An archive of field notes, code, implementation reports, and pragmatic research articles.
Keep a steady time counter (TAI) apart from a position in the solar system. The split makes replayed agent memory match byte for byte—within limits set by astronomy and metrology.
Agentic risk awareness is an operational discipline: model the failure paths, constrain authority, force uncertainty to surface, and continuously test whether the system still behaves under stress.
A controlled incident drill shows how scope validation, lineage, blast-radius assessment, kill paths, and rollback evidence make agent failure visible enough to engineer against.
Every third-party tool an agent invokes is someone else's code running near your credentials.
Agent workflows need artifact-intake controls for transcripts, archives, logs, manifests, benchmarks, and training-corpus candidates before those materials cross into trusted local state.
Chain-of-thought traces can be inspected as dependency graphs instead of prose, making circular support, abandoned threads, unsupported conclusions, and contradictions easier to find.
Risk often appears between changes, not inside one change. Agent systems become dangerous when short-lived input hardens into durable memory and outlives the assumptions that made it safe.
Agent systems need a memory control plane because retrieval safety and historical truth require enforceable policy and clear lineage, not mutable notes.
Executable Metaphors treats a natural-language analogy as a compact architecture brief, then generates scaffolded code, build files, documentation, and a repair loop for rapid prototyping.
A probing tool asks language models structurally impossible questions and classifies how they fail.
A genetic prompt run improved average fitness from 0.887 to 0.926 in four generations using LLM-based mutation and crossover.
An agent memory run kept 8 useful facts out of 50 after 30 ticks. The rest expired without manual pruning.
ControlOps is a catalog project that turns scope validation, decision lineage, blast-radius assessment, and kill-path auditing into testable operational checks for agent systems.
A three-prompt staging drill shows how authority theater, urgency pressure, and policy language can steer agent behavior across trust boundaries.
When people use machine credentials, intent is blurred and audit trails break. Agents make that ambiguity harder to contain.
Reused identities and weak environment isolation turn local agent incidents into systemic failures.
Leaked secrets become durable agent context. That is why a credential incident can outlive rotation.
A sanitized regression case where dangerous text crossed an agent boundary, appeared in a customer-facing draft, and became a permanent ASI02 test.
Over-scoped identities turn harmless tools into high-impact actions. The agent is rarely the root problem.
Agent incidents often begin as ordinary non-human identity failures. This opener maps OWASP NHI risks to agentic AI systems and explains why identity controls define the reachable tool surface.
