MAF vs CLI: Choosing the Right Tool for Your Workflow

This claude code plugin lets you build a financial research agent in under 10 minutes using the claude agent sdk. here's the step-by-step process: step 1: type /plugin and install agent-sdk plugin step 2: pick your language, typescript or python step 3: name your project, something descriptive like "financial-news-agent" step 4: describe your agent what should it do? (analyze sentiment, summarize docs, review code, etc.) step 5: choose complexity - minimal hello world - basic with common features - tailored to your use case step 6: confirm tooling npm/pnpm/yarn/bun for ts, pip/poetry for python step 7: let it build, claude creates everything: project structure, config files, agent code, installs deps, verifies it compiles step 8: add your api key step 9: run it npm start (ts) or python http:// main.py (python) That's it. from zero to working ai agent in one conversation.

import subprocess subprocess.Popen(["python3", "malicious.py"]) this is the piece of code to make an already running file open another one behind the scenes. this could be abused if... subprocess.Popen(["python3", user_input]) that's basically an open backdoor. subprocess.Popen(f"python {user_input}", shell=True) arbitrary command execution

People now ask me what 'the plan' is with model2data. Honestly I don't know yet, just let me know what you need :) are there features missing? Is this helping you in your day-to-day? What I do know is this - worst case scenario I will learn something. Today was such a day, when you package your code pypi to be installed through pip (or rather UV), you need to be careful what you include. Someone reached out today they couldn't get model2data installed through pip: ModuleNotFoundError: No module named 'model2data.dbt' [tool.setuptools.packages.find] where = ["."] include = ["model2data*"] --> this is what I missed, just a simple * I thought everything was over, released a 0.2.2 version. but oh damn! Guess what, another very common Python packaging gotcha - non-Python files need explicit inclusion! So we needed to include the templates and example folders. [tool.setuptools.package-data] model2data = [   "dbt/templates/**/*",   "examples/**/*", ] Fully tested now - model2data is pip installable. So go ahead: pip install model2data uv add model2data

Just shipped a little Python tool to tame my Obsidian vault chaos! Like many of you, my Obsidian vault started as one big flat folder, notes (.md) and images (.png/.jpg/etc.) all mixed together. Obsidian's internal links made it work beautifully… until I wanted to compile related notes + visuals into clean folders for portfolio articles and blog posts. The headache: - Manually hunting down referenced images was time consuming So I built a quick MVP script that: 1. Takes a single note as input 2. Scans your entire vault to find all image references across every .md file 3. Identifies images referenced only in your chosen note (safe to move) 4. Creates a new folder (you name it or it defaults to the note's title) 5. Moves the note + its unique images into that folder — shared images stay untouched It's not pretty yet (procedural style, console output, no GUI), but it works reliably on my thousands-of-files vault. Next steps: refactor to classes, add CLI args / config file, maybe a simple Tkinter / Typer GUI, and support for other embeds (PDFs, etc.). Check out the commit where the MVP came together: https://lnkd.in/eX5e5A9p #Python #Obsidian #Automation #Scripting

Reusing code with default mutable arguments? You're setting yourself up for a nasty surprise. It's 2026, and this one still catches people. We had a 'convenience' function for logging events, complete with a default list of tags. Everybody loved it; made their calls look clean. Then we started seeing production logs with completely unrelated tags. Debugging this felt like chasing ghosts through a maze of microservices and shared libraries. Turns out, that shared `tags=[]` default was getting mutated. Every time someone called the function without providing their own tags, they were just appending to the *same list instance* from previous calls. Request A's tags showed up in Request B's logs. ❌ **The Trap:** `def log_event(message, tags=[]):` ✅ **The Reality:** `def log_event(message, tags=None):` then `tags = tags if tags is not None else []` Hidden state in seemingly stateless functions will burn you every time. Anyone else debugged this exact mess more times than they care to admit? #ProductionLogs #Python #FunctionsAndReusability #SoftwareEngineering

If you’ve ever used “Download as .py” in Google Colab, you know it: every cell just gets dumped as-is, with no structure, no main function, and the result is usually a mess that might run fine but just looks ugly. Instead, try SaPyra! A small project I have been working on, a .ipynb to .py converter that minimally structures your notebook code into a clean python file. Utilizing AST, extracting functions and top-level logic, building dependency graphs across cells, using global variables to handle cross cell dependencies, and even using an LLM (only for naming functions smartly and semantically), SaPyra ensures that your python file is readable and runs exactly like your notebook. If you work with notebooks and want to turn them into real scripts, feel free to check out the project or give feedback! Link to the repo: https://lnkd.in/gN79eZrP

Built an Auto ML Web Application named "data2model" using Django & scikit-learn The idea was simple: upload a CSV dataset, and the system handles the rest. The application can: - Automatically detect whether the problem is classification or regression - Preprocess data (handling missing values, scaling, encoding) - Train and compare multiple ML models - Select the best model - Show confusion matrix and feature importance - Make predictions on new datasets - Allow downloading the trained model with versioning and metadata Always open to feedback and ideas for improvement #MachineLearning #AutoML #Django #Python #DataScience #AIProjects #LearningByBuilding

Stop hardcoding dependencies in your Fast API apps. Dependency Injection (DI) isn’t just a design pattern in Fast API, it’s a superpower. By using the Depends keyword, you move the complexity of database sessions, authentication, and configurations out of your logic and into a managed "container." Why this matters: ✅ Loose Coupling: Swap production databases for mocks in one line. ✅ DRY Code: Define a security dependency once, use it across 50 endpoints. ✅ Clean Logic: Your route functions focus on business logic, not setup. If you’re building production-grade Python APIs, mastering the DI system is the single best way to ensure your code stays maintainable as it scales. Check out the flow below to see how FastAPI handles the heavy lifting before your code even executes. 👇 #FastAPI #Python #SoftwareArchitecture #CleanCode #BackendDevelopment

Building Ultra-Lightweight & Secure Docker Images with Distroless. Today I experimented with Distroless images and implemented a multi-stage Docker build for a Python application. The goal was simple: ➡️ smaller image size ➡️ better security ➡️ production-ready containers 🔹 What’s happening here? Stage 1 – Builder Stage A) Uses python:3.9-slim B) Installs all dependencies using pip C) Keeps build tools isolated from runtime D) Dependencies are installed into /app/deps Stage 2 – Runtime Stage (Distroless) A) Uses https://lnkd.in/g2fWvU39 B) No shell ❌, no package manager ❌ C) Only what’s required to run Python code ✅ D) Copies app + dependencies from builder stage E) Sets PYTHONPATH explicitly 💡 Why Distroless? 1. Smaller attack surface 2. Faster startup time 3. Reduced vulnerabilities 4. Perfect for production workloads

You've probably written a script like this before: Pull data from a source of truth, loop through devices, generate configs or API payloads, dump them somewhere useful. It works. Until you need a slightly different format for another tool. Or someone asks "Wait, which version of this script are we using?" Or you realize there's no way to test it before pushing to production. That’s why we built Infrahub Transformations. The concept is simple: query your infrastructure data with GraphQL, then transform it into whatever text-based format you need using Jinja2 or Python. Generate configs in various vendor flavors, API payloads, Terraform variables, documentation, cabling plans, whatever you need. What makes it even more useful: Transformations are versioned in Git, testable, and reviewable like code. We wrote up how Infrahub Transformations work over on the blog, and included some resources to help you explore them further: https://lnkd.in/gC4KJDUW