Vin Patel is an AI technologist and published author with 25+ years of experience. He is the creator of Manuscript (open-source AI content detection), AEORank (AI Engine Optimization), and the Bhagavad Gita App. His work has been archived by the British Library and cited by UKCERT.

AEORank is an open-source AI visibility platform that scans any website across 36 criteria, scores it from 0-100, and generates 9 deployment-ready files that improve discoverability by AI engines like ChatGPT, Perplexity, Claude, and Gemini. Includes a free CLI, dashboard at app.aeorank.dev, GitHub App, and 13 framework plugins. Visit aeorank.dev.

What is the Bhagavad Gita App?

A verse-by-verse platform at bhagavad.net presenting all 700 Gita verses through 8 philosophical traditions with multi-tradition synthesis, life applications across 4 pillars, and 5,600+ searchable life questions. Open source and MIT licensed.

Manuscript is the only open-source AI content detector that runs 100% on your infrastructure. It detects AI-generated text, images, audio, and video with zero external API calls. Built in Go, self-hosted via Docker. Visit manuscript.dev.

How can I work with Vin Patel?

Vin is available for speaking engagements, podcast interviews, and consulting on AI strategy. He also runs the IdeaForge Workshop, a 4-day intensive for building AI products. Contact vinpatel.pro@gmail.com or visit vinpatel.com/speaking.

TanStack NPM Compromise: Supply-Chain Trust Is Broken

The signal: TanStack, one of the most trusted headless UI/data libraries in the JS ecosystem, published a postmortem on an NPM supply-chain compromise that snuck malicious code through its package distribution.

Why it matters: If a widely-used, well-maintained library like TanStack can get hit, your dependency tree is not safe by default — full stop. Every package you pull in without pinning, auditing, or verifying is a potential backdoor into your production environment.

The pattern I’m watching: Supply-chain attacks are becoming the preferred vector precisely because developers have gotten good at defending their own code — so attackers moved upstream. AI-assisted coding is making this worse: AI tools confidently suggest npm install without any security context, and developers ship faster than they audit.

What I’d do with this: Lock your dependency versions today — no more ^ or ~ in package.json for critical libraries — and add npm audit as a hard-fail step in your CI pipeline. If you’re building anything with user data, treat every third-party package as hostile until proven otherwise.