🗓️ This Week

• While organizing ideas for my first iOS app, I remembered an old web app idea called ToneDrill, which I had casually built before to help practice note names on a guitar fretboard🎸. I decided to try turning it into an iOS app🛠️.
• I clarified the purpose of ToneDrill, its minimum requirements, and its core features, then organized them in Notion📝.
• I was curious to see how well Codex could implement an iOS app from those minimum requirements, so I gave it a try right away💡.
• I reviewed the SwiftUI code generated by Codex and worked through the app logic to understand how it was implemented🔍. For now, I was able to create a working app, which felt like a meaningful step forward🚶.
• I created the top page UI design for my portfolio website in Figma🎨. I focused on keeping the structure simple and implementation-friendly, and designed the UI with reusable components for each major part.
• Based on what I learned from my previous failed attempt, I tried again to see how well Codex could implement a prototype from the Figma UI design (You can read about my previous attempt that didn’t go so well here😅.)
• Worked on the AI Threat Modelling room from the AI Security Learning Path on TryHackMe this week🤖.

📱 iOS (SwiftUI)

• Revisited an old web app idea called ToneDrill, which I had previously built casually as a guitar note-training app, and considered turning it into an iOS app.
• Organized the app idea in Notion, including its purpose, target use case, minimum requirements, and core features.
• Decided to aim for an MVP-level version first, instead of trying to build a fully featured app from the beginning.
• Wrote down simple requirements and tested how accurately Codex could implement the initial version of the app.
• Reviewed the iOS app implementation generated by Codex and examined the code in detail to understand how the logic worked.

🌐 Web Development

• Posted my weekly dev log on Dev.to📝
• Completed the top page UI design for my portfolio website in Figma.
• Tried using Codex again to generate a prototype app based on the Figma UI design.

🔐 Security (TryHackMe)

• Worked on the AI Threat Modelling room (part of the AI Security Learning Path) on TryHackMe.

💡 Key Takeaways

📱 SwiftUI Learning

🦄 What I learned by starting with a small app and minimum features

• I started building the app with the mindset of creating small, steady progress instead of trying to build a large app right away.
• Starting small made it much easier to take the first step mentally and actually begin building the app.
• Even though the app is small, I realized that the knowledge I gained from tutorials alone was not enough to fully understand the implementation details.
• I had to review and research the code step by step to understand how each part worked.
• This made me realize that if I started with a much larger app, it would take a lot more time to understand the implementation while building it.
• I also learned that I should define more clearly when and how I use Codex during development.
• For now, my plan is to keep using AI actively until I can complete one working app, then evaluate where AI is most helpful and where I need to review the code more carefully myself.

🌐 Web Development Learning

❤️‍🔥 What I learned from retrying prototype generation with Figma MCP and Codex

• Learned that I should first ask Codex to review the design system in the Figma UI design, then have it create rule files such as app.css and FIGMA_DESIGN_SYSTEM.md based on those design rules.
• Learned that designing a Figma UI with implementation in mind is important when asking Codex to generate a prototype.
• Instead of only creating a visual mockup, I structured the UI with clear frames, reusable components, and layout rules.
• I also documented the design system in rule files so Codex could better understand the intended structure, spacing, colors, and component styles.
• As a result, Codex was able to generate a prototype that closely matched the Figma design🔥.

🔐 TryHackMe Learning

AI Threat Modelling

Task 6: OWASP LLM Top 10 — Mapping Risks to Components

• I learned that the OWASP LLM Top 10 helps map LLM-specific risks to the components where they occur.
• OWASP LLM Top 10 is useful not only as a checklist, but also as an assessment tool for reviewing LLM architecture.
• I learned that the LLM inference endpoint has the highest risk concentration, including prompt injection, sensitive information disclosure, excessive agency, system prompt leakage, misinformation, and unbounded consumption.
• Vector databases and RAG pipelines require special attention because they can introduce indirect prompt injection, embedding weaknesses, and misinformation from stale or incorrect sources.

🚀 Next Week

• Review the issues and improvements needed in the minimum-feature app generated by Codex, then start making code changes.
• Ask Codex to help explore UI design ideas for the ToneDrill app and decide on the overall UI direction.
• Review and understand the implementation details of the portfolio website prototype generated by Codex.
• Continue posting small articles on Dev.to.
• Continue working on the AI Security Learning Path.

🌈 Goals for This Year

📱 iOS (SwiftUI)

• Build a solid foundation in SwiftUI and create at least one iOS app.

🌐 Web Development

• Continue posting learning logs on Dev.to and eventually turn them into a portfolio site using React Router v7.

🔐 Security (TryHackMe)

• Continue learning cybersecurity on TryHackMe.