data source impersonation, data poisoning, model extraction, and inference cost exploitation.&lt;/li&gt;
&lt;li&gt;AI decisions are harder to audit because the model version, input features, prompts, and retrieved context may not be fully recorded.&lt;/li&gt;
&lt;li&gt;Tool-enabled AI systems can make privilege risks broader, because a jailbroken model may misuse databases, email systems, or other connected tools.&lt;/li&gt;
&lt;li&gt;The key takeaway is that STRIDE is still a useful starting point, but some AI risks require additional AI-specific frameworks such as MITRE ATLAS.&lt;/li&gt;
&lt;/ul&gt;

&lt;h4&gt;
  
  
  Task5 MITRE ATLAS: The AI Threat Technique Catalogue
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;I learned that MITRE ATLAS is an AI-focused knowledge base for adversary tactics and techniques against AI and ML systems.&lt;/li&gt;
&lt;li&gt;ATLAS complements STRIDE by adding AI-specific technical detail, documented techniques, mitigations, and real-world case studies.&lt;/li&gt;
&lt;li&gt;I learned key ATLAS techniques such as Data Poisoning, Model Extraction, Evade ML Model, LLM Prompt Injection, and Backdoor ML Model.&lt;/li&gt;
&lt;li&gt;ATLAS helps turn broad STRIDE findings into specific, actionable threat findings with technique IDs and defensive guidance.&lt;/li&gt;
&lt;li&gt;Real-world cases such as ShadowRay and Morris II show that AI threats are not only theoretical, but can affect real AI infrastructure and RAG-based systems.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🚀 Next Week
&lt;/h1&gt;

&lt;ul&gt;
&lt;li&gt;Start building a small iOS app based on the app ideas I organized this week.&lt;/li&gt;
&lt;li&gt;Finish one portfolio site UI design in Figma and start implementing it in code.&lt;/li&gt;
&lt;li&gt;Continue posting small articles on Dev.to.&lt;/li&gt;
&lt;li&gt;Continue working on the AI Security Learning Path.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🌈 Goals for This Year
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Build a solid foundation in SwiftUI and create at least one iOS app.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue posting learning logs on Dev.to and eventually turn them into a portfolio site using React Router v7.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue learning cybersecurity on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>beginners</category>
      <category>devjournal</category>
      <category>security</category>
      <category>swift</category>
    </item>
    <item>
      <title>Weekly Dev Log 2026-W08</title>
      <dc:creator>Umitomo</dc:creator>
      <pubDate>Thu, 04 Jun 2026 02:13:06 +0000</pubDate>
      <link>https://dev.to/umitomo-lab/weekly-dev-log-2026-w08-d2i</link>
      <guid>https://dev.to/umitomo-lab/weekly-dev-log-2026-w08-d2i</guid>
      <description>&lt;h2&gt;
  
  
  🗓️ This Week
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Completed one section of the SwiftUI tutorial 🦾 Since I want to continue through the tutorial until &lt;strong&gt;I can build the app for testing and run it on an actual iPhone&lt;/strong&gt;, I’ll focus on that from next week.&lt;/li&gt;
&lt;li&gt;I also wrote another standalone article this week. It was about &lt;strong&gt;my experience experimenting with Codex and Figma MCP to see how much UI design work I could delegate to AI&lt;/strong&gt;📝 If you're interested, feel free to check it out 👇
&lt;div class="ltag__link--embedded"&gt;
  &lt;div class="crayons-story "&gt;
  &lt;a href="https://dev.to/umitomo-lab/i-thought-figma-mcp-could-recreate-any-design-i-was-wrong-1ab3" class="crayons-story__hidden-navigation-link"&gt;I Thought Figma MCP Could Recreate Any Design. I Was Wrong.&lt;/a&gt;


  &lt;div class="crayons-story__body crayons-story__body-full_post"&gt;
    &lt;div class="crayons-story__top"&gt;
      &lt;div class="crayons-story__meta"&gt;
        &lt;div class="crayons-story__author-pic"&gt;

          &lt;a href="/umitomo-lab" class="crayons-avatar  crayons-avatar--l  "&gt;
            &lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3830906%2Ff8ab1f50-43b4-40ee-b21a-a120d3344f42.jpg" alt="umitomo-lab profile" class="crayons-avatar__image" width="800" height="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
        &lt;div&gt;
          &lt;div&gt;
            &lt;a href="/umitomo-lab" class="crayons-story__secondary fw-medium m:hidden"&gt;
              Umitomo
            &lt;/a&gt;
            &lt;div class="profile-preview-card relative mb-4 s:mb-0 fw-medium hidden m:inline-block"&gt;
              
                Umitomo
                
              
              &lt;div id="story-author-preview-content-3793102" class="profile-preview-card__content crayons-dropdown branded-7 p-4 pt-0"&gt;
                &lt;div class="gap-4 grid"&gt;
                  &lt;div class="-mt-4"&gt;
                    &lt;a href="/umitomo-lab" class="flex"&gt;
                      &lt;span class="crayons-avatar crayons-avatar--xl mr-2 shrink-0"&gt;
                        &lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3830906%2Ff8ab1f50-43b4-40ee-b21a-a120d3344f42.jpg" class="crayons-avatar__image" alt="" width="800" height="800"&gt;
                      &lt;/span&gt;
                      &lt;span class="crayons-link crayons-subtitle-2 mt-5"&gt;Umitomo&lt;/span&gt;
                    &lt;/a&gt;
                  &lt;/div&gt;
                  &lt;div class="print-hidden"&gt;
                    
                      Follow
                    
                  &lt;/div&gt;
                  &lt;div class="author-preview-metadata-container"&gt;&lt;/div&gt;
                &lt;/div&gt;
              &lt;/div&gt;
            &lt;/div&gt;

          &lt;/div&gt;
          &lt;a href="https://dev.to/umitomo-lab/i-thought-figma-mcp-could-recreate-any-design-i-was-wrong-1ab3" class="crayons-story__tertiary fs-xs"&gt;&lt;time&gt;Jun 2&lt;/time&gt;&lt;span class="time-ago-indicator-initial-placeholder"&gt;&lt;/span&gt;&lt;/a&gt;
        &lt;/div&gt;
      &lt;/div&gt;

    &lt;/div&gt;

    &lt;div class="crayons-story__indention"&gt;
      &lt;h2 class="crayons-story__title crayons-story__title-full_post"&gt;
        &lt;a href="https://dev.to/umitomo-lab/i-thought-figma-mcp-could-recreate-any-design-i-was-wrong-1ab3" id="article-link-3793102"&gt;
          I Thought Figma MCP Could Recreate Any Design. I Was Wrong.
        &lt;/a&gt;
      &lt;/h2&gt;
        &lt;div class="crayons-story__tags"&gt;
            &lt;a class="crayons-tag  crayons-tag--monochrome " href="/t/beginners"&gt;&lt;span class="crayons-tag__prefix"&gt;#&lt;/span&gt;beginners&lt;/a&gt;
            &lt;a class="crayons-tag  crayons-tag--monochrome " href="/t/devjournal"&gt;&lt;span class="crayons-tag__prefix"&gt;#&lt;/span&gt;devjournal&lt;/a&gt;
            &lt;a class="crayons-tag  crayons-tag--monochrome " href="/t/ai"&gt;&lt;span class="crayons-tag__prefix"&gt;#&lt;/span&gt;ai&lt;/a&gt;
            &lt;a class="crayons-tag  crayons-tag--monochrome " href="/t/figma"&gt;&lt;span class="crayons-tag__prefix"&gt;#&lt;/span&gt;figma&lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="crayons-story__bottom"&gt;
        &lt;div class="crayons-story__details"&gt;
          &lt;a href="https://dev.to/umitomo-lab/i-thought-figma-mcp-could-recreate-any-design-i-was-wrong-1ab3" class="crayons-btn crayons-btn--s crayons-btn--ghost crayons-btn--icon-left"&gt;
            &lt;div class="multiple_reactions_aggregate"&gt;
              &lt;span class="multiple_reactions_icons_container"&gt;
                  &lt;span class="crayons_icon_container"&gt;
                    &lt;img src="https://assets.dev.to/assets/sparkle-heart-5f9bee3767e18deb1bb725290cb151c25234768a0e9a2bd39370c382d02920cf.svg" width="24" height="24"&gt;
                  &lt;/span&gt;
              &lt;/span&gt;
              &lt;span class="aggregate_reactions_counter"&gt;4&lt;span class="hidden s:inline"&gt;&amp;nbsp;reactions&lt;/span&gt;&lt;/span&gt;
            &lt;/div&gt;
          &lt;/a&gt;
            &lt;a href="https://dev.to/umitomo-lab/i-thought-figma-mcp-could-recreate-any-design-i-was-wrong-1ab3#comments" class="crayons-btn crayons-btn--s crayons-btn--ghost crayons-btn--icon-left flex items-center"&gt;
              

              5&lt;span class="hidden s:inline"&gt;&amp;nbsp;comments&lt;/span&gt;
            &lt;/a&gt;
        &lt;/div&gt;
        &lt;div class="crayons-story__save"&gt;
          &lt;small class="crayons-story__tertiary fs-xs mr-2"&gt;
            6 min read
          &lt;/small&gt;
            
              &lt;span class="bm-initial crayons-icon c-btn__icon"&gt;
                

              &lt;/span&gt;
              &lt;span class="bm-success crayons-icon c-btn__icon"&gt;
                

              &lt;/span&gt;
            
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
  &lt;/div&gt;
&lt;/div&gt;

&lt;/div&gt;
&lt;/li&gt;
&lt;li&gt;I’ll continue working steadily on my portfolio site design by combining AI-generated UI ideas with the official shadcn/ui Figma design template.&lt;/li&gt;
&lt;li&gt;Completed &lt;strong&gt;LLM Security&lt;/strong&gt; room from the AI Security Learning Path on TryHackMe this week🤖&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Worked through the SwiftUI tutorial and completed "Reproduce a bug with unit tests"&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Posted my weekly dev log on Dev.to and a standalone article about my experience using Codex × Figma MCP 📝&lt;/li&gt;
&lt;li&gt;Started learning UI design in Figma using community resources&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Completed LLM Security room (part of the AI Security Learning Path) on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  💡 Key Takeaways
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 SwiftUI Learning
&lt;/h2&gt;

&lt;h3&gt;
  
