8 posts
12 prompts × 5 frontier models × 3 runs (raw, harness-passthrough, perturbed). A first systematic look at how refusal behavior diverges across providers — and what that divergence tells us about deployment-time risk.
Practical techniques for getting better output from LLMs: focused on what works, not what sounds impressive.
A categorized reference of real prompt injection, jailbreak, and extraction techniques — written for defenders, not attackers. If your system fails these, your users will find out before you do.
The line between building with AI and breaking with AI is thinner than either side admits. Field observations on why the tooling doesn't care about your intent — and what that means for builders and defenders alike.
How to escalate from passive reconnaissance to actionable vulnerability findings against web applications — using the same AI-assisted methodology that works for source code, adapted for black-box targets.
Why I started documenting AI behavior from an operational background — and what this site is actually for.
How prompt injection escalates from curiosity to transaction fraud when AI agents have tools, file ingestion, and multimodal input — mapped from lab work to real-world deployment patterns.
Why manual prompt hints don't scale for AI-assisted code audits, and how per-file isolation with automated scaffolding solves the accuracy-vs-coverage tradeoff — tested against a 316-file production codebase.