Page 45
12 articlesThe Over-Tooled Agent Problem: Why More Tools Make Your LLM Dumber
Tool selection accuracy drops to 13% when LLMs face large tool sets. Here's why over-tooling breaks your agents and how to architect around it with routing layers, hierarchical toolsets, and lazy-loading registries.
The PII Leak in Your RAG Pipeline: Why Your Chatbot Knows Things It Shouldn't
Semantic similarity doesn't respect data-access boundaries. Here's how RAG pipelines expose sensitive records to unauthorized users—and the layered defenses that stop them.
The Privacy Architecture of Embeddings: What Your Vector Store Knows About Your Users
Embedding a user's documents creates a novel privacy surface area that traditional databases don't have. Here's how re-identification risks work, where access control breaks down in RAG pipelines, and the architectural patterns that actually fix it.
Prompt Archaeology: Recovering Intent from Legacy Prompts Nobody Documented
When you inherit a production prompt with no documentation, how do you figure out what it was supposed to do? A systematic methodology for recovering intent from undocumented prompts — and the documentation format that prevents the next engineer from facing the same problem.
The Prompt Debt Spiral: How One-Line Patches Kill Production Prompts
Production prompts accumulate technical debt through incremental patches that compound into contradictory, bloated instructions. Here's how to recognize the spiral and break it before a prompt becomes unmaintainable.
The Prompt Governance Problem: Managing Business Logic That Lives Outside Your Codebase
When you have 50+ active prompts across product, ML, and infra teams, you have a distributed systems problem — not a writing problem. Here's the infrastructure that keeps it from becoming a liability.
Prompt Injection Is a Supply Chain Problem, Not an Input Validation Problem
Per-request sanitization gives teams a false sense of security. As RAG systems index millions of documents and agents consume third-party tool outputs, the real defense requires architecture-level controls: content provenance, trust-tier enforcement, and sandboxed execution.
Prompt Localization Debt: The Silent Quality Tiers Hiding in Your Multilingual AI Product
Why prompts that perform at 91% in English quietly degrade to 72% in Japanese or Arabic — and how to build the evaluation infrastructure that catches these regressions before they reach non-English users.
Red-Teaming Consumer LLM Features: Finding Injection Surfaces Before Your Users Do
Consumer-facing LLM features face attack surfaces that internal agents never see. A practical guide to injection vectors, jailbreak patterns at scale, model inversion risks, and the systematic hardening playbook for production AI.
Retrieval Monoculture: Why Your RAG System Has Systematic Blind Spots
When all queries funnel through a single embedding space, structurally different query types converge on the same systematic misses. Here's how to audit your retrieval diversity and fix it without blowing your latency budget.
Sandboxing Agents That Can Write Code: Least Privilege Is Not Optional
API key scoping is not enough. When your AI agent can execute code, you need container isolation, filesystem namespacing, egress controls, and a capability audit process — or you're one prompt injection away from a lateral movement incident.
Serving AI at the Edge: A Decision Framework for Moving Inference Out of the Cloud
A practical decision framework for engineers deciding when to move LLM inference to the edge: latency thresholds, cost break-even analysis, the quantization quality tax, and split-inference architectures.
About Tian Pan
I'm Tian Pan, an engineer-founder focused on agentic engineering — building autonomous AI systems and scaling engineering teams. I write practical guides on system design, technical leadership, and shipping with AI agents. Previously an early engineer at Uber, Brex, and IoTeX.