  
  Reproduce a bug with unit tests
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Learned that a streak should only increase when a moment exists on the next consecutive day.&lt;/li&gt;
&lt;li&gt;Understood that multiple moments on the same day should not increase the streak more than once.&lt;/li&gt;
&lt;li&gt;Learned how &lt;code&gt;continue&lt;/code&gt; skips duplicate days while keeping the current streak.&lt;/li&gt;
&lt;li&gt;Realized that &lt;code&gt;break&lt;/code&gt; stops the calculation as soon as a gap in the streak is found.&lt;/li&gt;
&lt;li&gt;Learned that fixing one bug can accidentally introduce new bugs in other scenarios.&lt;/li&gt;
&lt;li&gt;Learned how to implement parameterized unit tests by preparing multiple input patterns and expected values.&lt;/li&gt;
&lt;li&gt;Used &lt;code&gt;@Test(arguments:)&lt;/code&gt; to run the same test logic with different test data.&lt;/li&gt;
&lt;li&gt;Used &lt;code&gt;#expect&lt;/code&gt; to compare the actual result with the expected value for each case.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development Learning
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;While experimenting with automating UI design using Codex × Figma MCP, I learned that clearly defining design system rules first and then building the UI from small components is important for reducing the gap between the original Figma design and the implementation generated from its design data.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 TryHackMe Learning
&lt;/h2&gt;

&lt;h3&gt;
  
  
  LLM Security
&lt;/h3&gt;

&lt;h3&gt;
  
  
  Threat Categories
&lt;/h3&gt;

&lt;h4&gt;
  
  
  Data-Based Threats
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Training data extraction&lt;/li&gt;
&lt;li&gt;Membership inference&lt;/li&gt;
&lt;li&gt;Prompt leakage&lt;/li&gt;
&lt;/ul&gt;

&lt;h4&gt;
  
  
  Model-Based Threats
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Model extraction&lt;/li&gt;
&lt;li&gt;Model inversion&lt;/li&gt;
&lt;/ul&gt;

&lt;h4&gt;
  
  
  System-Based Threats
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Prompt injection&lt;/li&gt;
&lt;li&gt;Context Overflow&lt;/li&gt;
&lt;li&gt;Memory Poisoning&lt;/li&gt;
&lt;/ul&gt;

&lt;h4&gt;
  
  
  User-Based Threats
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;LLM-powered social engineering&lt;/li&gt;
&lt;li&gt;Trust exploitation&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  LLM Security Threat Cheat Sheet
&lt;/h3&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Type&lt;/th&gt;
&lt;th&gt;Threat&lt;/th&gt;
&lt;th&gt;Target / Attack Surface&lt;/th&gt;
&lt;th&gt;Input&lt;/th&gt;
&lt;th&gt;Output&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Data-Based&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;&lt;strong&gt;Training Data Extraction&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Training dataset (confidentiality)&lt;/td&gt;
&lt;td&gt;Crafted prompts designed to trigger memorised content&lt;/td&gt;
&lt;td&gt;Verbatim or near verbatim training data (text, PII, secrets)&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Data-Based&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;&lt;strong&gt;Membership Inference&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Training dataset membership (privacy metadata)&lt;/td&gt;
&lt;td&gt;Known candidate data sample already possessed by the attacker&lt;/td&gt;
&lt;td&gt;Yes/no (or probability) decision indicating whether the sample was used in training&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Data-Based&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;&lt;strong&gt;Prompt Leakage / System Prompt Exposure (LLM07:2025)&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;System prompt / developer instructions&lt;/td&gt;
&lt;td&gt;Prompts asking the model to reveal or reflect on its instructions&lt;/td&gt;
&lt;td&gt;Partial or full disclosure of hidden system or developer prompts&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Model-Based&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;&lt;strong&gt;Weight Extraction (Model Stealing)&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Model parameters (intellectual property)&lt;/td&gt;
&lt;td&gt;Large volumes of carefully chosen API queries&lt;/td&gt;
&lt;td&gt;A surrogate or distilled model replicating the original model's behaviour&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Model-Based&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;&lt;strong&gt;Model Inversion&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Model's internal representations&lt;/td&gt;
&lt;td&gt;Unknown or partially known data, or model embeddings/outputs&lt;/td&gt;
&lt;td&gt;New training data or attributes reconstructed from the model&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;System-Based&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;&lt;strong&gt;Context Window Poisoning (Prompt Injection)&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;LLM context window (instruction hierarchy)&lt;/td&gt;
&lt;td&gt;Attacker controlled text embedded in input or retrieved content&lt;/td&gt;
&lt;td&gt;Altered behaviour, policy bypass, unintended actions&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;System-Based&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;&lt;strong&gt;Context Overflow / Unbounded Consumption (LLM10:2025)&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Context window size and system resources&lt;/td&gt;
&lt;td&gt;Excessively large prompts or documents&lt;/td&gt;
&lt;td&gt;Truncated safeguards, degraded responses, or denial of service&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;System-Based&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;&lt;strong&gt;Stateful Conversation Manipulation (Memory Poisoning)&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Persistent conversation memory&lt;/td&gt;
&lt;td&gt;Malicious statements intended to be stored as long term context&lt;/td&gt;
&lt;td&gt;Persistent misinformation or corrupted future responses&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;User-Based&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;&lt;strong&gt;LLM-Powered Social Engineering&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Human cognition and decision-making&lt;/td&gt;
&lt;td&gt;Contextual or personal information used to craft persuasive output&lt;/td&gt;
&lt;td&gt;Manipulated users (phishing success, fraud, coerced actions)&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;User-Based&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;&lt;strong&gt;Trust Exploitation / Misinformation (LLM09:2025)&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;User trust and judgment&lt;/td&gt;
&lt;td&gt;Confident but incorrect or maliciously framed prompts&lt;/td&gt;
&lt;td&gt;Users accepting false, unsafe, or harmful information&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;h3&gt;
  
  
  Key Takeaways
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;LLMs introduce a unique attack surface&lt;/strong&gt; distinct from traditional ML systems, driven by natural language interaction, context handling, and emergent behaviour.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Data-based threats&lt;/strong&gt; exploit how LLMs learn from and memorise training data, enabling attacks such as training data extraction, membership inference, and system prompt leakage.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Model-based threats&lt;/strong&gt; target the model itself, including model extraction (theft of model behaviour or weights) and model inversion (reconstructing sensitive training data).&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;System-based threats&lt;/strong&gt; arise from how LLMs process all inputs as a single context, enabling prompt injection, context window overflow, and memory poisoning.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;User-based threats&lt;/strong&gt; leverage LLMs as force multipliers for social engineering, increasing the effectiveness of phishing, scams, and trust exploitation.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🚀 Next Week
&lt;/h1&gt;

&lt;ul&gt;
&lt;li&gt;Work through the "Preparation for Distribution" section of the SwiftUI tutorial.&lt;/li&gt;
&lt;li&gt;Continue posting small articles on Dev.to.&lt;/li&gt;
&lt;li&gt;Explore Figma MCP and experiment with generating UI design ideas using AI.&lt;/li&gt;
&lt;li&gt;Continue working on the AI Security Learning Path.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🌈 Goals for This Year
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Build a solid foundation in SwiftUI and create at least one iOS app.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue posting learning logs on Dev.to and eventually turn them into a portfolio site using React Router v7.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue learning cybersecurity on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>beginners</category>
      <category>devjournal</category>
      <category>security</category>
      <category>swift</category>
    </item>
    <item>
      <title>I Thought Figma MCP Could Recreate Any Design. I Was Wrong.</title>
      <dc:creator>Umitomo</dc:creator>
      <pubDate>Tue, 02 Jun 2026 00:30:16 +0000</pubDate>
      <link>https://dev.to/umitomo-lab/i-thought-figma-mcp-could-recreate-any-design-i-was-wrong-1ab3</link>
      <guid>https://dev.to/umitomo-lab/i-thought-figma-mcp-could-recreate-any-design-i-was-wrong-1ab3</guid>
      <description>&lt;h2&gt;
  
  
  Introduction
&lt;/h2&gt;

&lt;p&gt;Since I started publishing articles on Dev.to, I've been working on a personal project to transform my old blog website—which is no longer actively maintained—into &lt;strong&gt;a portfolio site&lt;/strong&gt;♻️&lt;/p&gt;

&lt;p&gt;As part of that project, I recently started learning Figma and UI design🎨 When I discovered &lt;strong&gt;Figma MCP&lt;/strong&gt;, I imagined a future where &lt;strong&gt;generative AI could automatically create polished, modern, and visually appealing designs for me with minimal effort&lt;/strong&gt;😎&lt;/p&gt;

&lt;p&gt;Unfortunately, reality turned out to &lt;strong&gt;be quite different&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;This article is a reflection on that experience and a reminder to my future self about what I learned along the way📝&lt;/p&gt;

&lt;h2&gt;
  
  
  TL;DR
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;I wanted to &lt;strong&gt;design a portfolio website in Figma&lt;/strong&gt;, but quickly realized that UI design was more difficult than I expected.&lt;/li&gt;
&lt;li&gt;I wondered whether using &lt;strong&gt;Codex and Figma MCP would allow me to outsource the design process to AI&lt;/strong&gt;, so I decided to try it.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;I couldn't magically generate the polished design&lt;/strong&gt; I had imagined while also maintaining a well-structured Figma file with globally managed variants and reusable components.&lt;/li&gt;
&lt;li&gt;I learned that &lt;strong&gt;defining design rules first&lt;/strong&gt; and &lt;strong&gt;building components step by step&lt;/strong&gt; helped produce results that were much closer to my original vision.&lt;/li&gt;
&lt;li&gt;Even then, the process was not dramatically easier than expected, so &lt;strong&gt;I eventually decided to keep things simple and build my portfolio&lt;/strong&gt; around the design principles already provided by &lt;strong&gt;shadcn/ui&lt;/strong&gt;.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  What I Tried with Figma MCP🎨
&lt;/h1&gt;

&lt;p&gt;While planning &lt;strong&gt;the UI design for my portfolio website&lt;/strong&gt;, I initially created simple wireframe-like layouts in Figma to explore the overall page structure and component placement before working on detailed designs.&lt;/p&gt;

&lt;p&gt;At first, I wanted to keep things simple.&lt;/p&gt;

