Posts

Technical essays aimed at builders shipping agents, inference pipelines, and production infrastructure. Also browse by tag or theHardened Agentic Stack series.

Agent Safety14 min read

Zero-Trust Ingest: Why You Should Retire Your Static DSNs

Static write-only telemetry endpoints are an attack runway for agentic systems. Replace them with an ephemeral JWT gate in front of your collector.

  • Trust Boundaries
  • Serverless
  • Cloudflare
  • Telemetry
  • Agents
Agent Safety26 min read

Secret Rotation Patterns for Local/Edge Agents

Long-lived ENV secrets turn a host compromise into a platform breach. Bootstrap once, exchange for short-lived Vault or edge credentials, and never let the agent hold a permanent secret.

  • Secrets
  • Vault
  • Agents
  • Edge
  • Security
Architecture24 min read

Why Every Release You've Ever Published Can Be Silently Changed — And How to Fix It

A practical guide to permanent, verifiable, machine-readable software releases using Arweave, Radicle, IPFS, and a manifest format your CI pipeline — and your agents — can reason about.

  • Supply Chain
  • Agents
  • Security
  • Ipfs
  • Arweave
Observability28 min read

Why Serverless Isn't a Mistake — And How It Anchors a Complete Open-Source Observability Stack

A deep-dive into replacing Sentry, hardening your telemetry ingest pipeline, and building a production-grade observability platform with Grafana’s open-source ecosystem.

  • Serverless
  • Sentry
  • Grafana
  • Telemetry
  • Agents
Engineering26 min read

The Twelve Layers of LLM Cost: Why One Optimization Is Never Enough

How a compounding stack of efficiency layers — from API surface reduction to a self-improving fine-tuning flywheel — drops agent token costs by ~99.8% and keeps dropping them.

  • Agents
  • Llm Ops
  • Token Efficiency
  • Telemetry
  • Security