Writing

Thoughts on building, technology, and learning.

• Uber's AI Agent Identity Architecture — And Why Governable Execution Is the Next FrontierMay 26, 2026
• Your Agent's Tool Calls Are Not Transactions — And MCP Just Made That OfficialMay 20, 2026
• Instruction Robustness: Why Specs Written as Hints Break When You Change ModelsMay 10, 2026
• Spec Drift: When Parallel Agents Are Individually Correct but Collectively WrongMay 1, 2026
• An AI Agent Deleted a Production Database in Nine Seconds. The Real Failure Was Architectural.April 21, 2026
• AI Audit Finds IDOR Vulnerability in Hermes-Agent, Similar to LovableApril 14, 2026
• Why Task-Scoped Permissions Fail for Non-Deterministic AI AgentsApril 7, 2026
• Every Employee Will Have Agents. Accountability Becomes Infrastructure.March 30, 2026
• Authority Replication in Agent SystemsMarch 22, 2026
• Parallel Agents Break Authorization — And You Can't Revoke What They Already KnowMarch 19, 2026
• Authorization Breaks When Agents Execute in Parallel with AutonomyMarch 15, 2026
• Running 8 Parallel Agents with Explicit Specs and Execution ModelMarch 7, 2026
• An Agent Can Rewrite Its Personality. It Still Can't Rewrite Its Permissions.February 25, 2026
• From Session-Scoped to Execution-Scoped: Authorization for Autonomous AgentsFebruary 1, 2026
• Execution-Centric Authorization: Why Least Privilege Must Be Derived from Execution in Agentic SystemsJanuary 24, 2026
• The Middle Isn't Disappearing — It's Being RebuiltJanuary 14, 2026