&lt;p&gt;However, as I continued working on the project, I found myself wanting something &lt;strong&gt;more polished, more modern, and ultimately more impressive&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;The problem was that I have very little confidence in my design skills. I'm an in-house IT engineer, not a professional developer or designer, so I often struggle to judge what makes a design truly good.&lt;/p&gt;

&lt;p&gt;That led me to a simple idea:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;What if I could let AI handle the design work for me?&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;While researching possible solutions, I discovered that &lt;strong&gt;Codex could interact with Figma through Figma MCP&lt;/strong&gt;. By connecting the two, &lt;strong&gt;Codex could actually edit Figma files and create designs based on my instructions&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;That sounded promising.&lt;/p&gt;

&lt;p&gt;So I decided to give it a try.&lt;/p&gt;




&lt;h1&gt;
  
  
  Doesn't Everyone Dream at First?🎰
&lt;/h1&gt;

&lt;p&gt;Before using it for my real portfolio project, I wanted to answer a few questions:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Can Codex really create designs directly in Figma?&lt;/li&gt;
&lt;li&gt;Can it generate polished and visually appealing layouts?&lt;/li&gt;
&lt;li&gt;How accurately can it turn a Figma design into a real web page?&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Since it was also my first time using Codex, I decided to run a quick experiment.&lt;/p&gt;

&lt;p&gt;My test process looked like this:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Install the Codex application.&lt;/li&gt;
&lt;li&gt;Set up the Figma integration so Codex could write design data to Figma.&lt;/li&gt;
&lt;li&gt;Create a blank Figma design file.&lt;/li&gt;
&lt;li&gt;Create a local test project.&lt;/li&gt;
&lt;li&gt;Send a simple prompt to Codex and verify whether it could generate a design inside Figma.&lt;/li&gt;
&lt;li&gt;Ask Codex to build a web page from the generated design and evaluate how closely the implementation matched the design.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;There are already plenty of great articles from DEV Community members explaining the setup process in detail, so I won't cover it here😂&lt;/p&gt;

&lt;p&gt;The prompt I used was surprisingly simple:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Create a stylish portfolio website design.
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;em&gt;(Screenshot of the generated Figma design)&lt;/em&gt;&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F40kv5kiq1266k3smr3o4.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F40kv5kiq1266k3smr3o4.png" alt="AI_gnerated_Figma_design" width="800" height="569"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;em&gt;(Screenshot of the web page generated from the Figma design)&lt;/em&gt;&lt;br&gt;
&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnkcynv4w0nqailixagel.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnkcynv4w0nqailixagel.png" alt="Build_portfolio_using_figmadesign" width="800" height="520"&gt;&lt;/a&gt;&lt;br&gt;
And honestly?&lt;/p&gt;

&lt;p&gt;The results were far better than I expected😮&lt;/p&gt;

&lt;p&gt;The generated design looked great.&lt;/p&gt;

&lt;p&gt;The generated web page closely matched the design.&lt;/p&gt;

&lt;p&gt;For a moment, it genuinely felt like magic.&lt;/p&gt;

&lt;h2&gt;
  
  
  Reality Hits🪄
&lt;/h2&gt;

&lt;p&gt;Encouraged by the results of my initial experiment, I decided to use the same approach for my actual portfolio project.&lt;/p&gt;

&lt;p&gt;This time, &lt;strong&gt;I asked Codex to create a Figma design based on a homepage concept image generated by ChatGPT&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;However, &lt;strong&gt;the results were very different from what I had expected&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;At first glance, the generated design looked somewhat reasonable. But once I looked more closely, it lacked consistency. &lt;strong&gt;Component sizes, spacing, and layout rules all felt disconnected from one another&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;It seemed as though &lt;strong&gt;the AI had focused only on the overall "polished feeling" of the image while missing the underlying structure that made the design work&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;As a result, the entire page ended up feeling cluttered and disorganized.&lt;/p&gt;

&lt;p&gt;To be honest, my only reaction was:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;"Wait... how did it end up like this?"&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;Because my earlier experiment had produced surprisingly good results, I had assumed the same thing would happen with my real project.&lt;/p&gt;

&lt;p&gt;Reality turned out to be much less forgiving.&lt;/p&gt;

&lt;p&gt;It was at this point that I finally realized &lt;strong&gt;I had misunderstood something important&lt;/strong&gt;.&lt;/p&gt;




&lt;h2&gt;
  
  
  The Problem Wasn't AI🔎
&lt;/h2&gt;

&lt;p&gt;My first thought was:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;"Maybe AI just isn't smart enough yet."&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;But the more I worked on the problem, the more I realized that the issue was somewhere else.&lt;/p&gt;

&lt;p&gt;I had only provided the AI with a finished design image.&lt;/p&gt;

&lt;p&gt;What I had not provided were the rules behind that design.&lt;/p&gt;

&lt;p&gt;For example:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;A color palette&lt;/li&gt;
&lt;li&gt;Typography rules&lt;/li&gt;
&lt;li&gt;Spacing guidelines&lt;/li&gt;
&lt;li&gt;Component variants&lt;/li&gt;
&lt;li&gt;A layout grid&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;None of those things had been defined.&lt;/p&gt;

&lt;p&gt;A human designer might be able to infer some of those details from an image.&lt;/p&gt;

&lt;p&gt;However, an AI generating designs through Figma MCP needs more than just a visual reference. &lt;strong&gt;It has to translate that image into actual components, layouts, and reusable design patterns&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;In other words, I was essentially saying:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;"Make it look like this image."&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;without having any design system in place.&lt;/p&gt;

&lt;p&gt;Looking back, it's no surprise that the results were disappointing.&lt;/p&gt;




&lt;h2&gt;
  
  
  Starting Over with Small Steps🚶‍♂️
&lt;/h2&gt;

&lt;p&gt;So I changed my approach.&lt;/p&gt;

&lt;p&gt;Instead of generating an entire page from the start, I decided to build the foundation first.&lt;/p&gt;

&lt;p&gt;I began by creating a design specification file and defining things such as:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Colors&lt;/li&gt;
&lt;li&gt;Typography&lt;/li&gt;
&lt;li&gt;Spacing&lt;/li&gt;
&lt;li&gt;Border radius values&lt;/li&gt;
&lt;li&gt;Shadows&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Next, I created small reusable components, including:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Buttons&lt;/li&gt;
&lt;li&gt;Cards&lt;/li&gt;
&lt;li&gt;Tags&lt;/li&gt;
&lt;li&gt;Navigation elements&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;I then defined variants such as:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Primary&lt;/li&gt;
&lt;li&gt;Secondary&lt;/li&gt;
&lt;li&gt;Outline&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Only after those pieces were in place did I move on to creating the page design itself.&lt;/p&gt;

&lt;p&gt;The results were dramatically better.&lt;/p&gt;

&lt;p&gt;The design was no longer chaotic, and the overall structure felt much more consistent.&lt;/p&gt;

&lt;p&gt;Communication with the AI also became smoother, and providing feedback or requesting changes became significantly easier.&lt;/p&gt;




&lt;h2&gt;
  
  
  It Still Wasn't Magic👻
&lt;/h2&gt;

&lt;p&gt;There was, however, one thing that surprised me.&lt;/p&gt;

&lt;p&gt;The design was definitely better.&lt;/p&gt;

&lt;p&gt;But the feeling I had during my first experiment—&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;"Wow, this is the future!"&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;—was gone.&lt;/p&gt;

&lt;p&gt;In the end, I still needed to:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Organize design tokens&lt;/li&gt;
&lt;li&gt;Design components&lt;/li&gt;
&lt;li&gt;Define variants&lt;/li&gt;
&lt;li&gt;Think through layouts&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;AI hadn't eliminated those tasks.&lt;/p&gt;

&lt;p&gt;Instead, I realized something different:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;The better your design system is, the more effectively you can use AI.&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;That felt much closer to reality.&lt;/p&gt;




&lt;h2&gt;
  
  
  What I Ended Up Doing🤖
&lt;/h2&gt;

&lt;p&gt;Eventually, I decided to base my portfolio design on shadcn/ui, which had been my original plan from the beginning.&lt;/p&gt;

&lt;p&gt;The reason was simple.&lt;/p&gt;

&lt;p&gt;A lot of work had already gone into defining:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Component architecture&lt;/li&gt;
&lt;li&gt;Variant patterns&lt;/li&gt;
&lt;li&gt;Design consistency&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;and those decisions had been validated by a large community of developers.&lt;/p&gt;

&lt;p&gt;To be clear, I still think Figma MCP and Codex are incredibly interesting technologies.&lt;/p&gt;

&lt;p&gt;Using them made it obvious that the gap between design and implementation is getting smaller.&lt;/p&gt;

&lt;p&gt;But the biggest lesson I learned was this:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;AI is not a replacement for a design system&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;AI can be an excellent assistant&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;However, it is not a magical tool that can automatically generate a complete and well-structured design from a vague idea alone.&lt;/p&gt;

&lt;p&gt;At least, not in the way I was hoping to use it.&lt;/p&gt;




&lt;h2&gt;
  
  
  What I Learned✨
&lt;/h2&gt;

&lt;p&gt;This experience taught me three important lessons:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Think about your design system before asking AI to generate pages.&lt;/li&gt;
&lt;li&gt;Design components before designing entire pages.&lt;/li&gt;
&lt;li&gt;Good results require clear rules and constraints.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;AI can create designs.&lt;/p&gt;

&lt;p&gt;But it cannot magically create a design system for you.&lt;/p&gt;

&lt;p&gt;Although the experience was a little frustrating, it ultimately helped me understand the importance of design systems far better than before.&lt;/p&gt;

</description>
      <category>beginners</category>
      <category>devjournal</category>
      <category>ai</category>
      <category>figma</category>
    </item>
    <item>
      <title>Weekly Dev Log 2026-W07</title>
      <dc:creator>Umitomo</dc:creator>
      <pubDate>Fri, 29 May 2026 00:18:11 +0000</pubDate>
      <link>https://dev.to/umitomo-lab/weekly-dev-log-2026-w07-3hab</link>
      <guid>https://dev.to/umitomo-lab/weekly-dev-log-2026-w07-3hab</guid>
      <description>&lt;h2&gt;
  
