Brian Clark

6.5K posts

Brian Clark

@_clarkio

Developer Advocate @Snyksec | Prev @Microsoft @Disney | Web dev and app sec things. Here for community, fun and learning. Not for numbers or influencing you.

More here 👉 Katılım Ocak 2014

1.1K Takip Edilen6.1K Takipçiler

Sabitlenmiş Tweet

Brian Clark@_clarkio·16 Ara

FYI:🟦☁️ 👉 @clarkio.com

English

780

Brian Clark@_clarkio·5 Mar

@wesbos Love Raycast and definitely interested in this but I wonder do I have to keep subscribing to access my apps I built? Or is it just credits needed to build and then own for life?

English

Wes Bos@wesbos·4 Mar

I’m a raycast glazer, stoked to try out glaze

Raycast@raycast

Today we're launching Glaze 💠 Create any desktop app in minutes by chatting with AI. Beautiful, powerful, and truly personal. Learn more on glazeapp.com Follow @glazeapp for updates.

English

194

44K

Brian Clark@_clarkio·28 Şub

@wesbos Now you jogged my memory about firebug too. Fun times

English

1.6K

Wes Bos@wesbos·28 Şub

In 2010 you could install a Firefox extension called firesheep, visit a coffee shop and dozens of accounts would just pop up and you could log in as them. (Allegedly) It’s nuts that we used to not use https

Jarred Sumner@jarredsumner

In 2013, when government tried mass domestic surveillance, the tech industry responded with HTTPS everywhere. In 2026:

English

177

276.3K

Brian Clark retweetledi

Liran Tal@liran_tal·20 Şub

here's a tease for the sort of agentic security orchestration we're building at @snyksec wanna hear more? ;-)

English

861

Brian Clark@_clarkio·19 Şub

@dazzknowles I agree I think it should still matter. Are you saying it’s because you think AI will not be around to maintain software? I feel like AI isn’t going anywhere so I’m not sure I understand the “why” you’re sharing.

English

Dazz Knowles@dazzknowles·18 Şub

@_clarkio Absolutely, you can’t rely on AI always being around or up to the job. At some point these companies are going to have to start making money by charging a lot more, or go bust.

English

Brian Clark@_clarkio·17 Şub

Honest question, do software best practices matter with agentic AI? I feel like they should but seeing some talk about it no longer being necessary since the project will be maintained by AI anyway.

English

255

Brian Clark@_clarkio·17 Şub

This brought to you by my frustration that Opus 4.6 isn't always writing tests and making sure they pass before finishing a task. Even with explicit instructions too...

English

198

Brian Clark@_clarkio·17 Şub

When will AI stop me from accidentally adding an extra / to a redirect uri?

English

341

Brian Clark retweetledi

Snyk@snyksec·12 Şub

Fetch the Flag 2026 Challenge Peek 🫣 An AI-powered WAF. “Impossible” to exploit. Critical bugs? Supposedly handled. Would your team prove otherwise?😨

English

413

Brian Clark@_clarkio·12 Şub

@hellojac @raycast Thanks Jac. I've sent an email now.

English

Jac Peregrine-Davies@hellojac·12 Şub

@_clarkio @raycast Apologies for the inconvenience here and we're investigating this issue. Could you email us at support@raycast.com so that I can help you further?

English

Raycast@raycast·11 Şub

Script Commands Now on Windows 🚀 A quick and easy way to extend the functionality of Raycast. We first released it for the Mac version in 2020 and it's still going strong! Full changelog 👉 raycast.com/changelog/wind…

English

127

15.8K

Brian Clark@_clarkio·12 Şub

@mantej @IceSolst Oof yea and within the next 6 months?

English

236

Mantej Rajpal@mantej·12 Şub

prediction: package managed skills will lead to one of the most catastrophic supply chain attacks in crypto history

simeonGriggs@simeonGriggs

Can anyone explain why we're not installing skills from npm so we actually get versioning and updates? Downloading plain text files to your project exactly once feels insane.

English

128

10.7K

Brian Clark retweetledi

Liran Tal@liran_tal·5 Şub

#ToxicFlows So I personally run OpenClaw (well clawdbot still in the cli) but I also wear a security researcher hat at Snyk and we cooked some good study for you: snyk.io/blog/toxicskil…

English

705

Brian Clark retweetledi

Snyk@snyksec·26 Oca

How do you craft prompts to build apps with AI? Here's Brian Clark prompting an Anthropic model to create a secure Node.js note taking app... ❓ Quiz - what kind of security vulnerabilities do you think the model generated?

English

447

Brian Clark retweetledi

Snyk@snyksec·20 Oca

Do know about the Web Almanac by the @HTTPArchive ? 🕸️👇 1/ It's the HTTP Archive's annual state of the web report. And guess what, it has a Security chapter, continue reading >>

English

395

Brian Clark@_clarkio·17 Oca

@Naaackers I've not built an iOS app with it personally but have for other tech. Biggest thing is to discuss a plan with it first. Also this has some helpful gems: x.com/bcherny/status…

Boris Cherny@bcherny

I'm Boris and I created Claude Code. Lots of people have asked how I use Claude Code, so I wanted to show off my setup a bit. My setup might be surprisingly vanilla! Claude Code works great out of the box, so I personally don't customize it much. There is no one correct way to use Claude Code: we intentionally build it in a way that you can use it, customize it, and hack it however you like. Each person on the Claude Code team uses it very differently. So, here goes.

English

141

Naaackers@Naaackers·16 Oca

I'm going to attempt to build an iOS app with Claude Code. Give me tips or warn me of pitfalls. I'm going in completely blind.

English

938

Brian Clark@_clarkio·17 Oca

I'm not even into CSS but this sounds awesome!

Syntax@syntaxfm

2026 Out: March Madness In: March MadCSS madcss.com

English

205

Brian Clark retweetledi

Syntax@syntaxfm·17 Oca

2026 Out: March Madness In: March MadCSS madcss.com

English

3.9K

Brian Clark retweetledi

HTTP Archive 💾@HTTPArchive·16 Oca

The 2025 Web Almanac by HTTP Archive has been officially released! 🚀 We would like to thank all of our contributors from around the globe who made this extensive report possible! Check out the full report here: almanac.httparchive.org #thewebalmanac

English

7.1K

Brian Clark retweetledi

Snyk@snyksec·13 Oca

GPT 5.2 vs Security Vulnerabilities, how does that work? @_clarkio shows the story of a typical Node.js application "production-ready and secure", see the results 👇 youtube.com/watch?v=o7UwCY…

YouTube

English

633

Brian Clark@_clarkio·9 Oca

@snyksec @_JohnHammond I swear it’s not me behind the Snyk account right now 😅

English

Snyk@snyksec·8 Oca

@_JohnHammond Tell that to @_clarkio, he is always on the hunt for those CSRF tokens ;-)

English

John Hammond@_JohnHammond·13 Ağu

Luke shared the URL from the original phishing email with me, so I'd like to showcase it a bit. Planning to record a video to walk through it, but don't have a chance to record for the next few hours... so will roll with a Twitter/X thread for now 🧵

Linus LinusMediaGroup@linusgsebastian

**BEWARE** The main LTT Twitter account has been hijacked. 4 minutes after I received this email I tried to log in, but the password had already been changed. By the time I could update the password, the 2FA had been deactivated/reactivated. I have contacted Twitter support.

English

585

5.6K

2.7M

Keşfet

@wesbos @snyksec @dazzknowles @hellojac @raycast @mantej @IceSolst @HTTPArchive