Mike Biggerstaff
GrowBridge·PRAETOR·A governed AI software factory

Mike Biggerstaff

Self-taught builder of governed agentic AI that ships real software — safely.

The same principle runs through everything I build — from shipping software to what's growing in the tent: powerful AI, always held to a human-approval floor.

Ex-IBM & NSASecure systems and data pipelines at IBM, the NSA, and CenturyLink, before frontier AI.
Hardware-agnostic coreYour AI Grow Partner — autonomous intelligence for any setup.
Open-source, MITMulti-engine static security analysis for code, repos, and AI agent skills.
Built on ClaudeAgentic systems designed, built, and shipped with Claude

About

Self-taught builder of governed agentic AI that ships real software — safely.

For years, I worked in the shadows — technical roles at IBM, the NSA, and CenturyLink, in secure computing environments and data pipelines, on high-stakes problems where getting it wrong wasn't an option. Quiet, serious, behind-the-scenes work.

When frontier AI arrived, I kept building in private, teaching myself to wield it — shipping systems that used to take an entire team. I'm largely self-taught. I'm not a traditional senior software engineer, and I don't pretend to be — I use modern AI (I build on Claude) to design and ship sophisticated systems fast, with the secure-systems judgment to keep them safe.

What I build: agentic AI that's both powerful and trustworthy — systems that plan, build, and act, with a human in control and every change independently reviewed before it can touch production. Powerful AI is easy to demo. Powerful AI you can trust to act on its own is the hard part — and it's the part I build.

IBM, the NSA, and CenturyLink, CompTIA A+/Security+/Network+ certified, an IoT and sensor-fusion specialty — the same capabilities honed on secure, sensor-driven systems, now aimed at building in the open.

Selected work

Shipped systems, not slideware.

GrowBridge

Public

Your AI Grow Partner — autonomous intelligence for any setup.

Private beta, pre-revenue — advanced and largely built, with headline milestones landing now.

Problem

Growers juggle a separate app per hardware brand — sensors and controllers that were never built to talk to each other.

Approach

A hardware-agnostic AI command center: connect whatever sensors and controllers you already own, any brand, any mix, and GrowBridge reads the whole grow and drives it toward better yield, less waste, and more consistency — with the grower in control of every action.

Capabilities

  • One dashboard across the brands you already own — consumer smart-home and professional grow gear alike — built for home and small-facility growers, not just large commercial operations. Live integrations: PulseGrow, Bluelab Guardian, OpenSprinkler (AC Infinity in development); planned: Tuya, Home Assistant, Shelly, Aranet, SensorPush, AROYA, AutoGrow.
  • The AI proposes; you approve before anything touches your equipment — mandatory, by default. Most well-funded competitors in this category sell removing that approval step; GrowBridge deliberately keeps it.
  • A real multi-agent system, not a chatbot wrapper — specialist agents with their own knowledge bases, built and retrieval-gate-passed. The first live agent runtime and full multi-agent orchestration are landing now.
  • A self-healing hardware-integration layer — the foundation is shipped; full self-healing behavior is landing next. Not something cultivation competitors market at all today.
  • "Ask Rance," a voice assistant for grow status, plus a Grow Journal with automatic daily rollups, plant tracking, and breeding tools.

PRAETOR

Public

Multi-engine static security analysis for code, repos, and AI agent skills.

Public, MIT-licensed. First public release.

Problem

Most scanners do one thing, and almost none of them cover the AI-security / agent-supply-chain attack surface a self-improving agent or an LLM-in-the-loop pipeline actually faces.

Approach

Fuses four engines — SAST, hardcoded-secrets detection, dependency/SCA, and an AI-security engine for prompt injection, invisible-Unicode smuggling, data exfiltration, and dangerous auto-run hooks — into one prioritized, deduplicated, false-positive-filtered report.

Capabilities

  • Static only — reads files, never executes, imports, installs, or evaluates the code it scans.
  • The `secrets` and `aisec` engines are pure standard-library Python: zero third-party dependencies, fully auditable, run anywhere.
  • Detects OWASP Top 10 for LLM Applications patterns most classic scanners don't model: prompt injection, Unicode Tag / Trojan Source smuggling, exfiltration pipes, dangerous Claude Code / git / npm lifecycle hooks.
  • Ships with an honest-limits doctrine: every clean result means nothing matched these rules, not that the code is safe.

A governed AI software factory

Guarded

A self-improving, multi-agent AI system that builds and safely ships software behind a permanent human safety floor.

Best-designed, in active private use. Further autonomy earned deliberately as reliability is proven — not switched on.

Capabilities & outcome

  • Graduated autonomy — starts fully supervised, earns independence only for specific kinds of work, only after a clean, verified track record.
  • A permanent human floor — anything irreversible or high-stakes always requires a human decision, at every level of autonomy, by design.
  • Injection-resistant memory — its model of operator intent updates only through trusted channels, never from instructions smuggled in through the content it processes.
  • Honest by construction — when it can't act safely, it stops and reports the truth instead of forcing or faking a result. The clearest proof: running fully autonomously with no human in the loop, it hit protective barriers it would have had to bypass to finish the task — and refused, changed nothing, faked nothing, and returned an honest "blocked" report.
  • Also designing an adversarial red-team system for agentic AI, at the capability level — not yet built.

Architecture and implementation are proprietary — not described here.

Demos

Try it — don't take a screenshot's word for it.

01PRAETOR
PRAETOR live demo -- secrets + aisec engines
Paste code below and scan it entirely in your browser, in a Web Worker, with no network round-trip. This demo runs a TypeScript port of two of PRAETOR's four engines -- secrets and aisec. It does not run sast (Semgrep) or sca (dependency advisories), which need a real filesystem and network access. The full multi-engine CLI is at github.com/GrowDev1/praetor-security.

PRAETOR is a high-signal aid, not a guarantee -- a clean result means nothing matched these rules, not that the code is safe. This demo covers only the secrets and aisec engines (no Semgrep/SCA). Full CLI: github.com/GrowDev1/praetor-security.

02Agent Action Firewall

Agent Action Firewall

A simplified, illustrative version of the pattern real agent governance uses — not the production system. Pure pattern matching, in your browser, no model call.

Safe

No instruction entered yet.

Services

What I Can Do For You

Open to conversations about building or advising on any of the above — for teams of any size.

Agentic AI & multi-agent systems

Designing and shipping AI systems that plan, build, and act — not just answer questions.

AI safety & governance

Capability under control: graduated autonomy, human floors on anything irreversible, adversarial review before trust.

AI red-teaming

Adversarial testing for agentic systems — prompt injection, supply-chain risk in agent skills/plugins, safety-bypass patterns.

AI-driven IoT & sensor systems

Sensor fusion, time-series forecasting, and adaptive control — turning raw multi-sensor data into predictive, trustworthy guidance.

Contact

Get in touch

No form to fill out — copy the email or connect on LinkedIn, whichever's easier.