Writing

Blog

Thoughts on software engineering, AI, fintech, and building things that matter.

The Through Attack: The AI Security Threat Nobody's Naming

Two attack directions dominate AI agent security. There's a third — the Through attack. It doesn't touch your files. It controls what your agent believes. And it's already in the wild.

securityAI agentsMCP

Apr 1, 2026

The 43-Point Gap

Experienced developers using AI were 19% slower — but believed they were 20% faster. That 43-point perception gap explains more about the state of AI-assisted development than any benchmark.

aiengineeringresearchagentic-aidark-factory

Mar 19, 2026

Velocity Is a Feedback Loop

Most teams think velocity means shipping more. In practice, velocity is how quickly you learn what to stop building.

engineeringproductexecutionteam dynamics

Mar 11, 2026

Is This the Product, or Is This the Machine?

Every piece of agent infrastructure feels like it serves the product — until you step back and realise you've spent two weeks serving the pipeline.

agentic AIAI agentsAI in productionmulti-agent systemssoftware engineering

Feb 26, 2026

Clever Is Not a Feature

The best code I've written wasn't elegant. It shipped, it worked, and users never had to think about it. That took me years to understand.

engineeringproductfounder

Feb 21, 2026

The Mirror Problem: Self-Referential Loops in Modern AI

AI is writing code that trains AI. AI is judging AI outputs. AI is scraping AI-written content to learn from. Here's what the research says happens next.

AImachine learningsystems

Feb 20, 2026