Working notes on responsible AI in production — agentic architectures, governance and risk controls, MCP and A2A, and the practical engineering of trust at enterprise scale.
The whole AI boom was aimed at one person: the developer. Meanwhile the claims analyst, the sourcing manager, and the investigator were still doing the work by hand. Why we build for the person making the decision, not the person shipping the code.
Read article →A compromised chatbot says something wrong. A compromised agent does something wrong, with your credentials, inside your systems. The security question for enterprise AI isn't whether the model can be tricked. It's how far the damage travels when it is.
Read article →The AI sticker shock that lands six months into production is almost never about the price per token. It's about the consumption pattern your architecture quietly committed to — long before anyone looked at an invoice.
Read article →Enterprises don't have an AI problem — they have an AI sprawl problem. Why we build the expensive, dangerous machinery once, and let governance, guardrails, and agents compound across every solution in the portfolio.
Read article →Most enterprise AI conversations argue about model choice. The harder questions are about what the model is allowed to touch, how it talks to other agents, and what that wiring leaves auditable. A field view of MCP and A2A in production.
Read article →A chatbot can be wrong. An agent can be wrong and act on it. Where autonomy actually breaks down in claims, investigations, and sourcing — and what human oversight has to look like if it isn't going to be a slogan.
Read article →Policy frameworks have outpaced production reality. The bottleneck in 2026 isn't principles — it's the runtime controls that make those principles enforceable when an agent is actually deciding something on your behalf.
Read article →