Posts

All the articles I've posted.

• The defenses you haven't built yet — async, a path traversal, and the bug erasing the evidence

  15 Jun, 2026

  A Monday that converted the whole RAG pipeline from sync to async (fast search 9 seconds to under 150 milliseconds), then watched the platform's own automation find a path traversal in its own code — bracketed by the discovery that an upstream auto-update bug had quietly deleted two months of the evidence this series is written from.

• Co-authored-by is a Lie: Cryptographic Provenance for AI Coding Agents

  6 Jun, 2026

  Every AI coding agent signs its commits with a forgeable plain-text line. I gave each of mine a non-exportable key in the Mac's Secure Enclave, hook-enforced, with a verifier that flags forgery — here's the build.

• Ten bugs, two-tenths of a point — the weekend search got measurably better

  1 Jun, 2026

  A weekend search-quality sprint that took benchmark scores from 0.67 to 0.74, an MCP transport migration that cut cold starts by 96%, ten bugs found along the way, and a CVSS 9.4 Harbor CVE caught by an automation pipeline deployed the same day — with the benchmark research that made it all measurable.

• Twenty-six hours, twelve tickets — and the audit that started everything else

  24 May, 2026

  A false-alarm audit on Wednesday patched 37 CVEs, reverted a cluster upgrade in fourteen minutes, then cascaded into ten more tickets on Thursday. Twelve tickets, twenty-six hours, one lesson.

• The Second Graph Comes Online: Activation, Communities, and an AI Reversal

  14 May, 2026

  How the second knowledge graph went from intermittent to dependable — Python AST plus FalkorDB plus Leiden community detection — and the moment the Kafka consumer pattern from the journal pipeline generalised into a fleet of code-intelligence workers. With one deliberate reversal from LLM-based to deterministic NLP that cut hallucinated tags from 75% to 0.3%.

• The Refusal Gate: Teaching a Bot to Say I Don't Know

  10 May, 2026

  How a single score threshold became the difference between a bot that hallucinates and a bot you can trust — and why the architectural decision to refuse synthesis is the same shape as a circuit breaker, a feature flag, and a dead-letter queue.

• The Day Everything Got Sealed

  11 Feb, 2026

  I exposed my MCP bridge to the internet so Claude.ai could search my vault remotely. Within 26 hours, Cloudflare logs showed 39 searches from 15+ Anthropic IPs — and I had no way to tell what they'd asked for. Here's the incident response that sealed every secret, obfuscated every endpoint, and bootstrapped a proper engineering workflow in the process.

• Streaming Journals: Kafka Meets LLMs

  11 Feb, 2026

  The automated journal entries were fiction. Every single one. Here's how a broken pipeline got replaced in 10 days — Kafka, vLLM workers, nine code iterations, a context preservation fix, and an LLM-as-Judge quality gate — all tracked through git commits and vault evidence.