A prompt injection doesn’t have to act to be dangerous. It can hide, copy itself, and spread agent to agent. Why AI security is an epidemiology problem, and how to respond.
The Prompt Injection That Copies Itself
A prompt injection doesn’t have to act to be dangerous. It can hide, copy itself, and spread agent to agent. Why AI security is an epidemiology problem, and how to respond.
MCP-Airlock is becoming Trentina — named after the 1377 quarantine system from Ragusa that inspired its architecture. Same three-layer defense, same gateway, better name.
Continue Reading “MCP-Airlock Is Now Trentina: The 1377 Quarantine That Inspired Our Rename”
I’ve loved Tron since I was a kid. When I was about seven or eight years old (early 1980s!!!), my Mom took me to see Walt Disney’s Magic Kingdom on Ice at the Richfield Coliseum, which was this massive arena between Cleveland and Akron (sadly, torn down in 1999). The show had a Tron segment,
Continue Reading “Put The Tron Ares Album On and Build Something at Midnight”
I’ve been running Claude Code on my RHEL 10 workstation for a few months now, and I have to admit, with some embarrassment, I often run it with the ominous –dangerously-skip-permissions option. It reads and writes files, executes shell commands, installs packages, modifies system configs, all without asking permission first. I’ve been letting an AI
Continue Reading “image mode Gave Me the Confidence to Go Fully Agentic”
Update (June 2026): MCP-Airlock has been renamed to Trentina. The project has grown from a web content sanitizer into a full MCP gateway with per-consumer profiles, tool allowlists, and parameter-level access controls. The new name reflects that expanded scope — and avoids a naming collision with another MCP gateway project. The architecture described in this
Continue Reading “MCP-Airlock: An Open Source Defense Against Prompt Injection in AI Agents”
My print screen key on my external keyboard stopped working. Not the one built into the laptop, that was working fine. The one on my external keyboard. It had worked fine, and then it randomly stopped working! Why? I have no idea. This kind of thing isn’t supposed to happen in computers, but we all
Cloudflare announced Markdown for Agents on February 12th, and it’s one of those features that makes you stop and think about how fundamentally the web is changing. The idea is simple: when an AI agent requests your content, Cloudflare converts the HTML to clean Markdown at the edge before serving it. The result is an
Continue Reading “Your Blog Needs an AI-Friendly Front Door”
There’s a conversation happening in every Slack channel, at every meetup, and honestly in every bar near a tech conference right now. The “old guard” of software engineering, and I count myself among them, is worried about the next generation of developers. The concern goes something like this: if young developers are just using AI
Continue Reading “How Will They Ever Learn Architecture If They Never Learn to Code?”
I recently wrote about giving Claude Code persistent memory using the MCP Memory Service. Go read that if you want the why. This post is about something else entirely. This post is about speed. I needed a feature in an open source project. I used an agent to write the code. A different agent reviewed
Claude Code doesn’t remember anything between sessions. Every time you start a new session, it’s a blank slate. You can stuff context into CLAUDE.md files, but that’s static text, not searchable memory. It doesn’t learn your preferences, remember your decisions, or recall the research you did yesterday. The fix is an MCP memory server. I’ve
Continue Reading “How to Give Claude Code Persistent Memory”