Weekly Dev Log 2026-W07 A developer completed two more sections of a SwiftUI tutorial and published a standalone article about reverse engineering. The developer also began creating UI designs for a portfolio website in Figma, while starting research into Figma MCP for generative AI-assisted design. Additionally, the developer completed the "Securing AI Systems" room on TryHackMe as part of an AI security learning path. πŸ—“οΈ This Week - Completed two more sections of the SwiftUI tutorial 🦾 As I continue working through the tutorial, I can feel my understanding of SwiftUI fundamentals becoming more solid πŸ”₯ - It was my first time posting a standalone article about reverse engineeringπŸ“ If you're interested, feel free to check it out πŸ‘‡ - I started creating UI designs for my future portfolio website in Figma. I was able to roughly sketch out the overall structure of the site, but I also realized how difficult it is to create modern and stylish UI designs. It really made me realize I don’t have much design sense yet πŸ˜‚πŸ’¦ - While struggling with the design process, I came across several articles about Figma MCP . That made me interested in exploring how generative AI could help with UI design ideas, so I decided to start researching Figma MCP further. - Completed Securing AI Systems room from the AI Security Learning Path on TryHackMe this weekπŸ€– πŸ“± iOS SwiftUI - Worked through the SwiftUI tutorial and completed "Create an Algorithm for Badges" and "Add inclusive features" 🌐 Web Development - Posted my weekly dev log on Dev.to and a standalone article about my first attempt at reverse engineering πŸ“ - Created rough portfolio website UI layouts in Figma - Used shadcn/ui component library design templates in Figma - Started learning UI design in Figma using community resources πŸ” Security TryHackMe - Completed Securing AI Systems room part of the AI Security Learning Path on TryHackMe. πŸ’‘ Key Takeaways πŸ“± SwiftUI Learning Add inclusive features - Learned that SwiftUI automatically adapts UI elements for Light and Dark Mode by default. - Learned how to preview and compare Light and Dark Mode layouts in the Xcode canvas. - Understood that system-provided semantic styles help SwiftUI automatically adjust UI appearance. - Learned that SwiftUI uses view modifiers to customize ScrollView behavior. - Understood that .scrollBounceBehavior .basedOnSize only enables bouncing when the content is larger than the visible area. - Learned that .defaultScrollAnchor .center, for: .alignment centers smaller content inside a ScrollView . - Learned that the dynamicTypeSize modifier can be applied to any SwiftUI view. - Learned how AttributedString localized: supports localization-aware text in SwiftUI. - Understood that inflect: true automatically changes words like β€œDay” and β€œDays” based on the number value. - Learned that SwiftUI can apply different font styles to specific parts of an AttributedString . - Realized that Apple provides built-in grammar inflection support for more natural localized UI text. 🌐 Web Development Learning - Reviewed several useful functions in Figma - Learned the importance of focusing on the overall page layout before designing detailed UI components πŸ” TryHackMe Learning Securing AI Systems Task 2 Anatomy of an AI System - Traditional apps use deterministic logic, while AI systems rely on probabilistic model inference. - AI systems accept free-form natural language, making input validation much harder. - Prompt Construction combines the system prompt, user input, and retrieved context before sending data to the LLM. - RAG allows LLMs to retrieve external knowledge from a vector store or other data sources. - A vector store contains embedded representations of internal documentation for retrieval-augmented generation RAG - Trust boundaries are points where data moves between different security contexts. - Major trust boundaries include user-to-system, system-to-LLM, LLM-to-tools, and system-to-user. - LLM-to-tools is especially sensitive because model output can trigger real actions. - Tool layers may execute database queries, API calls, or file operations on behalf of the LLM. - Security controls are needed at every boundary to reduce prompt injection and data leakage risks. Task3 The AI Attack Surface - Studied the OWASP LLM Top 10 and how major risks affect AI-integrated systems. - Learned that MITRE ATLAS documents adversary tactics and exploitation techniques for AI systems. - Studied how the NIST AI RMF approaches AI security from a governance and risk management perspective. - Learned the difference between OWASP vulnerabilities , ATLAS attack techniques , and NIST AI RMF risk governance . Task4 System-Level Threats - Studied how LLM10 Unbounded Consumption can cause resource exhaustion and extreme cost increases through excessive requests. - Learned that system prompts may leak internal rules, tool information, and architecture details if exposed. LLM07 . - Understood that LLM output must never be trusted as safe input for downstream systems. LLM05 - Learned that Excessive Agency occurs when AI systems are given unnecessary permissions, tools, or autonomy. LLM06 - Learned that users may unintentionally leak sensitive information when using AI systems. LLM02 - Studied how the OWASP LLM risks relate to the CIA triad across confidentiality, integrity, and availability. Task 5 Secure Design Patterns - Learned that security controls are most effective when applied during the design stage of AI systems. - Learned that layered controls reduce the risk of end-to-end attack success. - Understood the importance of least privilege for AI tools, API tokens, and database access. - Learned that write operations should require human approval before execution. - Studied how input and output validation reduce prompt injection and downstream injection risks. - Learned that MLSecOps integrates security throughout the AI and machine learning lifecycle. πŸš€ Next Week - Complete the badge algorithm in the SwiftUI tutorial. - Continue posting small articles on Dev.to. - Explore Figma MCP and experiment with generating UI design ideas using AI. - Continue working on the AI Security Learning Path. 🌈 Goals for This Year πŸ“± iOS SwiftUI - Build a solid foundation in SwiftUI and create at least one iOS app. 🌐 Web Development - Continue posting learning logs on Dev.to and eventually turn them into a portfolio site using React Router v7. πŸ” Security TryHackMe - Continue learning cybersecurity on TryHackMe.