Google Gen AI 5-days Intensive Course - Capstone Project - AI Food Agent by Haszeli

🍽️ NakMakanApa – A Generative AI Companion for Personalized Meal Discovery

🧠 Introduction

Every Malaysian has faced the timeless question: “Nak makan apa?” ("What do I want to eat?"). Whether you're a busy parent, a health-conscious professional, or someone simply staring at a fridge of random ingredients, deciding what to eat can be surprisingly stressful.

NakMakanApa is a Generative AI-powered food recommendation system that turns that daily dilemma into an intelligent, personalized experience. Built as part of the GenAI Intensive Course Capstone Project, this solution blends natural language understanding, image recognition, and AI-driven reasoning to guide users toward delicious, healthy, and culturally relevant meals.

🌟 What Makes NakMakanApa Special?

This isn’t just a recipe finder. NakMakanApa is a full-featured AI agent capable of:

• 🗣️ Understanding user prompts like “saya nak makanan pedas dan sihat untuk jantung” (I want something spicy and heart-healthy)

• 🖼️ Interpreting images of fridge contents to identify usable ingredients

• 🧠 Personalizing meal suggestions based on preferences, health goals, and local cuisine

• 📦 Fetching recipes via vector search and fallback to Gemini LLM if needed

• 🧾 Generating structured summaries and advice about the meal’s health benefits

• 📄 Exporting everything as a clean PDF or TXT document

---

🔧 How It Works – The Process

The project unfolds in 8 major steps:

1. Prepare a structured recipe dataset as a DataFrame (df_recipes)

2. Install and configure required libraries (LangChain, FAISS, Gemini SDK, YOLOv8, etc.)

3. Allow image input – users can upload a fridge/ingredient photo

4. Detect ingredients via YOLOv8 and match them with user preferences (multilingual supported!)

5. Search local FAISS vector index for best recipe matches

6. Fallback to Gemini if no good match is found, auto-updating the dataset & vector DB

7. Summarize recipe & highlight health benefits, giving users a clear reason for the recommendation

8. Generate PDF or TXT output, with beautiful formatting, for sharing or saving offline

Example of the screen on kaggle

---

💡 GenAI Capabilities Applied

Capability	Application
📊 Structured Output / JSON Mode	Recipes returned in structured JSON: title, ingredients, steps, tags
🧠 Image Understanding	YOLOv8 used to detect food from photos
📚 Retrieval-Augmented Generation (RAG)	Blend of FAISS vector search with Gemini fallback
🔍 Vector Store	Efficient similarity search on recipes using semantic embeddings
🤖 Agents (Bonus)	The system behaves like an AI agent orchestrating input parsing, generation, and summarization seamlessly

---

🧪 Results & Achievements

✅ Users can receive personalized meal suggestions from both text and image input
✅ Recipes include clear, AI-generated summaries explaining their health value
✅ The system handles English and Malay prompts with ease
✅ Users can export results to PDF, making meal planning effortless
✅ Every process includes robust error handling for reliability

---

🚀 What’s Next?

This project is just the beginning. Future enhancements include:

• 📱 A mobile app version for everyday usage

• 🧮 Nutritional analysis (calories, macros, allergens)

• 🛒 Smart shopping list generation

• 🌏 Expansion to Middle Eastern and global cuisines

• 👩‍🍳 Community recipes and feedback-driven learning

---

👨‍🎓 Final Thoughts

NakMakanApa is more than a technical showcase—it’s a vision for how Generative AI can enrich daily life in culturally meaningful and health-conscious ways. By combining NLP, computer vision, RAG, and AI reasoning into a seamless user flow, we created an experience that feels human, helpful, and very Malaysian.

This project proves that AI can do more than automate tasks—it can guide, support, and inspire better living.

Read More

Food Discovery AI Agent

 # 🍽️ Food Discovery AI Agent (Malaysian/Asian Cuisine)

This project is a **proof-of-concept AI agent** that recommends **what to eat** and **where to go** based on:

- ✅ User preferences and dietary restrictions  

- 🕒 Time of day (e.g., lunch, dinner)  

- 🌦️ Real-time weather at your current location  

- 📍 Your destination or current location  

- 🧠 LLM-powered reasoning (OpenAI GPT-3.5)  

### 💡 How It Works

1. **User Input**: Collects dietary preferences, time, and destination

2. **Weather Fetch**: Pulls real-time weather via OpenWeather API

3. **Place Discovery**: Uses Google Places API to find nearby restaurants or hawkers

4. **LLM Reasoning**: GPT analyzes the context and filters/summarizes results

5. **Visual Map**: Recommended spots are plotted on an interactive map

6. **Export**: CSV file download available

7. **Summary Report**: Optional AI-written recap of the session

### 🔐 API Keys Required

- OpenWeatherMap

- Google Places

- OpenAI (for summary)

Built with ❤️ for Malaysian/Asian food lovers 🍜🇲🇾  

The code is accessible at https://www.kaggle.com/code/nurulhaszeliahmad/agentfoodiet

Read More

Secure By Design: Security in Mind

 

---

Introduction

Imagine this: You’ve just finished building your dream house. It’s beautiful, modern, everything you’ve ever wanted. But then, as you’re about to move in, you realize — oh no, there are no locks on the doors. Now, instead of enjoying your new home, you’re stuck trying to retrofit security into something that wasn’t designed with it in mind.

