Writing
AI controls, agent systems, banking governance, production practice. 408 essays, newest first.
- AI Controls Architecture
Risk teams know risk. The open problem is designing controls for systems that are non-deterministic, probabilistic, and attackable in natural language.
- Governing Agents the Way Cells Govern Themselves
Six cell biology mechanisms that reveal what the networking 'control plane' metaphor misses about governing AI agents.
- The Risk Without an Engineering Solution
Every other agentic AI risk has an engineering answer. Prompt injection doesn't. That changes everything about how you design controls.
- Lint as Cartography
The first time you run a quality gate against real data, the output is less about the gate and more about the data.
- Detect-and-Degrade
When your tool depends on the host, declare the dependency at the gate. Don't wrap it. Don't patch around it.
- The missing layer between model risk and application security
Model risk reviews the model. Application security reviews the application. Neither sits behind the agent at execution time, watching the verbs as they go out.
- Multi-persona AI review models the receiver, not the commission
Persona-based AI reviews predict how stakeholders will react to a paper. They cannot tell you whether to act on those predictions, because the commissioning history is invisible to the lens.
- Legibility Precedes AI
AI cannot help an enterprise that cannot describe itself, and governance failure surfaces faster than optimisation failure.
- Format is thinking discipline
Compression did not simply shorten the notes. It sharpened them. Headers and bullets had been doing the thinking the prose was supposed to do.
- A framework rejection is not the end of the evaluation
Forty thousand stars are voting on something. The framework verdict was correct. Closing the file was premature — the value still lives in the dependency tree.
- The engine is the policy
A clever optimisation that was a silent regression. The override flags survived out of habit. None of the reasons survived contact with the actual numbers.
- Operating papers and board papers can't be the same document
One paper for two audiences reads like leverage. It is actually a trap. The director commissions; the board governs a portfolio. They cannot read the same document.
- The Lens Trick: Why One AI Review Isn't Enough
Five rounds of the same question produced diminishing returns by round three. Then I changed the question — same document, different reviewer.
- The OAuth Token You Forgot About
Vercel was breached through a third-party AI tool's OAuth token. The lesson is not about Vercel's security — it is about how every AI tool you onboard extends your attack surface in ways your governance framework does not track.
- The Search-and-Replace Test for AI Governance
If you can replace 'agent' with 'application' and the principle still reads fine, it was never about agents.
- What Hermes Agent got right
Nous Research shipped an open-source personal agent that does most of what my bespoke system does. Here is what they got right, what they traded away, and what I stole.
- The learning loop plateau
Self-improving AI agents sound like the dream. But auto-generated knowledge is cheap, and cheap knowledge plateaus. The agents that compound are the ones someone tends.
- Observability Is Not Assurance
Most agentic AI governance frameworks treat logging and assurance as the same thing. They're not. One records what happened. The other judges whether it was correct.
- The Framework That Writes Itself
What Browser Harness gets right isn't the absence of structure — it's structure that emerges from use.
- Your LLM Review Missed a Verb/Noun Mismatch
LLMs check whether each item in a list sounds right individually. They don't check whether all items are the same kind of thing.
- How I Used 6 LLMs to Write One Word Doc Comment
The value of running six frontier models isn't six perspectives — it's six chances to be wrong, which means you can set a much higher bar for what counts as right.
- What 60K Stars Actually Validates
Garry Tan's gstack arrived at the same architectural decisions I did, independently. The convergence matters more than either implementation.
- The Anti-Slop Pattern
Most AI skill prompts say 'make it good.' The ones that actually work say 'here are the 22 things you'll reach for first — reject all of them.'
- AI Controls Architecture
Risk teams know risk. The open problem is designing controls for systems that are non-deterministic, probabilistic, and attackable in natural language.
- Governing Agents the Way Cells Govern Themselves
Six cell biology mechanisms that reveal what the networking 'control plane' metaphor misses about governing AI agents.
- The Risk Without an Engineering Solution
Every other agentic AI risk has an engineering answer. Prompt injection doesn't. That changes everything about how you design controls.
- Why Agents Break Governance
Four interactions between agentic properties create risks that manual governance cannot address. The category boundary is not AI versus traditional — it is systems that act versus systems that advise.
- The experiment loop isn't about code
Shopify's pi-autoresearch got 300x test speedups. But the real insight isn't performance — it's that the pattern works on anything with a number.
- I Built 200 CLIs for My AI. Here's What Actually Matters.
A Chinese article argues CLI is becoming the AI plugin format. I've been living this for months with 442 tools. The article is right about CLI. It's wrong about what makes CLI work.
- The Template Is the Schema
Seven PyPI releases of a CV generation tool in one afternoon taught me that template-guided synthesis lives and dies by what the template already contains.
- Assume the LLM never ran
A 208 MB log, 59,356 retries, and zero LLM calls. A debugging story about what happens when the symptom lies about the cause.
- Same Trigger, One Skill
A simple rule for keeping AI agent skill systems coherent: if two skills fire on the same trigger, merge them. Different trigger, different skill. No exceptions.
- Overnight Autonomous AI Coding: What Actually Works
I left an AI coding pipeline running overnight with 21 monitoring cycles. 5 features merged, 10 specs dispatched, 3 root causes found. Here's what worked, what broke, and the quality of the output.