Notes
Engineering notes.
Short write-ups on the parts of production AI that don't fit in a bullet point — safety boundaries, deterministic guardrails, and how I make agent behavior measurable.
An approval boundary agents can't bypass
Human approval for risky writes shouldn't be a tool the model can call. Here's how to make it a separate, bound, expiring, single-use control.
Read →A deterministic SQL guard for NL2SQL
Letting an LLM write SQL over a warehouse, safely — by validating the parse tree, not the string.
Read →