Skip to content
View xr843's full-sized avatar
🎯
Live in the present moment.
🎯
Live in the present moment.
45 followers · 13 following

Achievements

Achievement: Pair Extraordinairex4Achievement: Starstruckx2Achievement: Pull Sharkx2Achievement: Quickdraw

Achievements

Achievement: Pair Extraordinairex4Achievement: Starstruckx2Achievement: Pull Sharkx2Achievement: Quickdraw

Block or report xr843

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
xr843/README.md

Hi, I'm Tim Ren

Full-stack developer focused on AI security and Buddhist digital humanities — securing LLM applications and building open-source tools that make ancient texts accessible to modern researchers.

Projects

  • FoJin 佛津   GitHub stars — The world's encyclopedic Buddhist digital text platform. 450+ sources, 30 languages, full-text reading, AI Q&A, knowledge graph, parallel reader. FastAPI + React + Elasticsearch.

  • llm-seclint   GitHub stars — Static security linter for LLM-powered applications. 8 detection rules (prompt injection, SSTI, XXE, RCE, SQLi). The Bandit for the AI era.

  • Buddhist AI Translator   GitHub stars — AI translation for Buddhist texts across Sanskrit, Pali, Tibetan, and Classical Chinese.

Open Source Contributions

Merged

Project Stars PR Description
Dify #33769 fix: remove legacy z-index overrides on model config popup
Dify #33767 fix(tests): correct keyword arguments in tool provider test constructors
LiteLLM #24070 fix: thinking blocks dropped when thinking field is null
SurfSense #886 fix: use asyncio.to_thread for embedding calls in search endpoints
gstack #128 fix: eliminate duplicate command sets in chain, improve flush perf
buddhist-uni #636 Added Node.js unit tests for core JavaScript utilities
buddhist-uni #637 Split search_index.js into pure JS logic and Liquid data template
buddhist-uni #634 Add help text to Archive.org borrowable links

In Review

Project Stars PR Description
Dify #33986 fix: constant-time API key comparison + prevent IDOR in DataSourceOauthBinding
vllm #37939 fix(security): replace eval() with safe math in tool examples
crewAI #5005 fix(security): prevent XXE attacks with defusedxml
MCP Servers #3663 fix(sqlite): prevent SQL injection in describe_table
LiteLLM #24458 fix(security): use Jinja2 SandboxedEnvironment to prevent SSTI
LiteLLM #24455 fix(security): add AST validation for custom code exec()
LiteLLM #24346 fix(security): fix prompt injection detection — async heuristics
FastChat #3820 fix(security): sanitize HTML to prevent XSS injection

Tech

Python TypeScript React FastAPI PostgreSQL Elasticsearch Docker Redis

Get in touch

If you're interested in AI security, Buddhist studies, digital humanities, or NLP for historical texts — open an issue or start a discussion on any of my repos.

Pinned Loading

  1. fojin fojin Public

    Buddhist Digital Text Platform — 9,200+ texts, 500+ sources, 8 UI languages, AI Q&A (RAG), knowledge graph, full-text search

    Python 153 29

  2. llm-seclint llm-seclint Public

    Static security linter for LLM-powered applications. The Bandit for the AI era.

    Python 1

  3. Buddhist-AI-Translator Buddhist-AI-Translator Public

    慧译通 - 专业佛教AI翻译器 | Buddhist AI Translator with Sanskrit, Pali, Tibetan support. Powered by DeepSeek API.

    JavaScript 5