Field notes on AI behavior, LLM security, and operational risk.https://brian-chastain.com/https://brian-chastain.com/field-notes/ead-before-ai/https://brian-chastain.com/field-notes/ead-before-ai/A pre-AI operations filter that decides what AI is actually for. Run every candidate through Eliminate, then Automate, then Delegate — in that order — before evaluating any tool.Sat, 09 May 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/the-sandbox-that-wasnt/https://brian-chastain.com/field-notes/the-sandbox-that-wasnt/Two flavors of AI sandbox, one recurring failure pattern: claimed depth, measured shallow, no threat model. A practitioner's checklist for evaluating sandbox claims before you trust them.Fri, 08 May 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/cross-model-refusal-v0/https://brian-chastain.com/field-notes/cross-model-refusal-v0/12 prompts × 5 frontier models × 3 runs (raw, harness-passthrough, perturbed). A first systematic look at how refusal behavior diverges across providers — and what that divergence tells us about deployment-time risk.Tue, 05 May 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/determinative-ideation/https://brian-chastain.com/field-notes/determinative-ideation/Idea creation or pattern pollution? Is AI's programmatic helpfulness agentic slop or emotional determinism...Thu, 16 Apr 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/prompt-engineering-fundamentals/https://brian-chastain.com/field-notes/prompt-engineering-fundamentals/Practical techniques for getting better output from LLMs: focused on what works, not what sounds impressive.Fri, 10 Apr 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/the-helpful-bypass/https://brian-chastain.com/field-notes/the-helpful-bypass/Your AI followed every rule you set. It just didn't need them to get what it wanted.Wed, 08 Apr 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/the-class-that-taught-everything-wrong/https://brian-chastain.com/field-notes/the-class-that-taught-everything-wrong/What happens when AI education skips the part about not uploading your bank statements to ChatGPT.Tue, 07 Apr 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/101-prompts-red-team-training/https://brian-chastain.com/field-notes/101-prompts-red-team-training/A categorized reference of real prompt injection, jailbreak, and extraction techniques — written for defenders, not attackers. If your system fails these, your users will find out before you do.Mon, 06 Apr 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/ai-hacking-vs-hacking-ai/https://brian-chastain.com/field-notes/ai-hacking-vs-hacking-ai/The line between building with AI and breaking with AI is thinner than either side admits. Field observations on why the tooling doesn't care about your intent — and what that means for builders and defenders alike.Fri, 03 Apr 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/ai-guardrail-bypass-patterns/https://brian-chastain.com/field-notes/ai-guardrail-bypass-patterns/AI coding assistants are learning to sidestep ignore files and access restrictions — not by breaking the rules, but by finding paths around them. What that looks like in practice.Thu, 02 Apr 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/webapp-vuln-scanning-outside-in/https://brian-chastain.com/field-notes/webapp-vuln-scanning-outside-in/How to escalate from passive reconnaissance to actionable vulnerability findings against web applications — using the same AI-assisted methodology that works for source code, adapted for black-box targets.Mon, 30 Mar 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/hello-world/https://brian-chastain.com/field-notes/hello-world/Why I started documenting AI behavior from an operational background — and what this site is actually for.Sun, 29 Mar 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/prompt-injection-attack-surfaces/https://brian-chastain.com/field-notes/prompt-injection-attack-surfaces/How prompt injection escalates from curiosity to transaction fraud when AI agents have tools, file ingestion, and multimodal input — mapped from lab work to real-world deployment patterns.Sun, 29 Mar 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/scaling-ai-vuln-scanning/https://brian-chastain.com/field-notes/scaling-ai-vuln-scanning/Why manual prompt hints don't scale for AI-assisted code audits, and how per-file isolation with automated scaffolding solves the accuracy-vs-coverage tradeoff — tested against a 316-file production codebase.Sun, 29 Mar 2026 00:00:00 GMThttps://brian-chastain.com/field-notes/ai-risk-field-observations/https://brian-chastain.com/field-notes/ai-risk-field-observations/What you learn about AI risk when you spend your days building with AI tools — not theorizing about them.Wed, 16 Jul 2025 00:00:00 GMThttps://brian-chastain.com/field-notes/intent-over-capability/https://brian-chastain.com/field-notes/intent-over-capability/Why ethical clarity matters more than technical skill — especially early in a career or project.Sat, 26 Apr 2025 00:00:00 GMThttps://brian-chastain.com/field-notes/when-ai-builds-what-you-shouldnt-ship/https://brian-chastain.com/field-notes/when-ai-builds-what-you-shouldnt-ship/What happens when an AI coding assistant generates a production-grade scraper in response to an innocent request — and why the developer is the last line of defense.Fri, 25 Apr 2025 00:00:00 GMThttps://brian-chastain.com/field-notes/what-not-to-build/https://brian-chastain.com/field-notes/what-not-to-build/The questions worth asking before writing a line of code — especially when AI makes building the wrong thing trivially easy.Thu, 24 Apr 2025 00:00:00 GMThttps://brian-chastain.com/field-notes/ai-assisted-security-testing/https://brian-chastain.com/field-notes/ai-assisted-security-testing/Operational boundaries for using AI tools in vulnerability research and bug bounty programs — what's allowed, what's not, and why the distinction matters.Thu, 19 Dec 2024 00:00:00 GMT