Software engineer and researcher building developer tools, SRE benchmarks, AI-agent infrastructure, and reliable open-source systems.
Portfolio | Projects | Open Source PRs | Google Scholar | LinkedIn
I use GitHub as a working portfolio: upstream fixes, benchmark harnesses, agent tooling, and small products that ship.
June 2026 snapshot: 69 public authored PRs, including 58 PRs outside my own repositories and 44 merged PRs. Full index: author:thromel public PRs.
Current contribution lanes:
- .NET and data systems: EF Core correctness fixes, runtime migration work, relational behavior, and developer-facing diagnostics.
- Developer tooling: RefactoringMiner MCP/WebDiff work, AST-diff correctness, compiler/toolchain fixes, and AI-assisted review workflows.
- Local infrastructure: Apple
containernetworking, hostname/DNS behavior, and Compose compatibility. - SREGym and agent evaluation: Kubernetes/SRE benchmark scenarios, context-compilation tooling, and evidence-focused patch validation.
| Project | Contribution lane | PRs |
|---|---|---|
| dotnet/efcore | EF Core correctness, migrations, and relational behavior | #38493 complex collection original values, #37560 nullable complex reload, #37415 runtime migration creation/application, #37380 ON DELETE SET DEFAULT |
| SREGym/SREGym | Kubernetes/SRE benchmark problems and failure-mode modeling | #828 Calico route-reflector label drift, #821 priority preemption cascade |
| tsantalis/RefactoringMiner | MCP server support, WebDiff workflows, AST-diff robustness, performance fixes | 15 authored PRs, including #1063, #1064, #1085, #1087, #1101 |
| apple/container and Container-Compose | Apple container networking, hostname/DNS behavior, and Compose compatibility | apple/container#1810, #1811, #1813, #1815, Container-Compose#119 |
| microsoft/TypeScript, microsoft/typescript-go | Compiler behavior, declaration emit, and type-system edge cases | TypeScript#62836, #62899, #62904, #62931, typescript-go#3314 |
| langchain-ai and openai/openai-python | Agent/tool schema handling, model API behavior, and CLI reliability | langchain#34248, #34201, #34376, deepagents#2396, openai-python#2765 |
| Kaliumhexacyanoferrat/GenHTTP, gudarzi/SaveHere, ohmyzsh/ohmyzsh | Web framework behavior, downloader reliability, and developer tooling quality-of-life fixes | GenHTTP #770, #771, #772, #773; SaveHere #69, #71, #72, #73; ohmyzsh#13472 |
| Project | What it is | Why it is here |
|---|---|---|
| ChannelDeck | Native macOS IPTV player for Xtream-style accounts | Public Swift app with releases; latest release adds multiview playback, local recording, saved layouts, and M3U export |
| ctxhelm and HelmBench | Local-first context compiler, MCP context broker, and benchmark work for AI coding agents | Systems/tooling research around context quality, navigation, and agent workflows |
| PatchSmith | Coding agent for software-maintenance tasks with sandboxed patch validation and evidence reports | Agentic repair workflow that keeps patches tied to validation evidence |
| 1brc-csharp | .NET 10 solution for the One Billion Row Challenge | Performance-oriented C#/.NET systems work |
| Yet-Another-C-Compiler | C/C++ compiler project | Older systems project showing compiler pipeline work and low-level implementation experience |
| CSE306 Computer Architecture Sessional | ALU, floating-point adder, and pipelined 8-bit MIPS processor work | Older computer-architecture project with simulator-facing hardware design artifacts |
| CSE-314 Operating System Sessional | Operating-systems coursework and systems programming | Older low-level C++/systems project that rounds out the portfolio beyond web/profile work |
I work at the intersection of software engineering, security, and AI-assisted development.
- AI for Software Engineering
- Software Security
- LLM Agent Security
- Empirical Software Engineering
Selected work:
-
An Empirical Study on Remote Code Execution in ML Model Hosting Ecosystems Large-scale study of roughly 45,000 repositories across five ML model hosting ecosystems. Submitted to TOSEM 2026.
-
The Choice Can Be the Attack: Auditing Aligned Backdoors in LLM Agents Endpoint-black-box audit design for detecting hidden triggers that covertly change which valid option an LLM agent chooses.
Software Engineer at IQVIA building healthcare systems at scale. Incoming M.Sc. in Computing Science student at the University of Alberta starting in September 2026, joining U-A-Goose.
I am most interested in systems where engineering quality is measurable: reproducible benchmarks, reviewable patches, runtime evidence, and security boundaries that hold up under real workflows.
- Portfolio: tanzimhromel.com
- Email: tanzimho@ualberta.ca
- Email: romel.rcs@gmail.com