Fumbling in the Dark: A Journey with My Reliable Colleague

Source: Dev.to

Project Overview

This project was built for Kiroween, a Halloween‑themed hackathon hosted by AWS celebrating their AI coding agent Kiro.
The challenge: build something creative with Kiro in under a month.

For me, it was truly fumbling in the dark—my first online hackathon, no video production experience, working solo in Japanese while submitting everything in English.

MairuCLI is an educational CLI wrapper that detects and blocks dangerous commands.
“Mairu” (参る) is a Japanese word meaning “to be troubled” or “to be defeated.” It’s also a wordplay on “Kiro.” When you enter a dangerous command in the CLI, a Halloween‑themed warning appears and teaches you why it’s dangerous.

Key Features

• 🔥 11 Dangerous Pattern Detection – e.g., rm -rf /, chmod 777, dd, DROP DATABASE, fork bombs, and more
• 🎃 Halloween‑Themed Warnings – ASCII art and educational messages
• 📚 Educational Breakdowns – Explains each part of a command and simulates what would happen if executed
• 🏆 Achievement System – Gamification makes learning fun
• 🚂 Typo Entertainment – Type sl and a steam locomotive appears
• 🛡️ System Directory Protection – Protects system folders on Windows, Linux, and macOS

Technical Achievements

• 300+ automated tests (100 % passing)
• 16 Steering files
• 6 complete Specs
• Cross‑platform support (Windows, Linux, macOS)

Resources

• Devpost:
• GitHub Repository:
• Demo Video:

Barriers Faced

• No online hackathon experience – Unclear submission criteria and evaluation process
• No video posting experience – Did not know how to create a demo video
• Language barrier – All submissions (README, video narration, etc.) had to be in English while I’m not fluent
• Busy schedule – Development squeezed between a day job; many days lacked solid blocks of time
• Solo development – Although this was company work, everything except UAT was done by me alone

Development Timeline

• Total development time: ≈ 30 hours
• First 6 hours: Core functionality completed (8 built‑in commands, 5 dangerous pattern detections, Halloween‑themed display system) – first taste of Spec‑Driven Development
• Refactoring display.py (400 lines) into 7 modules: estimated 2.5–3 h, actually 20 min (≈ 7.5–9× productivity boost)
• Implemented 3‑tier warning system (Critical/Caution/Safe), IT wordplay, and 35 automated tests
• Added system directory protection for Windows, Linux, and macOS
• Split builtins.py (719 lines) into 7 modules, created category‑based variation system, generic typo detection, and educational breakdown specs
• Resolved platform‑specific issues (e.g., locale.getpreferredencoding() for macOS, detection of mkfs /dev/sda on Linux)

AI Collaboration Insights

• Pair programming with Kiro felt natural; the AI acted as a trusted colleague rather than a distant tool.
• Other AI agents (e.g., Claude Code) are also highly accurate, but the comparison is less about “which is best” and more about how they fit into the workflow.
• Limits of Steering: With many Steering files, context‑window constraints still apply; managing them becomes a meta‑challenge.
• AI “understanding”: As discovered on Day 10, AI can label commands as “dangerous” without truly grasping the concept of danger—an inherent limitation of current models.

These observations are not criticisms but challenges to address as AI collaboration deepens.

ASCII Art Experiment

I wanted the CLI to feel fun beyond gamification, so I attempted to generate ASCII art automatically (e.g., using DALL‑E 3). The result was disappointing, leading me to hand‑craft the art:

        ,.,. ,.,.
       ,d$$$$$$$$$$$b.
     ,d$$$$$$$$$$$$$$$b.
    d$$$$$$`   `'$$$$$$$b
   d$$$$$  .---.    '$$$$b
  d$$$$$  /  _  \    |$$$$b
 d$$$$$|  | (O) |    |$$$$$b
 $$$$$$|  `.___.'  , |$$$$$$
_$$$$$$|     ;     : |$$$$$$_
 `$$$$$;    / \    ; $$$$$$'
  `$$$$$b.  `-'  .d$$$$$$'
    `$$$$$b.....d$$$$$$'
      `$$$$$$$$$$$$$$'
        `"$$$$$$$$"'
   ..::;d########b;::..
 .:::::;##########;::::::.
.::::::;##########;:::::::.
'::::::'##########':::::::'

The hand‑crafted jack‑o‑lantern took about an hour, illustrating that some tasks still require human effort.

Bug Encounter (The “Ghost”)

Near the end of development, the detailed explanation section vanished when running rm -rf /. The issue traced back to a relative path problem caused by a cd (Change Directory) operation after refactoring the breakdown and help display files.

Fix: switched to absolute paths and added a Steering file (treated as an ofuda talisman) to guard against similar issues.

This bug highlighted that:

• Multi‑operation testing can be time‑consuming for AI alone.
• Humans must anticipate patterns and validate AI‑generated test cases.

Lessons & Further Reading

For a deeper dive into the AI‑driven development lessons from this project, see the GitHub repository’s documentation.

This article reflects my personal experience building MairuCLI during the Kiroween hackathon.