https://blog.home301server.com.br/Recent content in Engineering writeups on Pedro BalbinoHugoen-usWed, 13 May 2026 10:00:00 -0300https://blog.home301server.com.br/posts/2026-05-13-slsa-sigstore-solo-dev-supply-chain/Wed, 13 May 2026 10:00:00 -0300https://blog.home301server.com.br/posts/2026-05-13-slsa-sigstore-solo-dev-supply-chain/A 9-line GitHub Actions canon — actions/attest-build-provenance + cosign keyless OIDC + dual-format syft SBOM — applied verbatim across six Claude Code plugin repos. SLSA L2 attestations and <code>gh attestation verify</code> smoke tests, no per-plugin overhead, zero rotated secrets.https://blog.home301server.com.br/posts/2026-04-26-compliance-grade-rag-tier1-banking/Sat, 25 Apr 2026 00:00:00 -0300https://blog.home301server.com.br/posts/2026-04-26-compliance-grade-rag-tier1-banking/Building an LLM agent for tax-compliance document review under LGPD, internal audit gates, and controlled deployment windows. Pattern: retrieval pipeline + citation extractor + auditable decision log + human-review gate. Stack: Python + Azure OpenAI + Postgres + Terraform.https://blog.home301server.com.br/privacy/Sat, 25 Apr 2026 00:00:00 +0000https://blog.home301server.com.br/privacy/<p>This blog runs as a static site behind Cloudflare and self-hosted infrastructure (dokku on ProxMox). The architecture intentionally minimises personal-data collection. This page documents what <em>is</em> collected, by whom, why, and how long.</p> <h2 id="what-this-site-stores-in-your-browser">What this site stores in your browser</h2> <p><strong>Nothing.</strong> No first-party cookies, no <code>localStorage</code>, no <code>sessionStorage</code>, no <code>IndexedDB</code> writes, no fingerprinting attempts. You can verify with your browser&rsquo;s dev-tools → Application panel.</p> <p>The only state your browser keeps is the standard HTTP cache (managed by <code>Cache-Control</code> headers — immutable for fingerprinted assets, short-TTL for HTML).</p>https://blog.home301server.com.br/about/Thu, 23 Apr 2026 00:00:00 -0300https://blog.home301server.com.br/about/<p>Senior SWE — AI-native automation. Ships Claude Code plugins, Chrome/macOS workflow tooling, and WhatsApp/LinkedIn copilots for high-leverage operators.</p> <p>Recent work: AI agents for compliance-heavy domains (Python/Go backend, Azure OpenAI, multi-cloud Terraform). Maintains a 4-host NixOS fleet with SLSA L2 supply-chain hardening.</p> <h2 id="public-artifacts">Public artifacts</h2> <table> <thead> <tr> <th>Project</th> <th>Stack</th> <th>Purpose</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/yolo-labz/wa" class="external-link" target="_blank" rel="noopener external">wa<span class="external-link-icon" aria-hidden="true">↗</span></a> </td> <td>Go, whatsmeow, SQLite, JSON-RPC</td> <td>WhatsApp daemon with append-only safety + crash resilience</td> </tr> <tr> <td><a href="https://github.com/yolo-labz/claude-mac-chrome" class="external-link" target="_blank" rel="noopener external">claude-mac-chrome<span class="external-link-icon" aria-hidden="true">↗</span></a> </td> <td>Bash, AppleScript, TS</td> <td>Multi-profile Chrome automation for Claude Code on macOS</td> </tr> <tr> <td><a href="https://github.com/yolo-labz/linkedin-chrome-copilot" class="external-link" target="_blank" rel="noopener external">linkedin-chrome-copilot<span class="external-link-icon" aria-hidden="true">↗</span></a> </td> <td>TypeScript, Anthropic SDK</td> <td>Chrome automation for LinkedIn workflows — per-locale forms + isTrusted bypass</td> </tr> <tr> <td><a href="https://github.com/yolo-labz/kokoro-speakd" class="external-link" target="_blank" rel="noopener external">kokoro-speakd<span class="external-link-icon" aria-hidden="true">↗</span></a> </td> <td>Python, ONNX</td> <td>Persistent Kokoro TTS daemon — model loaded once, serves many</td> </tr> <tr> <td><a href="https://github.com/yolo-labz/claude-classroom-submit" class="external-link" target="_blank" rel="noopener external">claude-classroom-submit<span class="external-link-icon" aria-hidden="true">↗</span></a> </td> <td>Python, Google Classroom API</td> <td>Autonomous Classroom submission — bypasses Drive Picker iframe</td> </tr> <tr> <td><a href="https://github.com/yolo-labz/fand" class="external-link" target="_blank" rel="noopener external">fand<span class="external-link-icon" aria-hidden="true">↗</span></a> </td> <td>Rust, launchd/systemd</td> <td>Apple Silicon thermal daemon — temperature curves, SIGHUP reload</td> </tr> </tbody> </table> <h2 id="stack-experience">Stack experience</h2> <ul> <li>Backend: Go, TypeScript/Node, Python (FastAPI, Playwright), Rust (learning)</li> <li>AI/Agents: Claude API, Azure OpenAI, AWS Bedrock, RAG patterns, LangChain, vector stores</li> <li>Cloud: AWS (ECS, Lambda, Bedrock), Azure (App Service, AKS, OpenAI), GCP (Cloud Run, Cloud SQL)</li> <li>Infra-as-Code: Terraform (multi-cloud module library), Helm, NixOS (4-host declarative fleet)</li> <li>DevSecOps: GitHub Actions matrix CI, Sigstore + SLSA L2 attestations, CodeQL, OSV, gitleaks</li> </ul> <h2 id="contact">Contact</h2> <ul> <li>GitHub: <a href="https://github.com/phsb5321" class="external-link" target="_blank" rel="noopener external">phsb5321<span class="external-link-icon" aria-hidden="true">↗</span></a> and <a href="https://github.com/yolo-labz" class="external-link" target="_blank" rel="noopener external">yolo-labz<span class="external-link-icon" aria-hidden="true">↗</span></a> </li> <li>LinkedIn: <a href="https://linkedin.com/in/balbinopedro?utm_campaign=contact_intent&amp;utm_content=about&amp;utm_medium=profile_link&amp;utm_source=blog" target="_blank" rel="noopener noreferrer me" class="plausible-event-name=Contact+Intent plausible-event-location=about plausible-event-medium=profile_link plausible-event-target=linkedin">balbinopedro</a> </li> <li>Email: <a href="mailto:pedrobalbino@proton.me">pedrobalbino@proton.me</a> </li> </ul>