I'm a software engineer based in India. I work across the full stack — shipping production AI systems for clients, and contributing fixes to the open-source tools the ML and agent ecosystem runs on.

• 🔧 I find correctness bugs, silent failures, and security holes in production codebases and fix them
• 🤖 I build AI-native products — pipelines, agents, verification systems, clinical tooling
• 🌏 Open to full-time remote roles in Backend, Applied AI, and Full Stack Engineering

I contribute to the internals of tools I use — compiler stacks, agent runtimes, LLM frameworks. Here's what I've shipped:

karpathy/autoresearch — AI agent framework, 50k ⭐

• PR #17 — Self-healing error recovery: agent parses its own stack traces and resumes from OOM/syntax failures without stopping. Contributed within hours of the repo going public. Shopify's CEO ran it overnight and got 53% faster rendering from 93 automated commits.
• PR #16 — Eliminated ~4GB of persistent VRAM overhead per run by switching tanh to native bfloat16 — headroom that matters on a single H100 running 100+ experiments overnight.

googleworkspace/cli — Official Google repo, Rust, 20k ⭐ in 2 weeks

• PR #500 — Eliminated a TOCTOU race condition in atomic writes: OAuth tokens were briefly world-readable between creation and permission enforcement. Enforced 0o600 atomically at creation, closing the leak window for ~21,000 users.
• PR #506 — Google Meet integration for calendar +insert with deterministic requestId hashing — eliminates duplicate Meet links on API retries.
• PR #542 — Fixed silent auth failure: token directory errors were swallowed, credentials silently never persisted while auth appeared to succeed.

NVIDIA/NemoClaw — NVIDIA agent security stack, 15k ⭐

• PR #187 — Enforced 0o600 on openclaw.json during migration — session and routing config was world-readable by default. Propagated into 3 downstream forks within 13 hours of merge.
• PR #186 — chmod 600 on .env at sandbox startup — closed the exposure window before any agent process reads secrets.
• PR #174 — chmod 600 on remote .env post-SCP during deploy() — different attack surface from #186, both were unpatched.

pytorch/pytorch — C++ & Python compiler stack, 63% of global model training

• PR #169128 — Fixed silent data corruption in Inductor C++ kernels: OpenMP + OpenCV together silently produce wrong training outputs. No error thrown. Affects 63% of global model training.
• PR #169786 / #169126 / #169788 — torch.compile crashes on nested autograd, Conv+BatchNorm FX graph failures, silent index_select out-of-bounds corruption — across ~1.57B pip installs.

langchain-ai/langchain & langgraph — LLM frameworks, used by Replit, Uber, LinkedIn, GitLab

• PR #6509 — Fixed validation crash blocking Generic type hint injection in LangGraph — unblocked ToolRuntime[Context] patterns in typed agent pipelines.
• PR #34046 / #34053 / #34114 — Fixed silent tool-calling failures across Mistral, Groq, and Ollama. TypeErrors that caused agent workflows to silently stop on provider switch. ~500k developers monthly.

kubernetes/kubernetes — Go, 5.6M developers, 3M+ production clusters

• PR #135460 — Modernizing the Device Resource Allocation (DRA) API: migrating DeviceTaint and AllocatedDeviceStatus to declarative API markers across ~3M production clusters.

• 🏆 3rd Place — Splunk Global Hackathon 2025 out of 1,200+ entries — OPA security add-on for real-time threat detection and privilege escalation auditing
• ⚡ Celer AI — voice-to-text pipeline for clinicians, medical report generation from 15 minutes to 40 seconds (95% reduction)
• 🛡️ Trustful — hallucination detection layer for insurance data extraction using Gemini + Zod validation. A hallucinated policy number in insurance is a liability, not a UX bug.