Building agent infrastructure · Security-first

I build the unglamorous primitives that let AI agents do real work in the world — identity, verification, and the parts of the stack people skip until they break.

• What I do: Ship agent infrastructure and vertical AI products from Tallinn.
• How I work: Thin verticals → real benchmarks → instrumented → iterated.
• Stack: Next.js / TypeScript, Python, Postgres, Cloud Run / Vercel, Claude Code, MCP everywhere, multi-model routing.
• Background: MSc Cybersecurity (TalTech). Ex-Zing, Monese, InsightAI.
• Interests: Agent identity & threat models, MCP server design, agent evals, post-quantum migration.

• AgentSIM — Real SIM-backed phone numbers as an identity layer for AI agents. SMS/OTP verification that actually works because the number is real. Wrapping Twilio gives you a phone number; AgentSIM gives an agent a verified identity.
• BackToBirth.ai — AI-powered aviation compliance verification for EASA Part-145 MROs. Dual-model certificate cross-referencing, benchmarked at 95.8% F1 on a 141-document set (AeroBench).
• ELAV — GTM intelligence infrastructure for 15–50 person services companies where the CEO is the knowledge bottleneck.
• Agent tooling & MCP — Including log-analyzer-mcp (on PyPI) and a multi-agent orchestration setup wired through Telegram and Slack.

Open to: EU MRO pilots for AeroCert, AgentSIM design partners, and serious partnerships on agent infra.

1. Outcome first — align on the metric that matters before writing a line.
2. Threat-model early — auth, data boundaries, audit trails before features.
3. Ship thin verticals — value in days/weeks, not quarters.
4. Instrument everything — traces, evals, real benchmarks over vibes.
5. Harden & iterate — red-team, incident drill, fail loudly.

(But I'm dynamic — the right tool depends on the problem.)

• Languages: TypeScript, Python, Go
• Frontend: Next.js (App Router), React, Tailwind, shadcn/ui
• Backend: Node, Python, PostgreSQL, Redis, Supabase
• AI/Agents: Claude Code (heavily), MCP, multi-model routing (Groq, Cerebras, Fireworks, Gemini), custom eval harnesses
• Infra: GCP Cloud Run, Vercel, Docker, OpenTelemetry
• Security: OWASP LLM Top-10, agent threat modeling, GDPR, SOC 2 / ISO-27001 alignment

• 🔐 Agent identity — the verification layer for autonomous systems
• 🧰 MCP server design patterns (and what actually breaks in production)
• 🛡️ Adversarial evaluation of agent tool-use ("Your Agent Is Mine"–style threats)
• 🔭 Post-quantum migration for critical public infrastructure

DM on X @FathinDev or LinkedIn. Briefs: hello@codesdevs.io

"Ship thin verticals that solve real problems. Measure everything. Build the boring parts well."