  
  🗓️ This Week
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Completed two more sections of the SwiftUI tutorial 🦾 As I continue working through the tutorial, I can feel my understanding of &lt;strong&gt;SwiftUI fundamentals becoming more solid&lt;/strong&gt;🔥&lt;/li&gt;
&lt;li&gt;It was &lt;strong&gt;my first time posting a standalone article&lt;/strong&gt; about reverse engineering📝 If you're interested, feel free to check it out 👇
&lt;div class="ltag__link--embedded"&gt;
  &lt;div class="crayons-story "&gt;
  &lt;a href="https://dev.to/umitomo-lab/a-curious-journey-into-reverse-engineering-an-ai-generated-python-exe-1n0b" class="crayons-story__hidden-navigation-link"&gt;A Curious Journey Into Reverse Engineering an AI-Generated Python .exe&lt;/a&gt;


  &lt;div class="crayons-story__body crayons-story__body-full_post"&gt;
    &lt;div class="crayons-story__top"&gt;
      &lt;div class="crayons-story__meta"&gt;
        &lt;div class="crayons-story__author-pic"&gt;

          &lt;a href="/umitomo-lab" class="crayons-avatar  crayons-avatar--l  "&gt;
            &lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3830906%2Ff8ab1f50-43b4-40ee-b21a-a120d3344f42.jpg" alt="umitomo-lab profile" class="crayons-avatar__image" width="800" height="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
        &lt;div&gt;
          &lt;div&gt;
            &lt;a href="/umitomo-lab" class="crayons-story__secondary fw-medium m:hidden"&gt;
              Umitomo
            &lt;/a&gt;
            &lt;div class="profile-preview-card relative mb-4 s:mb-0 fw-medium hidden m:inline-block"&gt;
              
                Umitomo
                
              
              &lt;div id="story-author-preview-content-3753093" class="profile-preview-card__content crayons-dropdown branded-7 p-4 pt-0"&gt;
                &lt;div class="gap-4 grid"&gt;
                  &lt;div class="-mt-4"&gt;
                    &lt;a href="/umitomo-lab" class="flex"&gt;
                      &lt;span class="crayons-avatar crayons-avatar--xl mr-2 shrink-0"&gt;
                        &lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3830906%2Ff8ab1f50-43b4-40ee-b21a-a120d3344f42.jpg" class="crayons-avatar__image" alt="" width="800" height="800"&gt;
                      &lt;/span&gt;
                      &lt;span class="crayons-link crayons-subtitle-2 mt-5"&gt;Umitomo&lt;/span&gt;
                    &lt;/a&gt;
                  &lt;/div&gt;
                  &lt;div class="print-hidden"&gt;
                    
                      Follow
                    
                  &lt;/div&gt;
                  &lt;div class="author-preview-metadata-container"&gt;&lt;/div&gt;
                &lt;/div&gt;
              &lt;/div&gt;
            &lt;/div&gt;

          &lt;/div&gt;
          &lt;a href="https://dev.to/umitomo-lab/a-curious-journey-into-reverse-engineering-an-ai-generated-python-exe-1n0b" class="crayons-story__tertiary fs-xs"&gt;&lt;time&gt;May 26&lt;/time&gt;&lt;span class="time-ago-indicator-initial-placeholder"&gt;&lt;/span&gt;&lt;/a&gt;
        &lt;/div&gt;
      &lt;/div&gt;

    &lt;/div&gt;

    &lt;div class="crayons-story__indention"&gt;
      &lt;h2 class="crayons-story__title crayons-story__title-full_post"&gt;
        &lt;a href="https://dev.to/umitomo-lab/a-curious-journey-into-reverse-engineering-an-ai-generated-python-exe-1n0b" id="article-link-3753093"&gt;
          A Curious Journey Into Reverse Engineering an AI-Generated Python .exe
        &lt;/a&gt;
      &lt;/h2&gt;
        &lt;div class="crayons-story__tags"&gt;
            &lt;a class="crayons-tag  crayons-tag--monochrome " href="/t/beginners"&gt;&lt;span class="crayons-tag__prefix"&gt;#&lt;/span&gt;beginners&lt;/a&gt;
            &lt;a class="crayons-tag  crayons-tag--monochrome " href="/t/reversing"&gt;&lt;span class="crayons-tag__prefix"&gt;#&lt;/span&gt;reversing&lt;/a&gt;
            &lt;a class="crayons-tag  crayons-tag--monochrome " href="/t/security"&gt;&lt;span class="crayons-tag__prefix"&gt;#&lt;/span&gt;security&lt;/a&gt;
            &lt;a class="crayons-tag  crayons-tag--monochrome " href="/t/python"&gt;&lt;span class="crayons-tag__prefix"&gt;#&lt;/span&gt;python&lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="crayons-story__bottom"&gt;
        &lt;div class="crayons-story__details"&gt;
          &lt;a href="https://dev.to/umitomo-lab/a-curious-journey-into-reverse-engineering-an-ai-generated-python-exe-1n0b" class="crayons-btn crayons-btn--s crayons-btn--ghost crayons-btn--icon-left"&gt;
            &lt;div class="multiple_reactions_aggregate"&gt;
              &lt;span class="multiple_reactions_icons_container"&gt;
                  &lt;span class="crayons_icon_container"&gt;
                    &lt;img src="https://assets.dev.to/assets/exploding-head-daceb38d627e6ae9b730f36a1e390fca556a4289d5a41abb2c35068ad3e2c4b5.svg" width="24" height="24"&gt;
                  &lt;/span&gt;
                  &lt;span class="crayons_icon_container"&gt;
                    &lt;img src="https://assets.dev.to/assets/multi-unicorn-b44d6f8c23cdd00964192bedc38af3e82463978aa611b4365bd33a0f1f4f3e97.svg" width="24" height="24"&gt;
                  &lt;/span&gt;
                  &lt;span class="crayons_icon_container"&gt;
                    &lt;img src="https://assets.dev.to/assets/sparkle-heart-5f9bee3767e18deb1bb725290cb151c25234768a0e9a2bd39370c382d02920cf.svg" width="24" height="24"&gt;
                  &lt;/span&gt;
              &lt;/span&gt;
              &lt;span class="aggregate_reactions_counter"&gt;6&lt;span class="hidden s:inline"&gt;&amp;nbsp;reactions&lt;/span&gt;&lt;/span&gt;
            &lt;/div&gt;
          &lt;/a&gt;
            &lt;a href="https://dev.to/umitomo-lab/a-curious-journey-into-reverse-engineering-an-ai-generated-python-exe-1n0b#comments" class="crayons-btn crayons-btn--s crayons-btn--ghost crayons-btn--icon-left flex items-center"&gt;
              

              &lt;span class="hidden s:inline"&gt;Add&amp;nbsp;Comment&lt;/span&gt;
            &lt;/a&gt;
        &lt;/div&gt;
        &lt;div class="crayons-story__save"&gt;
          &lt;small class="crayons-story__tertiary fs-xs mr-2"&gt;
            5 min read
          &lt;/small&gt;
            
              &lt;span class="bm-initial crayons-icon c-btn__icon"&gt;
                

              &lt;/span&gt;
              &lt;span class="bm-success crayons-icon c-btn__icon"&gt;
                

              &lt;/span&gt;
            
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
  &lt;/div&gt;
&lt;/div&gt;

&lt;/div&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;I started creating UI designs for my future portfolio website in Figma.&lt;/strong&gt; I was able to roughly sketch out the overall structure of the site, but I also realized &lt;strong&gt;how difficult it is to create modern and stylish UI designs.&lt;/strong&gt; (It really made me realize I don’t have much design sense yet 😂💦)&lt;/li&gt;
&lt;li&gt;While struggling with the design process, I came across several articles about &lt;strong&gt;Figma MCP&lt;/strong&gt;. That made me interested in exploring how generative AI could help with UI design ideas, so &lt;strong&gt;I decided to start researching Figma MCP further.&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;Completed &lt;strong&gt;Securing AI Systems&lt;/strong&gt; room from the AI Security Learning Path on TryHackMe this week🤖&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Worked through the SwiftUI tutorial and completed "Create an Algorithm for Badges" and "Add inclusive features"&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Posted my weekly dev log on Dev.to and a standalone article about my first attempt at reverse engineering 📝&lt;/li&gt;
&lt;li&gt;Created rough portfolio website UI layouts in Figma&lt;/li&gt;
&lt;li&gt;Used shadcn/ui component library design templates in Figma&lt;/li&gt;
&lt;li&gt;Started learning UI design in Figma using community resources&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Completed Securing AI Systems room (part of the AI Security Learning Path) on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  💡 Key Takeaways
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 SwiftUI Learning
&lt;/h2&gt;

&lt;h3&gt;
  
  
  Add inclusive features
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Learned that SwiftUI automatically adapts UI elements for Light and Dark Mode by default.&lt;/li&gt;
&lt;li&gt;Learned how to preview and compare Light and Dark Mode layouts in the Xcode canvas.&lt;/li&gt;
&lt;li&gt;Understood that system-provided semantic styles help SwiftUI automatically adjust UI appearance.&lt;/li&gt;
&lt;li&gt;Learned that SwiftUI uses view modifiers to customize &lt;code&gt;ScrollView&lt;/code&gt; behavior.&lt;/li&gt;
&lt;li&gt;Understood that &lt;code&gt;.scrollBounceBehavior(.basedOnSize)&lt;/code&gt; only enables bouncing when the content is larger than the visible area.&lt;/li&gt;
&lt;li&gt;Learned that &lt;code&gt;.defaultScrollAnchor(.center, for: .alignment)&lt;/code&gt; centers smaller content inside a &lt;code&gt;ScrollView&lt;/code&gt;.&lt;/li&gt;
&lt;li&gt;Learned that the &lt;code&gt;dynamicTypeSize&lt;/code&gt; modifier can be applied to any SwiftUI view.&lt;/li&gt;
&lt;li&gt;Learned how &lt;code&gt;AttributedString(localized:)&lt;/code&gt; supports localization-aware text in SwiftUI.&lt;/li&gt;
&lt;li&gt;Understood that &lt;code&gt;(inflect: true)&lt;/code&gt; automatically changes words like “Day” and “Days” based on the number value.&lt;/li&gt;
&lt;li&gt;Learned that SwiftUI can apply different font styles to specific parts of an &lt;code&gt;AttributedString&lt;/code&gt;.&lt;/li&gt;
&lt;li&gt;Realized that Apple provides built-in grammar inflection support for more natural localized UI text.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development Learning
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Reviewed several useful functions in Figma&lt;/li&gt;
&lt;li&gt;Learned the importance of focusing on the overall page layout before designing detailed UI components&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 TryHackMe Learning
&lt;/h2&gt;

