ποΈ This Week
- While organizing ideas for my first iOS app, I remembered an old web app idea called ToneDrill, which I had casually built before to help practice note names on a guitar fretboardπΈ. I decided to try turning it into an iOS appπ οΈ.
- I clarified the purpose of ToneDrill, its minimum requirements, and its core features, then organized them in Notionπ.
- I was curious to see how well Codex could implement an iOS app from those minimum requirements, so I gave it a try right awayπ‘.
- I reviewed the SwiftUI code generated by Codex and worked through the app logic to understand how it was implementedπ. For now, I was able to create a working app, which felt like a meaningful step forwardπΆ.
- I created the top page UI design for my portfolio website in Figmaπ¨. I focused on keeping the structure simple and implementation-friendly, and designed the UI with reusable components for each major part.
- Based on what I learned from my previous failed attempt, I tried again to see how well Codex could implement a prototype from the Figma UI design (You can read about my previous attempt that didnβt go so well hereπ .)
- Worked on the AI Threat Modelling room from the AI Security Learning Path on TryHackMe this weekπ€.
π± iOS (SwiftUI)
- Revisited an old web app idea called ToneDrill, which I had previously built casually as a guitar note-training app, and considered turning it into an iOS app.
- Organized the app idea in Notion, including its purpose, target use case, minimum requirements, and core features.
- Decided to aim for an MVP-level version first, instead of trying to build a fully featured app from the beginning.
- Wrote down simple requirements and tested how accurately Codex could implement the initial version of the app.
- Reviewed the iOS app implementation generated by Codex and examined the code in detail to understand how the logic worked.
π Web Development
- Posted my weekly dev log on Dev.toπ
- Completed the top page UI design for my portfolio website in Figma.
- Tried using Codex again to generate a prototype app based on the Figma UI design.
π Security (TryHackMe)
- Worked on the AI Threat Modelling room (part of the AI Security Learning Path) on TryHackMe.
π‘ Key Takeaways
π± SwiftUI Learning
π¦ What I learned by starting with a small app and minimum features
- I started building the app with the mindset of creating small, steady progress instead of trying to build a large app right away.
- Starting small made it much easier to take the first step mentally and actually begin building the app.
- Even though the app is small, I realized that the knowledge I gained from tutorials alone was not enough to fully understand the implementation details.
- I had to review and research the code step by step to understand how each part worked.
- This made me realize that if I started with a much larger app, it would take a lot more time to understand the implementation while building it.
- I also learned that I should define more clearly when and how I use Codex during development.
- For now, my plan is to keep using AI actively until I can complete one working app, then evaluate where AI is most helpful and where I need to review the code more carefully myself.
π Web Development Learning
β€οΈβπ₯ What I learned from retrying prototype generation with Figma MCP and Codex
- Learned that I should first ask Codex to review the design system in the Figma UI design, then have it create rule files such as
app.cssandFIGMA_DESIGN_SYSTEM.mdbased on those design rules. - Learned that designing a Figma UI with implementation in mind is important when asking Codex to generate a prototype.
- Instead of only creating a visual mockup, I structured the UI with clear frames, reusable components, and layout rules.
- I also documented the design system in rule files so Codex could better understand the intended structure, spacing, colors, and component styles.
- As a result, Codex was able to generate a prototype that closely matched the Figma designπ₯.
π TryHackMe Learning
AI Threat Modelling
Task 6: OWASP LLM Top 10 β Mapping Risks to Components
- I learned that the OWASP LLM Top 10 helps map LLM-specific risks to the components where they occur.
- OWASP LLM Top 10 is useful not only as a checklist, but also as an assessment tool for reviewing LLM architecture.
- I learned that the LLM inference endpoint has the highest risk concentration, including prompt injection, sensitive information disclosure, excessive agency, system prompt leakage, misinformation, and unbounded consumption.
- Vector databases and RAG pipelines require special attention because they can introduce indirect prompt injection, embedding weaknesses, and misinformation from stale or incorrect sources.
π Next Week
- Review the issues and improvements needed in the minimum-feature app generated by Codex, then start making code changes.
- Ask Codex to help explore UI design ideas for the ToneDrill app and decide on the overall UI direction.
- Review and understand the implementation details of the portfolio website prototype generated by Codex.
- Continue posting small articles on Dev.to.
- Continue working on the AI Security Learning Path.
π Goals for This Year
π± iOS (SwiftUI)
- Build a solid foundation in SwiftUI and create at least one iOS app.
π Web Development
- Continue posting learning logs on Dev.to and eventually turn them into a portfolio site using React Router v7.
π Security (TryHackMe)
- Continue learning cybersecurity on TryHackMe.
