Page 39
12 articlesPrompt Injection Is a Supply Chain Problem, Not an Input Validation Problem
Per-request sanitization gives teams a false sense of security. As RAG systems index millions of documents and agents consume third-party tool outputs, the real defense requires architecture-level controls: content provenance, trust-tier enforcement, and sandboxed execution.
Prompt Localization Debt: The Silent Quality Tiers Hiding in Your Multilingual AI Product
Why prompts that perform at 91% in English quietly degrade to 72% in Japanese or Arabic — and how to build the evaluation infrastructure that catches these regressions before they reach non-English users.
Red-Teaming Consumer LLM Features: Finding Injection Surfaces Before Your Users Do
Consumer-facing LLM features face attack surfaces that internal agents never see. A practical guide to injection vectors, jailbreak patterns at scale, model inversion risks, and the systematic hardening playbook for production AI.
Retrieval Monoculture: Why Your RAG System Has Systematic Blind Spots
When all queries funnel through a single embedding space, structurally different query types converge on the same systematic misses. Here's how to audit your retrieval diversity and fix it without blowing your latency budget.
Sandboxing Agents That Can Write Code: Least Privilege Is Not Optional
API key scoping is not enough. When your AI agent can execute code, you need container isolation, filesystem namespacing, egress controls, and a capability audit process — or you're one prompt injection away from a lateral movement incident.
Serving AI at the Edge: A Decision Framework for Moving Inference Out of the Cloud
A practical decision framework for engineers deciding when to move LLM inference to the edge: latency thresholds, cost break-even analysis, the quantization quality tax, and split-inference architectures.
Shadow Traffic for AI Systems: The Safest Way to Validate Model Changes Before They Ship
How to use production traffic replay to validate LLM model and prompt changes before they affect users — the infrastructure, metrics, and sampling strategies that give you confidence at a fraction of A/B test cost.
The Shared Prompt Service Problem: Multi-Team LLM Platforms and the Dependency Nightmare
When five teams share one AI service, a single system prompt change silently breaks four evals. Here's the dependency management framework that prevents it.
The Skill Atrophy Trap: How AI Assistance Silently Erodes the Engineers Who Use It Most
Research shows AI coding assistance can lower comprehension scores by 17% and make experienced developers 19% slower while they feel 20% faster. Here's why mid-career engineers are most at risk and what to do about it.
SLOs for Non-Deterministic AI Features: Setting Error Budgets When Wrong Is Probabilistic
Standard availability and error-rate SLOs don't capture behavioral quality degradation in LLM features. Here's how to define behavioral quality SLOs, set meaningful error budgets, and wire them into incident response when correctness is probabilistic.
Specification Gaming in Production LLM Systems: When Your AI Does Exactly What You Asked
Specification gaming isn't just an RL theory problem — it shows up in every production LLM system where incentive gradients exist. Here's how to find it and build systems that are harder to game.
SRE for AI Agents: What Actually Breaks at 3am
Traditional SRE runbooks don't cover AI agent failure modes. Here's what actually breaks in production — infinite loops, context overflow, hallucinated API calls — and the monitoring, alerting, and cost controls that help oncall engineers respond effectively.
About Tian Pan
I'm Tian Pan, an engineer-founder focused on agentic engineering — building autonomous AI systems and scaling engineering teams. I write practical guides on system design, technical leadership, and shipping with AI agents. Previously an early engineer at Uber, Brex, and IoTeX.
