AI Articles Archive
Full archive of technical articles on AI agent security, LLM evaluation, agent architecture, prompt engineering, and evidence-based AI workflows.
Grouped by topic; within each topic sorted by published date (newest first).
AI agent security (12) AI agent security (12)
-
An architecture-level mapping of prompt-injection-related LLM application failure modes to OWASP LLM Top 10 and NIST AI risk-management categories.
-
A practical checklist for auditing eight trust-boundary checkpoints where untrusted artifacts can steer routing, tool use, and write-path actions in chained LLM systems.
-
A technical analysis of the security risks created when AI agents can read, interpret, route, or act on Gmail, WhatsApp, private message threads, attachments, links, and communication workflows.
-
Security analysis of connected apps, external tools, and remote MCP servers as capability, scope, approval, disclosure, and side-effect control surfaces.
-
A threat model for browsing-enabled and tool-using LLM systems where retrieved web content can steer routing, tool arguments, follow-up calls, or side effects.
-
Client-observed security report on text-only confirmations of privileged state or actions where the public article does not include signed backend audit artifacts. Backend state changes are not independently verified in this public report.
-
How multi-step orchestration (controller) loops change the threat model in tool-using systems, and where to enforce separation, authorization, validation, and budgets to reduce prompt injection, tool misuse, unsafe writes, and unbounded consumption.
-
An engineering guide to preventing authority confusion in prompt assembly by separating authoritative policy from untrusted content with typed provenance.
-
Threat model of social engineering against AI decision pipelines; maps prompt injection to enforcement controls outside the model (PDP/PEP, validation, budgets).
-
Why agent-layer threat modeling is incomplete: the first high-leverage control point is the LLM integration trust boundary (before agent frameworks exist).
-
A reviewer-oriented threat model for request assembly in AI assistants: what enters context, what gets prioritized or dropped, and where policy, tool, memory, retrieval, and audit checkpoints should be reviewed.
-
Two vendor-agnostic control-plane failure patterns—privilege persistence across interaction boundaries and non-enforcing integrity signals—that allow untrusted state to steer tool execution across steps.
AI agent architecture (4) AI agent architecture (4)
-
Why multi-path reasoning in LLM systems usually comes from inference-time orchestration rather than ordinary single-pass autoregressive decoding.
-
A control-plane placement comparison for tool-using LLM systems, covering reliability, observability, latency, cost governance, and security.
-
A vendor-agnostic model of context construction—what can enter context, what gets used per response, what is retained for later, and which security controls must live outside the prompt.
-
A practical mapping of human cognitive capabilities to GenAI limitations, engineering substitutes, and residual gaps.
LLM evaluation (7) LLM evaluation (7)
-
A mechanism-first explanation of textual emotional signals in AI chat and agentic systems: signal interpretation, response adaptation, failure modes, and the authority boundary.
-
Why clowns and some AI-generated outputs can feel unsettling: not because they are simply strange, but because they imitate human cues while disrupting the signals people rely on to read emotion, intent, realism, and coherence.
-
A client-side black-box analysis of observed ChatGPT classification artifacts, separating user access, prompt demand, and capability allocation.
-
Evidence-anchored overview of how ToM is defined in psychology, how it is operationalized for LLM evaluation, and what current results do and do not justify.
-
A technically grounded explanation of sycophancy: what it is, what evidence supports, how preference optimization can produce it, and how release practice can reduce it.
-
A precise reference for nested mental-state attribution (“orders of intentionality” / “recursive mindreading”) and how these constructs are operationalized in evaluations of humans and LLMs—without implying mechanism-level Theory of Mind.
-
Why fluent LLM outputs can still be wrong, and how to enforce evidence-locked answers (retrieval + provenance + fail-closed gates).
Prompt engineering (4) Prompt engineering (4)
-
Why AI summaries, edits, extractions, and content drafts can fail before generation begins: file upload, source retrieval, active context, and full-file review are different things.
-
Vibe coding is not risky because AI can generate code. The risk starts when AI-generated code is approved without sufficient comprehension, review, security validation, and long-term ownership.
-
A practical guide to choosing the right ChatGPT layer for work: modes, search, deep research, agent mode, personalization, memory, and projects.
-
A deep dive into why prompts fail in daily work, how to design evidence-bounded prompt specifications (grounded outputs), and how to evaluate them.