Weekly Dev Log 2026-W10
Source: Dev.to
๐๏ธ This Week
While organizing ideas for my first iOS app, I remembered an old web app idea called ToneDrill, which I had casually built before to help practice note names on a guitar fretboard๐ธ. I decided to try turning it into an iOS app๐ ๏ธ. I clarified the purpose of ToneDrill, its minimum requirements, and its core features, then organized them in Notion๐. I was curious to see how well Codex could implement an iOS app from those minimum requirements, so I gave it a try right away๐ก. I reviewed the SwiftUI code generated by Codex and worked through the app logic to understand how it was implemented๐. For now, I was able to create a working app, which felt like a meaningful step forward๐ถ. I created the top page UI design for my portfolio website in Figma๐จ. I focused on keeping the structure simple and implementation-friendly, and designed the UI with reusable components for each major part. Based on what I learned from my previous failed attempt, I tried again to see how well Codex could implement a prototype from the Figma UI design (You can read about my previous attempt that didnโt go so well here๐ .) Worked on the AI Threat Modelling room from the AI Security Learning Path on TryHackMe this week๐ค. Revisited an old web app idea called ToneDrill, which I had previously built casually as a guitar note-training app, and considered turning it into an iOS app. Organized the app idea in Notion, including its purpose, target use case, minimum requirements, and core features. Decided to aim for an MVP-level version first, instead of trying to build a fully featured app from the beginning. Wrote down simple requirements and tested how accurately Codex could implement the initial version of the app. Reviewed the iOS app implementation generated by Codex and examined the code in detail to understand how the logic worked. Posted my weekly dev log on Dev.to๐ Completed the top page UI design for my portfolio website in Figma. Tried using Codex again to generate a prototype app based on the Figma UI design. Worked on the AI Threat Modelling room (part of the AI Security Learning Path) on TryHackMe. I started building the app with the mindset of creating small, steady progress instead of trying to build a large app right away. Starting small made it much easier to take the first step mentally and actually begin building the app. Even though the app is small, I realized that the knowledge I gained from tutorials alone was not enough to fully understand the implementation details. I had to review and research the code step by step to understand how each part worked. This made me realize that if I started with a much larger app, it would take a lot more time to understand the implementation while building it. I also learned that I should define more clearly when and how I use Codex during development. For now, my plan is to keep using AI actively until I can complete one working app, then evaluate where AI is most helpful and where I need to review the code more carefully myself. Learned that I should first ask Codex to review the design system in the Figma UI design, then have it create rule files such as app.css and FIGMA_DESIGN_SYSTEM.md based on those design rules. Learned that designing a Figma UI with implementation in mind is important when asking Codex to generate a prototype. Instead of only creating a visual mockup, I structured the UI with clear frames, reusable components, and layout rules. I also documented the design system in rule files so Codex could better understand the intended structure, spacing, colors, and component styles. As a result, Codex was able to generate a prototype that closely matched the Figma design๐ฅ. I learned that the OWASP LLM Top 10 helps map LLM-specific risks to the components where they occur. OWASP LLM Top 10 is useful not only as a checklist, but also as an assessment tool for reviewing LLM architecture. I learned that the LLM inference endpoint has the highest risk concentration, including prompt injection, sensitive information disclosure, excessive agency, system prompt leakage, misinformation, and unbounded consumption. Vector databases and RAG pipelines require special attention because they can introduce indirect prompt injection, embedding weaknesses, and misinformation from stale or incorrect sources. Review the issues and improvements needed in the minimum-feature app generated by Codex, then start making code changes. Ask Codex to help explore UI design ideas for the ToneDrill app and decide on the overall UI direction. Review and understand the implementation details of the portfolio website prototype generated by Codex. Continue posting small articles on Dev.to. Continue working on the AI Security Learning Path. Build a solid foundation in SwiftUI and create at least one iOS app. Continue posting learning logs on Dev.to and eventually turn them into a portfolio site using React Router v7. Continue learning cybersecurity on TryHackMe.