Jamie Taylor

So that's the open, used to be the open web application security project, but now it's the open worldwide application security project.

It's not just web anymore.

I've got this project that attempts to inject HTTP headers into an ASP.NET Core application that sets it up for best case scenario for security.

It does all of the things to do with cross-site scripting, to do with content security policy, things like that.

It doesn't really do content security policy because that's a difficult one to do, but it is on my plan.

How do I do this?

So what I'm getting at is that, like, with that one, I actually have a spec kit set up in that directory.

And I say, right, cool.

I want to add this new header.

Hey, LLM, go do all the research for me.

And then what I do is I get to the point where I tell it, create me a list of tasks, and then I do it, right?

Because it's done all the research for me.

In 10 minutes, it's read up about everything.

the particular HTTP header, it's read up about the rules, it's read up about the directive values, it's read up all of this stuff and gotten ready to write the documentation for me because I have like a,

static site that has documentation for the library, then all I have to do is go implement the code using the checklist it's given me for implement this thing, then this thing, then this thing, write this test, and then boom, it's done.

And so it helps me to get productive with actually building these HTTP headers.

But I have a couple of other client pieces of work, unfortunately, wrapped behind NDAs.

But I'm sure you have the same sort of thing, Mike.

But like where I've literally gone, I will spend 20 minutes writing a spec as detailed as I can.

And I've actually found that it will go, hey, you didn't mention this.