&lt;h3&gt;
  
  
  Securing AI Systems
&lt;/h3&gt;

&lt;h4&gt;
  
  
  Task 2 Anatomy of an AI System
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Traditional apps use deterministic logic, while AI systems rely on probabilistic model inference.&lt;/li&gt;
&lt;li&gt;AI systems accept free-form natural language, making input validation much harder.&lt;/li&gt;
&lt;li&gt;Prompt Construction combines the system prompt, user input, and retrieved context before sending data to the LLM.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;RAG&lt;/strong&gt; allows LLMs to retrieve external knowledge from a vector store or other data sources.&lt;/li&gt;
&lt;li&gt;A vector store contains embedded representations of internal documentation for retrieval-augmented generation (RAG)&lt;/li&gt;
&lt;li&gt;Trust boundaries are points where data moves between different security contexts.&lt;/li&gt;
&lt;li&gt;Major trust boundaries include user-to-system, system-to-LLM, LLM-to-tools, and system-to-user.&lt;/li&gt;
&lt;li&gt;LLM-to-tools is especially sensitive because model output can trigger real actions.&lt;/li&gt;
&lt;li&gt;Tool layers may execute database queries, API calls, or file operations on behalf of the LLM.&lt;/li&gt;
&lt;li&gt;Security controls are needed at every boundary to reduce prompt injection and data leakage risks.&lt;/li&gt;
&lt;/ul&gt;

&lt;h4&gt;
  
  
  Task3 The AI Attack Surface
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Studied the &lt;strong&gt;OWASP LLM Top 10&lt;/strong&gt; and how major risks affect AI-integrated systems.&lt;/li&gt;
&lt;li&gt;Learned that &lt;strong&gt;MITRE ATLAS&lt;/strong&gt; documents adversary tactics and exploitation techniques for AI systems.&lt;/li&gt;
&lt;li&gt;Studied how &lt;strong&gt;the NIST AI RMF&lt;/strong&gt; approaches AI security from a governance and risk management perspective.&lt;/li&gt;
&lt;li&gt;Learned the difference between OWASP (vulnerabilities), ATLAS (attack techniques), and NIST AI RMF (risk governance).&lt;/li&gt;
&lt;/ul&gt;

&lt;h4&gt;
  
  
  Task4 System-Level Threats
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Studied how LLM10 Unbounded Consumption can cause resource exhaustion and extreme cost increases through excessive requests.&lt;/li&gt;
&lt;li&gt;Learned that system prompts may leak internal rules, tool information, and architecture details if exposed.(LLM07).&lt;/li&gt;
&lt;li&gt;Understood that LLM output must never be trusted as safe input for downstream systems.(LLM05)&lt;/li&gt;
&lt;li&gt;Learned that Excessive Agency occurs when AI systems are given unnecessary permissions, tools, or autonomy.(LLM06)&lt;/li&gt;
&lt;li&gt;Learned that users may unintentionally leak sensitive information when using AI systems.(LLM02)&lt;/li&gt;
&lt;li&gt;Studied how the OWASP LLM risks relate to the CIA triad across confidentiality, integrity, and availability.&lt;/li&gt;
&lt;/ul&gt;

&lt;h4&gt;
  
  
  Task 5 Secure Design Patterns
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Learned that security controls are most effective when applied during the design stage of AI systems.&lt;/li&gt;
&lt;li&gt;Learned that layered controls reduce the risk of end-to-end attack success.&lt;/li&gt;
&lt;li&gt;Understood &lt;strong&gt;the importance of least privilege for AI tools, API tokens, and database access.&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;Learned that write operations should require human approval before execution.&lt;/li&gt;
&lt;li&gt;Studied how input and output validation reduce &lt;strong&gt;prompt injection&lt;/strong&gt; and downstream injection risks.&lt;/li&gt;
&lt;li&gt;Learned that &lt;strong&gt;MLSecOps&lt;/strong&gt; integrates security throughout the AI and machine learning lifecycle.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🚀 Next Week
&lt;/h1&gt;

&lt;ul&gt;
&lt;li&gt;Complete the badge algorithm in the SwiftUI tutorial.&lt;/li&gt;
&lt;li&gt;Continue posting small articles on Dev.to.&lt;/li&gt;
&lt;li&gt;Explore Figma MCP and experiment with generating UI design ideas using AI.&lt;/li&gt;
&lt;li&gt;Continue working on the AI Security Learning Path.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🌈 Goals for This Year
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Build a solid foundation in SwiftUI and create at least one iOS app.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue posting learning logs on Dev.to and eventually turn them into a portfolio site using React Router v7.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue learning cybersecurity on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>beginners</category>
      <category>devjournal</category>
      <category>security</category>
      <category>swift</category>
    </item>
    <item>
      <title>A Curious Journey Into Reverse Engineering an AI-Generated Python .exe</title>
      <dc:creator>Umitomo</dc:creator>
      <pubDate>Tue, 26 May 2026 05:02:08 +0000</pubDate>
      <link>https://dev.to/umitomo-lab/a-curious-journey-into-reverse-engineering-an-ai-generated-python-exe-1n0b</link>
      <guid>https://dev.to/umitomo-lab/a-curious-journey-into-reverse-engineering-an-ai-generated-python-exe-1n0b</guid>
      <description>&lt;h2&gt;
  
  
  Introduction
&lt;/h2&gt;

&lt;p&gt;I usually post weekly learning and development updates on Dev.to📝&lt;/p&gt;

&lt;p&gt;This time, however, I decided to write a standalone article about something a little different — my first attempt at reverse engineering🦾&lt;/p&gt;

&lt;p&gt;What started as simple curiosity quickly turned into an exciting journey of uncovering how a modern AI-generated Python application was actually structured internally🔎&lt;/p&gt;

&lt;h2&gt;
  
  
  TL;DR
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Reverse engineered a PyInstaller-based Python &lt;code&gt;.exe&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;Reconstructed a surprisingly large portion of the application's architecture from the packaged &lt;code&gt;.exe&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;Analyzed &lt;code&gt;.pyc&lt;/code&gt; files using tools like &lt;code&gt;strings&lt;/code&gt;, &lt;code&gt;pycdc&lt;/code&gt;, and &lt;code&gt;pycdas&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;Learned how React/Vite frontend assets can be bundled into a standalone executable&lt;/li&gt;
&lt;li&gt;Realized how difficult production frontend bundles are to understand without the original source code&lt;/li&gt;
&lt;li&gt;Thought deeply about maintainability in the age of AI-generated applications&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  What I Reverse Engineered
&lt;/h1&gt;

&lt;p&gt;As someone who works in IT administration and internal tooling, I often become curious about how applications are actually built under the hood.&lt;/p&gt;

&lt;p&gt;This time, a coworker showed me a PDF-processing desktop application that had been created with the help of generative AI.&lt;/p&gt;

&lt;p&gt;The overall architecture had already been explained to me verbally beforehand.&lt;br&gt;
However, that led me to a simple but exciting question:&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;How much of an application's internal structure can actually be reconstructed just by reverse engineering the final &lt;code&gt;.exe&lt;/code&gt; file?&lt;/p&gt;
&lt;/blockquote&gt;

&lt;p&gt;That curiosity became the starting point of this exploration.&lt;/p&gt;

&lt;p&gt;The application itself was a harmless internal utility designed for local use, and this investigation was performed purely within an authorized and educational context.&lt;/p&gt;

&lt;p&gt;Rather than trying to analyze malware or bypass protections, I wanted to understand:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;What information remains inside packaged executables&lt;/li&gt;
&lt;li&gt;How modern Python applications are bundled&lt;/li&gt;
&lt;li&gt;Whether frontend/backend structures could still be inferred after packaging&lt;/li&gt;
&lt;li&gt;How much architectural detail could realistically be reconstructed from compiled artifacts alone&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;What made the process especially exciting was slowly piecing together the architecture from small clues hidden inside the executable.&lt;/p&gt;


&lt;h1&gt;
  
  
  Reverse Engineering Environment Setup
&lt;/h1&gt;

&lt;p&gt;Since I was using Kali Linux on WSL for this experiment, I first prepared a small reverse engineering workspace.&lt;/p&gt;
&lt;h2&gt;
  
  
  Creating a Python Virtual Environment
&lt;/h2&gt;


&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nb"&gt;mkdir&lt;/span&gt; &lt;span class="nt"&gt;-p&lt;/span&gt; ~/reverse
&lt;span class="nb"&gt;cd&lt;/span&gt; ~/reverse

python3 &lt;span class="nt"&gt;-m&lt;/span&gt; venv venv
&lt;span class="nb"&gt;source &lt;/span&gt;venv/bin/activate
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;


&lt;p&gt;At first, the virtual environment failed because &lt;code&gt;python3-venv&lt;/code&gt; was missing:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nb"&gt;sudo &lt;/span&gt;apt &lt;span class="nb"&gt;install &lt;/span&gt;python3.13-venv
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;After that, I recreated the environment successfully.&lt;/p&gt;




&lt;h2&gt;
  
  
  Installing Basic Analysis Tools
&lt;/h2&gt;

&lt;p&gt;I installed a few basic tools for inspecting the executable and analyzing Python bytecode.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;pip &lt;span class="nb"&gt;install &lt;/span&gt;pyinstaller
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;I also installed &lt;code&gt;binutils&lt;/code&gt; so I could use &lt;code&gt;strings&lt;/code&gt;:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nb"&gt;sudo &lt;/span&gt;apt &lt;span class="nb"&gt;install &lt;/span&gt;binutils
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;






&lt;h2&gt;
  
  
  Building &lt;code&gt;pycdc&lt;/code&gt;
&lt;/h2&gt;

&lt;p&gt;To inspect &lt;code&gt;.pyc&lt;/code&gt; files more deeply, I built &lt;code&gt;pycdc&lt;/code&gt; from source:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nb"&gt;sudo &lt;/span&gt;apt &lt;span class="nb"&gt;install&lt;/span&gt; &lt;span class="nt"&gt;-y&lt;/span&gt; cmake g++ git

