web-security-baseline-audit
A small CLI that checks whether public pages expose the trust basics search engines, AI crawlers, and security reviewers expect to see.
Mirogate Open Source
Small tools that show how Mirogate thinks about reliable systems.
These projects are designed to be useful on their own: auditing public trust signals, defending Worker-backed forms, handling browser risk signals, hardening a new cloud server, migrating a browser-identification dependency with less risk, and building bilingual enterprise forms that can survive production workflows.
cloudflare-worker-abuse-defense-kit
Worker patterns for public forms and lightweight APIs: KV rate limiting, Turnstile verification, honeypots, freshness checks, and safe JSON responses.
fingerprintjs-risk-signal-lab
An unofficial defensive lab for turning browser visitor and abuse signals into explainable server-side decisions.
secure-droplet-bootstrap
A lockout-safe hardening kit for new DigitalOcean Ubuntu droplets: SSH, firewall, updates, baseline checks, and a Codex skill for assisted setup.
fingerprintjs-v6-readiness-lab
An unofficial readiness checklist and contract-test lab for teams preparing browser-identification code for a future major FingerprintJS upgrade.
bilingual-enterprise-form-kit
Arabic and English form patterns with RTL/LTR behavior, validation, honeypot protection, rate-limit examples, and accessible labels.
Credibility standard
Each project needs to be boring in the right ways.
- Clear README, license, security notes, and changelog from day one.
- Small test or verification command so a clean clone can prove the project works.
- Article and social posts that explain tradeoffs without overstating capability.
- Maintenance signals: issue templates, release notes, and visible updates after launch.