Available for research & product collaborations

Hi, I’m saip.
I research, build, and ship.

Focused on software supply chain security, Golang tooling, and frontends. I like strong ideas, tight feedback loops, and shipping useful things.

I work on

See my work Get in touch Resumé

GitHub LinkedIn X

Current Focus

Supply Chain Security

Python • Golang • Javascript • HTML/CSS

Selected Work

See all →

Security • OSS 2025

SafeSupply

Open-source threat intelligence for software supply chains. Aggregates advisories, normalizes data, and surfaces actionable signals.

Golang PostgreSQL OSV

Research 2025

Malicious VSCode Extensions

Large-scale scan and triage pipeline to identify malicious behaviors across the VSCode marketplace.

Python Semgrep Detections

Product 2025

Cloud Cafe

Concept-to-landing proof for a creator-friendly cloud workspace with spotless UX.

Next.js Tailwind Vercel

Research

I explore software supply chain risks, dependency hijacks, and real-world exploitability. Here are a few threads and notes.

Thread

Helm symlink behavior & attack paths

What actually breaks in busy CI systems and why defaults matter.

Note

Detecting typosquats across registries

Signals, noise, and when to escalate.

About

I’m a researcher who likes building. My center of gravity is security, but I care just as much about good taste in product and documentation. My north star is shipping things that stand up to scrutiny.

Golang Python React SCA Reverse Engineering Threat Modeling

Let’s talk

Tell me what you’re building or researching. I reply to thoughtful messages.