&lt;span class="nb"&gt;mkdir&lt;/span&gt; &lt;span class="nt"&gt;-p&lt;/span&gt; ~/reverse/tools
&lt;span class="nb"&gt;cd&lt;/span&gt; ~/reverse/tools

git clone https://github.com/zrax/pycdc.git

&lt;span class="nb"&gt;cd &lt;/span&gt;pycdc
&lt;span class="nb"&gt;mkdir &lt;/span&gt;build
&lt;span class="nb"&gt;cd &lt;/span&gt;build

cmake ..
make &lt;span class="nt"&gt;-j4&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This generated:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;pycdc
pycdas
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;which I later used to inspect Python bytecode files.&lt;/p&gt;




&lt;h2&gt;
  
  
  Extracting the PyInstaller Executable
&lt;/h2&gt;

&lt;p&gt;After confirming the executable was likely packaged with PyInstaller, I used &lt;code&gt;pyinstxtractor&lt;/code&gt; to extract its contents:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;git clone https://github.com/extremecoders-re/pyinstxtractor.git
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Then:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nb"&gt;cd&lt;/span&gt; ~/reverse/pdf_exe

python ~/reverse/pyinstxtractor/pyinstxtractor.py PDF.exe
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This generated a directory like:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;PDF.exe_extracted/
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Inside the extracted directory, I was finally able to inspect files such as:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;app.pyc
pdf_stamp_processor.pyc
pdf-stamp-frontend/dist
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This was the point where the application's overall structure started becoming much clearer.&lt;/p&gt;




&lt;h1&gt;
  
  
  How I Reverse Engineered It
&lt;/h1&gt;

&lt;h2&gt;
  
  
  Step 1 — Running &lt;code&gt;strings&lt;/code&gt;
&lt;/h2&gt;

&lt;p&gt;I first started with:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;strings PDF.exe
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Very quickly, I noticed Python-related strings:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;python313.dll
pyi-python-flag
...
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This strongly suggested that the application had been packaged using PyInstaller.&lt;/p&gt;




&lt;h2&gt;
  
  
  Step 2 — Inspecting the PyInstaller Archive
&lt;/h2&gt;

&lt;p&gt;Next, I used:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;pyi-archive_viewer PDF.exe
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This helped confirm that the executable had been packaged using PyInstaller and allowed me to inspect the internal archive structure.&lt;/p&gt;




&lt;h2&gt;
  
  
  Step 3 — Analyzing &lt;code&gt;.pyc&lt;/code&gt; Files
&lt;/h2&gt;

&lt;p&gt;I then used:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;pycdc
pycdas
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;to inspect the extracted Python bytecode files.&lt;/p&gt;

&lt;p&gt;However, when running &lt;code&gt;pycdc&lt;/code&gt;, I noticed that some parts of the bytecode could not be fully reconstructed.&lt;/p&gt;

&lt;p&gt;In many cases, the output stopped after displaying messages like:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Unsupported opcode: CALL_KW (247)
from fastapi import FastAPI, File, UploadFile, Form, HTTPException
...
# WARNING: Decompyle incomplete
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Instead of fully recovering the original source code, I had to combine multiple fragmented clues together:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Partial pycdc output&lt;/li&gt;
&lt;li&gt;pycdas disassembly output&lt;/li&gt;
&lt;li&gt;Extracted strings&lt;/li&gt;
&lt;li&gt;Module names&lt;/li&gt;
&lt;li&gt;API route names&lt;/li&gt;
&lt;li&gt;Library imports&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;I also used generative AI to help interpret and organize those fragmented technical details while reconstructing the application's architecture.&lt;/p&gt;

&lt;p&gt;Even with incomplete reconstruction, I was still able to identify:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;FastAPI routes&lt;/li&gt;
&lt;li&gt;PDF processing logic&lt;/li&gt;
&lt;li&gt;OpenCV-based blank-space detection&lt;/li&gt;
&lt;li&gt;PyMuPDF page rendering&lt;/li&gt;
&lt;li&gt;Automatic browser launching&lt;/li&gt;
&lt;li&gt;Local API endpoints such as:
&lt;/li&gt;
&lt;/ul&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;/api/scan
/api/stamp_and_merge
/api/shutdown
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;






&lt;h2&gt;
  
  
  Step 4 — Investigating the Frontend
&lt;/h2&gt;

&lt;p&gt;The frontend bundle was much harder to understand.&lt;/p&gt;

&lt;p&gt;The built JavaScript looked like this:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight javascript"&gt;&lt;code&gt;&lt;span class="kd"&gt;var&lt;/span&gt; &lt;span class="nx"&gt;e&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="nb"&gt;Object&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;create&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="nx"&gt;t&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="nb"&gt;Object&lt;/span&gt;&lt;span class="p"&gt;.&lt;/span&gt;&lt;span class="nx"&gt;defineProperty&lt;/span&gt;&lt;span class="p"&gt;,...&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;At first, it felt almost impossible to read.&lt;/p&gt;

&lt;p&gt;The extracted JavaScript was difficult to understand, and I could not initially tell what kind of frontend structure had originally existed before packaging.&lt;/p&gt;

&lt;p&gt;By combining:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;The extracted dist/ directory structure&lt;/li&gt;
&lt;li&gt;The bundled JavaScript files&lt;/li&gt;
&lt;li&gt;API communication behavior observed in the browser developer tools&lt;/li&gt;
&lt;li&gt;And explanations generated through conversations with AI&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;I gradually started to understand how the frontend had likely been packaged and bundled, and that the application was probably using a modern frontend workflow similar to React/Vite.&lt;/p&gt;

&lt;p&gt;At the same time, I also realized that the original frontend source structure itself was no longer included inside the executable.&lt;/p&gt;




&lt;h1&gt;
  
  
  Reconstructing the Architecture
&lt;/h1&gt;

&lt;p&gt;By combining clues from strings, embedded &lt;code&gt;.pyc&lt;/code&gt; files, frontend assets, and API routes, I was eventually able to reconstruct a rough picture of the application's architecture:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;PDF.exe
    ↓
Launch FastAPI server
    ↓
Open browser automatically
    ↓
Serve React frontend
    ↓
React sends API requests
    ↓
Python processes PDFs locally
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The application was not rendering a desktop GUI directly.&lt;/p&gt;

&lt;p&gt;Instead:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;FastAPI served static frontend files&lt;/li&gt;
&lt;li&gt;React rendered the UI inside the browser&lt;/li&gt;
&lt;li&gt;Python handled backend processing&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;What fascinated me most was not simply discovering the architecture itself, but realizing how much of it could still be reconstructed purely from packaged artifacts.&lt;/p&gt;




&lt;h1&gt;
  
  
  What I Learned
&lt;/h1&gt;

&lt;h2&gt;
  
  
  Reverse Engineering Can Reveal More Than I Expected
&lt;/h2&gt;

&lt;p&gt;Before starting this experiment, I assumed that most of an application's architecture would disappear once everything had been packaged into a standalone &lt;code&gt;.exe&lt;/code&gt;.&lt;/p&gt;

&lt;p&gt;However, I was surprised by how many clues still remained inside the executable:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Python runtime artifacts&lt;/li&gt;
&lt;li&gt;PyInstaller structures&lt;/li&gt;
&lt;li&gt;Embedded &lt;code&gt;.pyc&lt;/code&gt; files&lt;/li&gt;
&lt;li&gt;Frontend build outputs&lt;/li&gt;
&lt;li&gt;API routes&lt;/li&gt;
&lt;li&gt;Localhost references&lt;/li&gt;
&lt;li&gt;Technology-specific strings&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;By connecting those small clues together step by step, I was able to reconstruct a surprisingly large portion of the application's overall architecture.&lt;/p&gt;

&lt;p&gt;That process itself was one of the most exciting parts of the experience.&lt;/p&gt;




&lt;h2&gt;
  
  
  “Working Software” and “Understandable Software” Are Different Things
&lt;/h2&gt;

&lt;p&gt;This experience also made me think deeply about AI-generated applications and software maintainability.&lt;/p&gt;

&lt;p&gt;Generative AI can absolutely help create working applications quickly.&lt;br&gt;
However, once only compiled artifacts remain, reconstructing the original design and development intent becomes much harder.&lt;/p&gt;

&lt;p&gt;Even after reverse engineering the executable, I still could not fully reconstruct the original frontend source code or understand every implementation detail.&lt;/p&gt;

&lt;p&gt;That limitation itself became an important lesson for me.&lt;/p&gt;

&lt;p&gt;It reminded me that understanding software architecture and preserving maintainable source structures are just as important as making software work.&lt;/p&gt;

&lt;p&gt;Especially in the age of AI-assisted development.&lt;/p&gt;




&lt;h1&gt;
  
  
  Final Thoughts
&lt;/h1&gt;

&lt;p&gt;This reverse engineering journey was honestly a lot of fun.&lt;/p&gt;

&lt;p&gt;What made the experience especially enjoyable was gradually reconstructing the application's architecture from small technical clues hidden inside the executable.&lt;/p&gt;

&lt;p&gt;At the same time, the experience gave me a deeper appreciation for software architecture, maintainability, and the importance of preserving understandable source code alongside AI-generated applications.&lt;/p&gt;

</description>
      <category>beginners</category>
      <category>reversing</category>
      <category>security</category>
      <category>python</category>
    </item>
    <item>
      <title>Weekly Dev Log 2026-W06</title>
      <dc:creator>Umitomo</dc:creator>
      <pubDate>Thu, 21 May 2026 01:25:54 +0000</pubDate>
      <link>https://dev.to/umitomo-lab/weekly-dev-log-2026-w06-52do</link>
      <guid>https://dev.to/umitomo-lab/weekly-dev-log-2026-w06-52do</guid>
      <description>&lt;h2&gt;
  
  
  🗓️ This Week
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Made a little more progress in the SwiftUI tutorial🦾&lt;/li&gt;
&lt;li&gt;Started the journey of building my future portfolio site✈️ First, I created the project files and set up a repository on GitHub. I also started reserching React Router v7 by reading its documentation. I'm moving forward little by little🔥&lt;/li&gt;
&lt;li&gt;Completed the ContAInment room from the AI Security Learning Path on TryHackMe this week🤖&lt;/li&gt;
&lt;/ul&gt;




&lt;h3&gt;
  
  
  💡 Thoughts on the ContAInment Room
&lt;/h3&gt;

&lt;p&gt;This room was a hands-on investigation exercise set in a scenario where a company had suffered a security breach, resulting in important data being encrypted and used for blackmail. The goal was to investigate the compromised environment and discover the hidden flags🔎&lt;/p&gt;

