The inverse of securing agents: building an agentic system that runs a traditional red-team engagement. Recon, enumeration, exploitation, and reporting as an agent loop, with scope enforcement and human gates as the core architecture.
An agent whose only memory is the context window restarts from near-zero every time it compacts. Here is how to give agents memory that lasts: working, episodic, and semantic memory, write-time fact extraction, and hybrid retrieval, plus the failure modes that break naive RAG-as-memory.
Anthropic's 'Building Effective Agents' draws a hard line between workflows and agents. Here is what each pattern - prompt chaining, routing, parallelization, orchestrator-workers, evaluator-optimizer - looks like in practice, and how to choose the simplest one that works.
Pattern matching catches the lazy injections and misses the rest. A layered approach to detecting prompt injection: regex baselines, semantic scoring in embedding space, LLM-judge classifiers, and provenance, plus why detection is a filter and never a fix.
You cannot improve an agent you cannot measure, and agents resist measurement: non-deterministic, multi-step, open-ended. Here is how to build evaluation harnesses that test outcomes and behavior, not just single outputs, and the traps that make eval numbers lie.
The moment more than one application calls an LLM, you need a gateway: one endpoint, many providers, with routing, fallbacks, guardrails, quotas, and observability. Here is the architecture of an LLM gateway and why it becomes load-bearing infrastructure.
The tool that makes an agent useful, shell execution, is also the one that can wreck your host. Here is how to isolate agent tool calls: containers, syscall filtering, resource limits, egress control, and the threat model behind each layer.
A technical deep dive into TinyClaw - a full-featured AI agent platform in ~11K lines of TypeScript. From message pipeline to multi-channel delivery, here's how every layer of an AI assistant system works.
What makes an AI agent different from a chatbot is one while loop. Here's how to build one from scratch in Python - tools, state, error recovery, and the core loop that powers every AI coding agent.
MCP is the standard that lets AI agents use external tools. Here's how the protocol works, what the message flow looks like, and how to build a web search MCP server from scratch.
Prompt injection is the most critical vulnerability in LLM-powered applications. Here's how direct and indirect injection work, why they're hard to defend against, and what you can do about it.
A deep dive into building a complete LLM inference engine - from transformer math to OpenAI-compatible API - using nanollama, an educational implementation in ~1400 lines of Python.
A technical walkthrough of building a foundation model - from architecture decisions and dataset curation to pretraining, supervised fine-tuning, and RLHF. With concrete examples at every stage.
Follow a single prompt through every layer of a decoder-only transformer - from raw text to tokenization to embedding, through 22 transformer blocks, to autoregressive next-token prediction and EOS.
How attention, normalization, and residual connections combine into the architecture powering every modern LLM, from the original encoder-decoder to decoder-only GPT.
Why sequential models hit a wall with long sequences, and how the attention mechanism - queries, keys, and values - solved the problem and unlocked modern AI.
How stacking neurons creates universal function approximators, and the mathematical machinery that finally solved the credit assignment problem that froze AI for fifteen years.
From dendrites to equations. How researchers looked at a real brain cell and distilled it into the mathematical model that launched artificial intelligence.