Lead Engineer at rubica — building AI platforms for Australian financial advisers. I founded the platform end-to-end: multi-provider chat (AWS Bedrock, native Anthropic, Google, OpenAI), a Model Context Protocol (MCP) connector fleet, and the security posture that runs them.
Background in Cyber Security and Computer Engineering. Mostly TypeScript on Node.js and Next.js, with the Anthropic SDK on the platform side.
→ yusufhan.dev · /now · linkedin · x
- vercel-seo-audit — CLI auditing Next.js / Vercel deploys for SEO and indexing failures. Published on npm.
- webhook-hmac-kit — Stripe-style webhook signing without the Stripe lock-in.
- clean-repo-standard — Production-safe GitHub repo template: branch protection, CI, PR templates, verified commits.
cloudflare/workerd#6040— TextDecoder support for x-user-defined encodingmodelcontextprotocol/typescript-sdk#1875— PrivateKeyJwtProvider custom claimsmodelcontextprotocol/registry#1145ѽ— Publisher version sync + URL detectionrjsf-team/react-jsonschema-form#5044— extraErrors duplication on array field mutationcased/kit#189— Skip non-actionable errors in GitHub review comments
- CVE-2026-44429 — Stored XSS in the official Model Context Protocol Registry catalogue UI. Disclosed and patched, May 2026. Assigned by GitHub-as-CNA.
The Lessons series — long-form essays on production AI systems, MCP, LLM infrastructure, and security engineering.