&lt;p&gt;I felt that this room built nicely on the concepts I learned in the previous AI Forensics room. One thing I especially enjoyed was solving the investigation by using a dedicated &lt;strong&gt;AI assistant&lt;/strong&gt; available inside the victim environment🤖&lt;/p&gt;

&lt;p&gt;As I worked through the challenge, I had to think carefully about what looked suspicious and follow clues step by step while actively using Linux commands. It also turned out to be &lt;strong&gt;a great review of Linux operations and practical investigation workflows&lt;/strong&gt;🔥&lt;/p&gt;




&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Worked through the SwiftUI tutorial and completed Sections 7 and 8: "Create an Algorithm for Badges"&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Posted my weekly dev log on Dev.to 📝&lt;/li&gt;
&lt;li&gt;Created a new React Router v7 project for my future portfolio site.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Completed the ContAInment room (part of the AI Security Learning Path) on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  💡 Key Takeaways
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 SwiftUI Learning
&lt;/h2&gt;

&lt;h3&gt;
  
  
  Section 8: Calculate and Show Streaks
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Learned how to calculate a daily streak by comparing saved dates with the current day.&lt;/li&gt;
&lt;li&gt;Understood how reversing the array helps process moments from newest to oldest.&lt;/li&gt;
&lt;li&gt;Learned how &lt;code&gt;map&lt;/code&gt; and &lt;code&gt;compactMap&lt;/code&gt; can transform &lt;code&gt;Moment&lt;/code&gt; objects into simple day offsets like &lt;code&gt;[0, 1, 2]&lt;/code&gt;.&lt;/li&gt;
&lt;li&gt;Understood how &lt;code&gt;Calendar.dateComponents&lt;/code&gt; calculates date differences in calendar-based units.&lt;/li&gt;
&lt;li&gt;Learned that multiple moments on the same day should count as a single streak day.&lt;/li&gt;
&lt;li&gt;Realized that the &lt;code&gt;streak&lt;/code&gt; variable represents the next expected day offset during the calculation.&lt;/li&gt;
&lt;li&gt;Learned that comparing &lt;code&gt;daysAgo == streak&lt;/code&gt; is a simple way to detect consecutive days.&lt;/li&gt;
&lt;li&gt;Understood why using the end of the current day makes streak calculations more stable and predictable.&lt;/li&gt;
&lt;li&gt;Learned that &lt;code&gt;@ViewBuilder&lt;/code&gt; is used to build conditional or multiple-view UI structures, while &lt;code&gt;Group&lt;/code&gt; is mainly used to organize existing views or share modifiers without affecting layout.&lt;/li&gt;
&lt;li&gt;Understood that &lt;code&gt;VStack&lt;/code&gt; creates all child views immediately, whereas &lt;code&gt;LazyVStack&lt;/code&gt; generates views only when they become visible on screen.&lt;/li&gt;
&lt;li&gt;Realized that &lt;code&gt;LazyVStack&lt;/code&gt; is more suitable for scrollable, data-driven UIs with many or heavy views because it improves memory efficiency and performance.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development Learning
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;React Router v7 Framework Mode is similar to Remix, so my Remix experience will still be useful.&lt;/li&gt;
&lt;li&gt;
&lt;code&gt;root.tsx&lt;/code&gt;, &lt;code&gt;routes.ts&lt;/code&gt;, and route files work together to render each page.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 TryHackMe Learning
&lt;/h2&gt;

&lt;h3&gt;
  
  
  ContAInment
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Identified useful indicators from attacker notes and used them to recover encrypted files.&lt;/li&gt;
&lt;li&gt;Practiced DFIR-style investigation by following clues across logs, archives, and extracted data.&lt;/li&gt;
&lt;li&gt;Used AI-assisted forensic tools to analyze encoded flag candidates and identify the correct flag.&lt;/li&gt;
&lt;li&gt;Improved my understanding of how AI systems themselves can become targets in modern cyberattacks.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🚀 Next Week
&lt;/h1&gt;

&lt;ul&gt;
&lt;li&gt;Complete the badge algorithm in the SwiftUI tutorial.&lt;/li&gt;
&lt;li&gt;Continue posting small articles on Dev.to and start creating Web UI designs in Figma.&lt;/li&gt;
&lt;li&gt;Continue working on the AI Security Learning Path.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🌈 Goals for This Year
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Build a solid foundation in SwiftUI and create at least one iOS app.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue posting learning logs on Dev.to and eventually turn them into a portfolio site using React Router v7.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue learning cybersecurity on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>beginners</category>
      <category>devjournal</category>
      <category>security</category>
      <category>swift</category>
    </item>
    <item>
      <title>Weekly Dev Log 2026-W05</title>
      <dc:creator>Umitomo</dc:creator>
      <pubDate>Fri, 15 May 2026 04:44:53 +0000</pubDate>
      <link>https://dev.to/umitomo-lab/weekly-dev-log-2026-w05-3f1g</link>
      <guid>https://dev.to/umitomo-lab/weekly-dev-log-2026-w05-3f1g</guid>
      <description>&lt;h2&gt;
  
  
  🗓️ This Week
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Made a little more progress in the SwiftUI tutorial.&lt;/li&gt;
&lt;li&gt;Started researching web technology stacks and creating a roadmap to gradually turn my current blog into a portfolio site using React Router v7. I'm moving forward little by little.&lt;/li&gt;
&lt;li&gt;Completed the AI Forensics room from the AI Security Learning Path on TryHackMe this week.&lt;/li&gt;
&lt;/ul&gt;




&lt;h3&gt;
  
  
  💡 Thoughts on the AI Forensics Room
&lt;/h3&gt;

&lt;p&gt;The AI Forensics room was much deeper and more challenging than I initially expected, and each task took a significant amount of time to complete. However, it turned out to be an incredibly valuable learning experience 🔥&lt;/p&gt;

&lt;p&gt;Task 5, &lt;strong&gt;"Practical - The Digital Trail,"&lt;/strong&gt; was especially impressive. It was a story-driven hands-on investigation where I analyzed a compromised company environment after attackers stole critical proprietary source code 🔎&lt;/p&gt;

&lt;p&gt;Instead of simply reading explanations, I had to actively investigate logs, suspicious files, reverse shells, persistence mechanisms, and data exfiltration activity step by step.&lt;/p&gt;

&lt;p&gt;Because I was constantly thinking, investigating, and connecting the dots myself, the experience felt far more practical and realistic. It gave me a much deeper understanding of how AI-assisted DFIR investigations work in real-world scenarios.&lt;/p&gt;

&lt;p&gt;One of the biggest lessons I learned from this room was that &lt;strong&gt;AI is a powerful tool, but human insight is still essential.&lt;/strong&gt; AI can quickly detect suspicious activity, but investigators still need to analyze the context and validate the findings themselves.&lt;/p&gt;




&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Worked through the SwiftUI tutorial and completed Sections 6 and 7: "Create an Algorithm for Badges"&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Posted my weekly dev log on Dev.to 📝&lt;/li&gt;
&lt;li&gt;Researched how to transform my current blog site into the portfolio site I want to build in the future.&lt;/li&gt;
&lt;li&gt;Created a roadmap with ChatGPT to gradually turn my blog site into a portfolio site.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Completed the AI Forensics room (part of the AI Security Learning Path) on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  💡 Key Takeaways
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 SwiftUI Review
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Reviewed how SwiftData automatically creates relationships between &lt;code&gt;@Model&lt;/code&gt; objects through model properties.&lt;/li&gt;
&lt;li&gt;Understood how bidirectional relationships work between &lt;code&gt;Moment&lt;/code&gt; and &lt;code&gt;Badge&lt;/code&gt; models.&lt;/li&gt;
&lt;li&gt;Learned that &lt;code&gt;Group&lt;/code&gt; is useful when applying modifiers to conditionally displayed views.&lt;/li&gt;
&lt;li&gt;Realized that SwiftUI modifiers can only be attached to actual views, not directly to an &lt;code&gt;if&lt;/code&gt; statement.&lt;/li&gt;
&lt;li&gt;Reviewed how &lt;code&gt;@ViewBuilder&lt;/code&gt; allows a custom SwiftUI view to accept and display child views passed from outside.&lt;/li&gt;
&lt;li&gt;Understood that &lt;code&gt;.offset(y:)&lt;/code&gt; moves a view from its original position to fine-tune layouts.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🔐 TryHackMe Learning
&lt;/h2&gt;

&lt;h3&gt;
  
  
  AI Forensics Task 3 — AI &amp;amp; DFIR
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Learned how AI and machine learning are transforming modern DFIR investigations.&lt;/li&gt;
&lt;li&gt;Studied how CNN models can detect image tampering and manipulated content.&lt;/li&gt;
&lt;li&gt;Learned how machine learning is used in dynamic malware analysis.&lt;/li&gt;
&lt;li&gt;Understood that API call sequences represent program behavior patterns.&lt;/li&gt;
&lt;li&gt;Studied how API sequences can be converted into 2D images for AI analysis.&lt;/li&gt;
&lt;li&gt;Learned why CNN-based image recognition models can classify malware behavior.&lt;/li&gt;
&lt;li&gt;Learned how NLP models help identify phishing emails and suspicious communications.&lt;/li&gt;
&lt;li&gt;Understood how AI can reconstruct incident timelines from fragmented evidence.&lt;/li&gt;
&lt;li&gt;Studied how AI accelerates forensic analysis and improves detection capabilities.&lt;/li&gt;
&lt;li&gt;Understood that AI enhances human investigators rather than replacing them.&lt;/li&gt;
&lt;li&gt;Learned the importance of combining AI-assisted analysis with human expertise in cybersecurity.&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  AI Forensics Task 4 — AI Legal &amp;amp; Ethical Implications
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Learned that AI in forensics must be explainable and defensible in court.&lt;/li&gt;
&lt;li&gt;Understood how “black box” AI models can weaken the credibility of digital evidence.&lt;/li&gt;
&lt;li&gt;Learned that biased AI systems can lead to real-world injustice and wrongful accusations.&lt;/li&gt;
&lt;li&gt;Studied the importance of maintaining chain of custody and audit trails when using AI in DFIR.&lt;/li&gt;
&lt;li&gt;Understood why undocumented AI processing can make forensic evidence legally challengeable.&lt;/li&gt;
&lt;li&gt;Learned that privacy and legal compliance are critical when handling sensitive evidence with AI tools.&lt;/li&gt;
&lt;li&gt;Studied how Federated Learning and offline AI environments help preserve privacy.&lt;/li&gt;
&lt;li&gt;Learned that AI should enhance human investigators, not replace human judgment and responsibility.&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  AI Forensics Task 5 — Practical: The Digital Trail
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Learned how AI and machine learning can support DFIR investigations by identifying suspicious logs and files.&lt;/li&gt;
&lt;li&gt;Studied how attackers use reverse shells to gain and maintain remote access to compromised systems.&lt;/li&gt;
&lt;li&gt;Learned how hidden files, &lt;code&gt;/tmp&lt;/code&gt;, and &lt;code&gt;/dev/shm&lt;/code&gt; are commonly abused for stealth and persistence.&lt;/li&gt;
&lt;li&gt;Understood how attackers disguise malicious tools as legitimate system utilities to evade detection.&lt;/li&gt;
&lt;li&gt;Studied how SSH key abuse and &lt;code&gt;authorized_keys&lt;/code&gt; modification can enable stealthy privilege escalation.&lt;/li&gt;
&lt;li&gt;Learned how fake telemetry logs and masquerading techniques help attackers blend into normal environments.&lt;/li&gt;
&lt;li&gt;Understood how compressed and Base64-encoded archives can be staged for data exfiltration.&lt;/li&gt;
&lt;li&gt;Learned how DFIR investigations connect evidence from logs, bash history, suspicious files, and network activity.&lt;/li&gt;
&lt;li&gt;Studied how AI can misclassify legitimate files as suspicious, highlighting the importance of human validation.&lt;/li&gt;
&lt;li&gt;Learned that AI enhances investigations, but human reasoning and contextual analysis remain essential in DFIR.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🚀 Next Week
&lt;/h1&gt;