Sounds crazy, right? Well, guess what — that’s exactly how a lot of software gets built today. We focus so much on making things work and look good that we forget to lock the doors. And when bad guys come knocking (and trust me, they will), we’re left scrambling to fix the mess.

This is something I’ve thought about a lot. With my background in IT and software security — yep, I even have a Master’s degree in it — I’ve spent years studying how vulnerabilities happen and how we can stop them before they cause trouble. What I’ve learned is simple: Security isn’t something you tack on at the end. It’s something you build in from the start.

---

The Evolution of Secure Software Development

Let’s rewind a bit. Back in the early 2000s, Microsoft was getting hammered for all the security flaws in its products. People were frustrated, and Microsoft knew they had to do something. So, Bill Gates sent out a memo to his teams saying, “Hey, from now on, trustworthy computing is our top priority.” That memo led to the creation of the Security Development Lifecycle (SDL) — a process that made security a core part of every step of software development.

And guess what? It worked. Over time, Microsoft not only reduced the number of vulnerabilities in its products but also set a new standard for secure software development. Even Linux, which has always been seen as super secure, struggled to keep up. The lesson here? If you bake security into your process from the beginning, you save yourself a ton of headaches later.

---

Modern Approaches to Security in Development

So, how do we make sure security is part of the process? Let me break it down for you.

1. The Three Pillars of Software Security

There are three main ways we test software for vulnerabilities:

Static Analysis: This is like proofreading your code before it goes live. You check for mistakes while the code is still sitting there, untouched.

Dynamic Analysis: This happens when the code is running. It’s like watching someone use your app in real-time and seeing if anything breaks or looks suspicious.

Hybrid Analysis: This combines the best of both worlds — static and dynamic testing — to give you a complete picture of your software’s security.

But tools alone won’t cut it. What really matters is the mindset. When you’re writing code, you need to think, “How could someone misuse this?” That’s what we call Secure by Design—building security into the DNA of your software.

2. SecDevOps: Making Security Everyone’s Job

Now, let’s talk about DevOps. If you’re not familiar with it, don’t worry — it’s just a fancy way of saying, “We’re going to build, test, and release software faster.” But here’s the problem: In traditional DevOps, security often gets left behind. Developers are racing to push features out the door, and security becomes an afterthought.

That’s why we have DevSecOps — where security is integrated into the DevOps process. Some people even prefer the term SecDevOps, which flips the order to show that security comes first. I like this idea because it reminds us that security isn’t just one team’s job — it’s everyone’s responsibility.

To make this work, we focus on two key practices, on top of CI/CD:

Continuous Testing: Running security checks at every stage of development, not just at the end.

Continuous Security: Keeping an eye on security throughout the entire lifecycle of the software.

By shifting security “left” (earlier in the process), we catch problems before they become big, expensive disasters.

---

Balancing Security and Business Demands

Here’s the tricky part: Developers are under pressure to deliver features fast. Businesses want results yesterday. But if we rush too much, we risk leaving the doors wide open for attackers. So, how do we find the balance?

It comes down to risk management. Instead of trying to fix every single issue, we focus on the biggest risks first. For example, if a vulnerability could expose customer data, that’s a top priority. If it’s something minor, maybe we can address it later.

The goal is to move fast without breaking things. Security shouldn’t slow you down — it should help you go faster by preventing costly mistakes.

---

Conclusion: Secure First, Deploy Smart

Here’s the bottom line: Security isn’t something you can slap on at the end — it has to be built in from the start. Whether your team is using Agile methodologies, adopting SecDevOps, leveraging program analysis tools, or following frameworks like Microsoft’s Security Development Lifecycle (SDL), the key is simple: Ensure it’s secure by design.

Think of it this way — no matter what tools or processes you use, they’re only as effective as the mindset behind them. If security is treated as an afterthought, even the best tools won’t save you. But if you embed security into every step of your process — whether you’re writing code, running tests, or deploying features—you’re setting yourself up for success.

So, here’s my challenge to you: How is your organization ensuring Secure by Design? Are you integrating it into your Agile sprints? Are you shifting security left in your SecDevOps pipeline? Or are you relying on static and dynamic analysis to catch vulnerabilities early? Whatever your approach, the goal is the same: Build software that’s secure from the ground up.

Because when it comes to security, we’re all in this together.

---

#CyberSecurity #SecureByDesign #DevSecOps #SecDevOps #SoftwareDevelopment #RiskManagement

Read More