Page 41
12 articlesHuman Override as a First-Class Feature: Designing AI Systems That Fail Gracefully to Human Control
Most AI systems treat human takeover as an error state rather than a designed mode. Here's how to build override protocols that are first-class operational paths, not afterthoughts.
The Invisible Author Problem: Git Blame When AI Writes Most of Your Code
When 46% of code is AI-generated and carries no provenance metadata, git blame terminates at a developer who accepted a suggestion they may not have understood. Here's what breaks and what teams are doing about it.
LLM-as-Judge Adversarial Failures: When Your Eval Harness Gets Gamed
A null model with constant outputs topped AlpacaEval at 86.5% win rate. Here's how LLM judges get gamed, the structural biases they carry, and the audit protocol that keeps your eval pipeline honest.
Your Load Tests Are Lying: LLM Provider Capacity Contention in Production
LLM APIs are multi-tenant shared infrastructure — your load tests pass at 2 AM but production latency spikes at 9 AM Tuesday. Learn the mechanics of shared peak demand and the architectural patterns (multi-provider hedging, circuit breakers, reserved capacity) that protect your SLOs.
LLM Self-Debugging: When the Explanation Is the Signal vs. When It's the Lie
LLMs answer fluently when asked why they failed — but the explanation and the actual failure mechanism are often two different things. A practical guide to telling them apart before you act.
LLM Tail Latency: Why Your P99 Is a Disaster When P50 Looks Fine
LLM response time distributions are fundamentally heavy-tailed in ways that conventional API monitoring misses entirely. Here's how to diagnose the P99 gap and fix it.
MCP Ambient Authority: The Tool-Chaining Attack Surface That Session-Scoped Permissions Create
MCP's session-scoped permission model grants agents access to entire tool surfaces at authorization time. Here's how that creates tool-chaining attack paths, and what least-privilege patterns actually look like in practice.
The Organizational Immune System: Why Companies Kill AI Features That Actually Work
Technically successful AI features get killed by organizational antibodies every day. Here's the pattern, why it happens, and the stakeholder playbook that gives working AI a path through.
PII in the Prompt: The Data Minimization Patterns Your AI Pipeline Is Missing
Customer personal data flows invisibly into context windows, vector stores, and fine-tuning datasets. Here are the classification, scrubbing, and architecture patterns that keep AI pipelines GDPR/CCPA-compliant without wrecking model quality.
The Ghost in the Weights: How Pretraining Residue Breaks Your Fine-Tuned Model in Production
Fine-tuning adjusts weights, it doesn't reset them. Pretraining priors bleed through on out-of-distribution inputs, producing confidently wrong answers your eval suite never catches. Here's how to detect and mitigate it before it reaches users.
Privacy Mode That Actually Keeps Its Promise: Engineering User-Controlled Data Boundaries in AI Features
Most AI privacy modes are retention theater — the toggle exists, the data flows anyway. Here's how to engineer user-controlled data boundaries that actually hold, from ephemeral inference to audit trails users can verify.
Profiling LLM Pipelines: The Bottlenecks That Aren't Inference
Most LLM pipeline latency doesn't live in inference. A breakdown of the real bottlenecks — preprocessing, double tokenization, synchronous retrieval, serialization — and how per-stage tracing makes them visible.
About Tian Pan
I'm Tian Pan, an engineer-founder focused on agentic engineering — building autonomous AI systems and scaling engineering teams. I write practical guides on system design, technical leadership, and shipping with AI agents. Previously an early engineer at Uber, Brex, and IoTeX.