&lt;ul&gt;
&lt;li&gt;Complete the badge algorithm in the SwiftUI tutorial.&lt;/li&gt;
&lt;li&gt;Continue posting small articles on Dev.to.&lt;/li&gt;
&lt;li&gt;Continue working on the AI Security Learning Path.&lt;/li&gt;
&lt;/ul&gt;




&lt;h1&gt;
  
  
  🌈 Goals for This Year
&lt;/h1&gt;

&lt;h2&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Build a solid foundation in SwiftUI and create at least one iOS app.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🌐 Web Development
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue posting learning logs on Dev.to and eventually turn them into a portfolio site using React Router v7.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue learning cybersecurity on TryHackMe.&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>beginners</category>
      <category>devjournal</category>
      <category>security</category>
      <category>swift</category>
    </item>
    <item>
      <title>Weekly Dev Log 2026-W04</title>
      <dc:creator>Umitomo</dc:creator>
      <pubDate>Sat, 09 May 2026 05:36:45 +0000</pubDate>
      <link>https://dev.to/umitomo-lab/weekly-dev-log-2026-w04-26k1</link>
      <guid>https://dev.to/umitomo-lab/weekly-dev-log-2026-w04-26k1</guid>
      <description>&lt;h2&gt;
  
  
  🗓️ This Week
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;I had a long holiday during Golden Week in Japan and really enjoyed the break!&lt;/li&gt;
&lt;li&gt;Because of that, I didn't have as much learning time compared to last week 😂&lt;/li&gt;
&lt;li&gt;I made a little more progress in the SwiftUI tutorial&lt;/li&gt;
&lt;li&gt;It was my first time using GitHub Copilot in Xcode, and I tried using the chat feature to generate unit tests. I'd also like to gradually explore more advanced features such as custom instructions.&lt;/li&gt;
&lt;/ul&gt;

&lt;blockquote&gt;
&lt;p&gt;I also want to thank everyone who commented on my previous &lt;a href="https://dev.to/umitomo-lab/weekly-dev-log-2026-w03-30a6"&gt;Weekly Dev Log 2026-W03&lt;/a&gt;✨&lt;/p&gt;

&lt;p&gt;Since English is not my native language, I was honestly a bit nervous about posting in English at first. But interacting with people on this platform has been a really valuable learning experience for me.&lt;/p&gt;

&lt;p&gt;The kind comments and discussions gave me more confidence to continue sharing my learning journey here. Thank you so much😊&lt;/p&gt;
&lt;/blockquote&gt;

&lt;h3&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Worked through the Swift tutorial and completed Section 5: "Create an Algorithm for Badges"&lt;/li&gt;
&lt;li&gt;Used GitHub Copilot in Xcode to generate unit tests for badge sorting logic.&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  🌐 Web Development
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Posted my weekly dev log on Dev.to 📝&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Worked on the AI Forensics room (part of the AI Security Learning Path) on TryHackMe&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  💡 Key Takeaways
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Reviewed the basics of building SwiftUI views using &lt;code&gt;NavigationStack&lt;/code&gt;, &lt;code&gt;ScrollView&lt;/code&gt;, and &lt;code&gt;HStack&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;Learned how to integrate AI-assisted code generation into the testing workflow.&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  TryHackMe Learning
&lt;/h3&gt;

&lt;h4&gt;
  
  
  AI Forensics
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Learned how AI/ML enhances DFIR through large-scale data processing, anomaly detection, and scalable analysis&lt;/li&gt;
&lt;li&gt;Explored practical AI use cases in DFIR tools, including phishing detection, malware classification, alert prioritisation, and event correlation&lt;/li&gt;
&lt;li&gt;Learned the difference between deterministic systems and probabilistic AI models, and why non-determinism can become a challenge in digital forensics&lt;/li&gt;
&lt;li&gt;Studied key AI evaluation metrics such as accuracy, precision, and recall, and learned why these metrics can be misleading when viewed in isolation&lt;/li&gt;
&lt;li&gt;Understood the “Garbage In, Garbage Out (GIGO)” principle and how low-quality training data can lead to unreliable AI outputs&lt;/li&gt;
&lt;li&gt;Learned that AI can accelerate DFIR workflows, but human oversight and validation are still essential in forensic investigations&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🚀 Next Week
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue working on the badge algorithm (Section 6) in the SwiftUI tutorial&lt;/li&gt;
&lt;li&gt;Continue posting small articles on Dev.to&lt;/li&gt;
&lt;li&gt;Continue working on the AI Security Learning Path&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🌈 Goals for This Year
&lt;/h2&gt;

&lt;h4&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Build a solid foundation in SwiftUI and create at least one iOS app&lt;/li&gt;
&lt;/ul&gt;

&lt;h4&gt;
  
  
  🌐 Web Development
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Continue posting learning logs on Dev.to and eventually turn them into a portfolio site using React Router v7&lt;/li&gt;
&lt;/ul&gt;

&lt;h4&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Keep learning cybersecurity on TryHackMe&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>beginners</category>
      <category>devjournal</category>
      <category>security</category>
      <category>swift</category>
    </item>
    <item>
      <title>Weekly Dev Log 2026-W03</title>
      <dc:creator>Umitomo</dc:creator>
      <pubDate>Tue, 28 Apr 2026 06:21:07 +0000</pubDate>
      <link>https://dev.to/umitomo-lab/weekly-dev-log-2026-w03-30a6</link>
      <guid>https://dev.to/umitomo-lab/weekly-dev-log-2026-w03-30a6</guid>
      <description>&lt;h2&gt;
  
  
  🗓️ This Week
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Finally finished the Cyber Security 101 learning path and discovered the AI Security Learning Path on TryHackMe&lt;/li&gt;
&lt;li&gt;Completed 2 rooms from the AI Security Learning Path this week&lt;/li&gt;
&lt;li&gt;Decided to continue working on the SwiftUI tutorial (also explored React Native with Expo out of curiosity)&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  📱 iOS (SwiftUI)
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Ran unit tests for badge unlocking logic and stepped through them using breakpoints&lt;/li&gt;
&lt;li&gt;Researched the differences between SwiftUI and React Native (with Expo) to determine the best platform for my learning&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  🌐 Web Development
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Posted my weekly learning and development log on Dev.to📝&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  🔐 Security (TryHackMe)
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Completed 2 rooms from the AI Security Learning Path on TryHackMe (AI Models &amp;amp; Data, Prompt Engineering)&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  💡 Key Takeaways
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Learned how to use the &lt;code&gt;po&lt;/code&gt; command and the &lt;code&gt;map&lt;/code&gt; function in the console during debugging&lt;/li&gt;
&lt;li&gt;Chose SwiftUI to focus on native iOS development (compared to React Native with Expo)&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  TryHackMe Learning
&lt;/h3&gt;

&lt;h4&gt;
  
  
  AI Models &amp;amp; Data
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Learned that most AI models rely heavily on Common Crawl, a large public dataset collected from the internet&lt;/li&gt;
&lt;li&gt;Realized that unclear data provenance and hidden sensitive data can lead to security risks&lt;/li&gt;
&lt;li&gt;Learned that training decisions can impact security, including potential data leakage&lt;/li&gt;
&lt;li&gt;Understood that optimization techniques introduce trade-offs between efficiency and security&lt;/li&gt;
&lt;li&gt;Learned that fine-tuning inherits risks from base models such as bias and unsafe behavior&lt;/li&gt;
&lt;li&gt;Realized that models are black boxes and difficult to fully audit&lt;/li&gt;
&lt;li&gt;Learned that model cards are important but often incomplete&lt;/li&gt;
&lt;/ul&gt;

&lt;h4&gt;
  
  
  Prompt Engineering
&lt;/h4&gt;

&lt;ul&gt;
&lt;li&gt;Learned that LLMs process text as tokens and generate probabilistic outputs&lt;/li&gt;
&lt;li&gt;Learned how parameters like temperature and top-p affect responses&lt;/li&gt;
&lt;li&gt;Learned that effective prompts require clear instructions, context, format, and constraints&lt;/li&gt;
&lt;li&gt;Understood the difference between system prompts and user prompts&lt;/li&gt;
&lt;li&gt;Practiced prompt techniques such as zero-shot, few-shot, and Chain-of-Thought&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  🚀 Next Week
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Continue working on the badge algorithm (Section 5) in the SwiftUI tutorial&lt;/li&gt;
&lt;li&gt;Continue posting small articles on Dev.to&lt;/li&gt;
&lt;li&gt;Continue working on the AI security Learning Path&lt;/li&gt;
&lt;/ul&gt;

</description>
      <category>beginners</category>
      <category>devjournal</category>
      <category>security</category>
      <category>swift</category>
    </item>
  </channel>
</rss>
