Hi, I'm

Bertha Cornish.

I build things for the backend.

I'm a TypeScript developer who mostly works on APIs, CLI tools, and security tooling for AI integrations. Right now I'm focused on MCP server security and building developer tools that are actually pleasant to use.

GitHub Get in touch

About

I got into programming through tinkering with Node.js scripts that automated stuff I didn't want to do manually. That turned into building APIs, then CLI tools, and eventually I ended up doing a lot of work around AI integration security — specifically the Model Context Protocol (MCP) ecosystem.

Most of my work is in TypeScript and Node.js. I've built REST and GraphQL APIs with Express, Hono, and NestJS, deployed things on Cloudflare Workers and Vercel, and spent more time than I'd like to admit debugging production database migrations. I also write Python when the project calls for it.

When I'm not coding, I'm probably reading about distributed systems or arguing about whether ORMs are worth the abstraction.

Languages TypeScript, JavaScript, Python
Backend Node.js, Express, Hono, NestJS, FastAPI
Databases PostgreSQL, SQLite, MongoDB, Supabase
Infra Docker, GitHub Actions, Cloudflare Workers, Vercel
AI/MCP Claude API, OpenAI, MCP Servers, agentgateway

Some things I've built

Total Recall

github

Zero-config persistent memory system for Claude Code. Hooks into session lifecycle to automatically capture decisions, constraints, and context into a LanceDB vector store — so nothing gets lost between conversations. Includes semantic search, conflict detection, tiered protection (pinned memories can't be auto-modified), and multiple view generators. 261+ memories indexed across real production use.

JavaScript/ LanceDB/ Vector Search/ Claude Code

cal.com — guest availability for reschedules

PR #28636

When a host reschedules a group booking on Cal.com, guests' busy times weren't considered — so you could accidentally double-book them. I added guest availability checking to the slots API, with proper gating so it only applies to host-initiated reschedules. Includes full tRPC schema changes, frontend hook plumbing, and 30+ tests covering edge cases.

TypeScript/ Next.js/ tRPC/ Prisma

mcp-shield

github

Security scanner and hardening tool for MCP server deployments. Reads your Claude Desktop and Cursor configs, runs a 9-dimension security assessment (auth, rate limiting, TLS, CORS, etc.), gives you a letter grade, and generates production-ready agentgateway configs. Went from "I wonder if my MCP setup is safe" to a working CLI in a weekend.

TypeScript/ MCP/ agentgateway/ Security

starbasedb — async export system

PR #101

Contributed an R2-backed streaming export pipeline to starbasedb (Outerbase's edge database). The problem: large CSV/JSON exports were blowing up Worker memory limits. My solution streams results through R2 in chunks, so you can export datasets way larger than what fits in memory. Written for Cloudflare Workers with Hono.

TypeScript/ Cloudflare Workers/ R2/ Hono

invoice-gen

private

REST API for generating and managing invoices. Built for a client who needed automated billing with PDF export, Stripe integration, and email delivery. NestJS backend with PostgreSQL, deployed on Railway. Handles around 2k invoices/month in production.

TypeScript/ NestJS/ PostgreSQL/ Stripe

pricetag

private

Price monitoring service that tracks competitor pricing for an e-commerce client. Playwright-based scraper that runs on a cron, diffs prices against the previous snapshot, and sends Slack alerts when something changes. Simple but it's been running without issues for 8 months.

TypeScript/ Playwright/ SQLite/ Slack API

deploy-notify

github

GitHub Action that posts deployment notifications to Slack/Discord with commit diffs, author info, and environment details. Nothing groundbreaking, but it scratched my own itch and a few teams adopted it.

TypeScript/ GitHub Actions/ Webhooks

Where I've worked

2025 — present

Freelance Developer

Working with clients on API development, MCP security tooling, and automation projects. Built mcp-shield, contributed to open-source projects including starbasedb. Focused on TypeScript/Node.js backend work and AI integration.

2023 — 2025

Backend Developer — Contract

Built and maintained REST APIs for a SaaS platform handling invoice generation and payment processing. Migrated legacy Express codebase to NestJS, set up CI/CD with GitHub Actions, and reduced API response times by ~40% through query optimization and caching.

2021 — 2023

Junior Developer — Agency

Shipped client projects across e-commerce, dashboards, and internal tools. Mostly React frontends with Node.js backends. Learned a lot about working with real production systems and clients who change requirements mid-sprint.

Writing

How I Built a Security Scanner for MCP Servers

The weekend project that turned into a real tool. Covers the scoring system, agentgateway config generation, and what I learned about how most people deploy MCP servers (spoiler: no auth).

Get in touch

I'm open to freelance work — especially API development, MCP/AI integration, and CLI tools. If you've got something interesting, I'd like to hear about it.

Email me GitHub Upwork

Support my work

If you find my open-source projects useful, consider sending a tip. Every bit helps keep the lights on.

ETH wallet QR code

ETH / ERC-20 (also works on BSC, Polygon, Arbitrum)

0x373e7DeCEdFAAb97Bf3571081Fef0645df09fC18