In my Cloud Advisory work, I’m frequently asked for opinions:

• How does solution X compare to solution Y?

• What’s the best tool for Z?

So, scratching my own itch, I decided to pair-program with Claude LLM and build a Cloud Security Solutions Directory. The goal? To help CTOs and security teams discover solutions, services, and tools they might otherwise overlook.

The great thing about LLM-powered programming is that it lets you test ideas faster. For example:

• What if the source data lived in text-editable HJSON files instead of SQLite?

• What if I cached data fields with Redis hashes?

• What about ranking open-source tools by GitHub stars and commit recency?

• Redisearch (a Redis module I’d never even heard of!) for full-text search?

• Or dumping that entirely and rolling my own?

The downside? All those experiments leave behind a trail of code debris.

Here’s what I mean:

• Duplicate code: multiple versions of the same logic hanging around.

• Incomplete refactoring: leftover pieces from half-finished changes.

• Forgotten code: snippets that no longer serve a purpose but quietly linger.

• Insecure code: a ticking time bomb if left unchecked.

And yes, I’ve had them all. In fact, a few remnants probably still lurk in my repo.

The problem is that you often spot these issues in hindsight. LLM tools like aider are fantastic, but when their search-and-replace efforts fail to stick (usually after three attempts), the risk multiplies. The fallout depends on what’s left behind:

• Duplicate code: Mostly harmless if it’s in the same namespace (at least in Python).

• Incomplete refactoring: Like a half-bandaged wound—messy and prone to infection.

• Insecure snippets: A hard no. These are the skeletons in the closet you don’t want.

What’s the fix?

It’s not glamorous, but the answer is simple: checks, checks, and more checks.

• Review your code rigorously.

• Use static analysis and linters to catch duplicates and refactoring gaps early.

• Double-check for security flaws in new additions, especially those produced by an LLM.

LLMs are incredible enablers, but they come with sharp edges. Catching those early is the name of the game.

P.S. Check out the MVP fruit of Claude’s labor: Cloud Security Solutions Directory. Explore it, and let me know what tools or services I should add.