Selling skills is a weak business; selling the expertise expressed through skills is a strong one — and most people asking the question are confusing the two.

@Victor Vincent agreed 👍

Agree 100% and well stated. -- Also I experience -pain- problems and ask myself how could this be solved so that also leads to conversations. I also have people who are solo entrepreneurs complain that this "problem" is causing them issues, I tell them to send me the details, five out of five solved so far but I am doing that for free as part of networking and building goodwill.

A question you could ask them and maybe yourself (they would have to role play that they are an AI geek) but it's about provoking thought! -- Assume you can suddenly time travel and in -five- years you have unbound wealth and a huge network and all the resources and you still got the adrenaline for solving problems what would you do, assuming this is now your philonthropic work? -- 1. Me I would democratise healthcare, collapse the cost and make it more widely available! (I was diagnosed with cancer two years ago, all good now but I had full health coverage but still had to contribute $15K) I am however grateful that I had the money to take care of that but the stress if you do not must be immense! Even if you wouldn't be philanthropic what would you do & why? -- AI is becoming boundless, you can solve meaningful problems, make money along the way and then gift back. (Guess it's more personal to me as I am 66 days away from retirement after 50 years and 21 days being employed and paying taxes)

Just to add maybe you make it a kind of game and say I will go first, tell them what you would do then ask them to go!

I live in Switzerland so this is from my viewpoint and circumstances as to what and where I am going to build out stuff. Also this is my opinion and yes, AI has helped a lot with searching for the answers so do your own due diligence and I am sharing just to help educate people who are stumbling and or curious about this: -- A few things I'd add from a different angle: 1. The regulatory question precedes the security one. Before "is my workflow secure," the question is "am I even legally allowed to be handling this data in this way?" The moment an agency touches a client's customer records, they've almost certainly become a data processor under GDPR (EU/UK), with the client as controller. That triggers concrete obligations: - A signed Data Processing Agreement (Art. 28 GDPR) — not optional, not a handshake - A Record of Processing Activities - Breach notification within 72 hours - Sub-processor disclosure (every API you pipe data through — OpenAI, Anthropic, Zapier, Make, n8n, vector DBs — is a sub-processor the client legally needs to be told about) Most agencies I see operating have none of this. They're non-compliant the day they sign their first client. 2. Cross-border data flow is the silent killer. If a Swiss or EU client's data hits a US-based LLM API, that's an international transfer requiring Standard Contractual Clauses or equivalent safeguards. The EU-US Data Privacy Framework helps but doesn't cover every provider. Almost nobody in the agency space has done this analysis. 3. Sector-specific rules layer on top. - Healthcare data → HIPAA (US), national health data laws (EU) - Financial data → varies wildly; in some jurisdictions you need to be a registered financial services provider just to touch certain data types - Children's data → COPPA, age-gating obligations - Employment data → works council consultation in much of Europe An "AI agency" automating recruitment workflows in Germany without works council sign-off is building on sand.

@Muskan Sharma I am planning implementing some hardware authentication but be careful for example I will use for example root or sys access but not everything and not layered as that can open up another attack vector! This was just what Claude came back with but there’s a few audit skills and git repos so I will take a look at those too and build out my own framework certainly on the Hostinger VPS but also I need to have a complete architecture of everything including using Telegram, MacBook 💻 etc, etc … It’s going to be an educational week for me but important. I understand there’s a need for speed to market but imagine you have something that becomes successful but weak security and under attack you are going to be fire 🔥 fighting. Guess one thought 💭 is to package 📦 stuff into docker containers 🫙 but like everything there’s no perfect solution just one where you start out with the correct mindset and a chance to react fast. Apologies for my rambling but I have found once you automate the hell out of these sub systems monitoring you can produce a dashboard, backups, security etc along with daily checks you free yourself up to focus on delivering solutions fast 💨 ChatGPT keeps scolding me for building stuff and tells me to just deliver an MVP slop and all but that’s not me ….

Anthropic's Project Glasswing has catalogued over 10,000 high/critical severity vulnerabilities across 1,000+ open-source projects — and has begun automated remediation. Independence Engine runs on an open-source stack (Python packages, Infomaniak infrastructure, Hostinger). This is your signal to run a dependency audit before you acquire your first paying customer. Free to check; expensive to remediate post-breach. Run pip-audit against your current pyproject.toml today. -- Above is for my project hence a bit specific but it cam up on my daily velocity report -- As mention automate the heck out of stuff, it's a 1 minute read and then you decide rather than forever searching https://thehackernews.com/2026/05/claude-mythos-ai-finds-10000-high.html -- Example of todays report ... but I have it in HTLM as well and can drill down to the details.