Essays from in-house systems we run — Forge, Klaus, Mirror — and from audits we've done for others. Architecture, attacks, and the trust boundaries everyone learns about the hard way.
Every company shipping an AI agent right now is shipping the same three vulnerabilities. Not because their engineers are careless, but because the architecture itself guarantees them. The structural map: trusted-channel injection, tool privilege drift, context bleed.
A walkthrough of the actual exploits I found running adversarial testing against my own production agent system. Real transcripts, real failure modes, real fixes.
What I learned operating my own self-hosted inference stack: cost economics, security tradeoffs, and the failure modes nobody warns you about when you skip the cloud APIs.
Want these in your inbox? Email me at Pavogani@klausproject.com with "subscribe" in the subject. Newsletter coming soon.