← All posts

Problem-Aware

88 posts on problem-aware.

LangChain Prompt Injection: Where the Chain and Agent Abstractions Open the Surface

LangChain prompt injection surfaces in three places the framework documentation rarely highlights: the prompt template variable interpolation where user input arrives unsanitized, the agent tool output that returns to the model context, and the LangGraph state transitions that carry adversarial content across nodes. This piece walks through each surface, the framework defenses that fall short, and the inspection-layer controls that produce a deterministic decision and an audit record EU AI Act Article 12 reviewers will accept.

prompt-injectionllm-securityai-securityagentic-aiinline-enforcementaudit
Read post →

How to Prevent Prompt Injection: The Four Control Layers That Hold Up in Production

Prompt injection prevention splits into four control layers: prompt construction discipline, retrieval-time content evaluation, request-boundary policy enforcement, and post-response output checks. The first two are application work. The third sits in the inspection layer at the HTTP path between the application and the model. This piece walks through what each layer can and cannot prevent, and the architectural pattern that produces a defensible posture under EU AI Act Article 12 and OWASP LLM01 review.

prompt-injectionllm-securityai-securityinline-enforcementpolicy-enforcementowasp
Read post →

Gemini Prompt Injection: The Workspace Integration Surface and the Inspection Layer Response

Gemini prompt injection reaches enterprise deployments through three surfaces that the consumer discussion rarely covers: the Workspace integration path where Gemini reads Gmail, Drive, and Calendar content into the model context, the Gemini API file and URL inputs, and the Vertex AI authorization gap when Gemini is wired into enterprise tools. This piece walks through each surface, the model defenses that fall short, and the request-boundary controls that produce a defensible audit record.

prompt-injectionllm-securityai-securityinline-enforcementauditshadow-ai
Read post →

Claude Prompt Injection: Where the Constitutional AI Defense Falls Short of Enterprise Policy

Claude prompt injection attacks reach enterprise deployments through Anthropic Computer Use, the Files API indirect injection surface, and the MCP connector authorization gap that the Claude developer platform opens. Constitutional AI reduces compliance with the simpler payloads. The training does not enforce the enterprise policy, the user role, or the data classification rules that apply inside a specific organization. This piece walks through each surface and the inspection-layer controls that produce a defensible posture.

prompt-injectionllm-securityai-securityagentic-aiinline-enforcementaudit
Read post →

ChatGPT Prompt Injection: How the Attack Surfaces in Enterprise ChatGPT Deployments

ChatGPT prompt injection attacks reach enterprise deployments through three vectors: the Custom GPT instruction-leak surface, the file-upload indirect injection path, and the connected-tool authorization gap that ChatGPT Enterprise opens through GPT actions. This piece walks through each vector, the failure mode the model alone cannot close, and the request-boundary control that produces a deterministic decision and an audit record EU AI Act Article 12 reviewers will accept.

prompt-injectionllm-securityai-securityshadow-aiinline-enforcementaudit
Read post →

How to Find Shadow AI Inside Your Organization: A Five-Source Detection Pipeline

Shadow AI lives in the browser tab next to the approved SaaS. The detection stack the security team built for shadow IT does not surface the signal. This piece walks through a five-source detection pipeline (network egress, endpoint telemetry, IdP claims, expense aggregation, approved-route gap analysis), the joining identity that ties the sources together, and the prioritization framework for triaging the patterns the pipeline surfaces.

shadow-aidiscoverydetectionvisibilitycasbai-discovery
Read post →

Shadow AI vs Shadow IT: Why the Old Detection Stack Misses the AI Request Layer

Shadow IT is the SaaS subscription the security team did not approve. Shadow AI is the LLM the employee opens in the browser tab next to the approved SaaS. The two look similar to the procurement team. They differ at the detection layer the security team built. This piece walks through the four mechanisms shadow IT detection uses, why each one misses the AI request layer, what shadow AI detection has to read instead, and the inspection topology that closes the gap.

shadow-aishadow-itdiscoverycasbai-discoveryvisibility
Read post →

AI Security for Procurement: The Inspection Layer Between the Diligence Prompt and the Vendor Decision

Procurement teams now use LLM workflows to read vendor questionnaires, summarize SOC 2 reports, draft RFP scoring rationales, and evaluate vendor risk packages. The boundary between the procurement officer identity, the vendor data, the diligence prompt, and the resulting recommendation is where the security and audit obligations sit. This piece walks through the data a procurement LLM workflow reads, the identity-aware policy decisions the deployment commits, the audit record that satisfies EU AI Act Article 12 obligations, and the architectural pattern that closes the post-authentication gap.

procurementvendor-diligenceai-securityidentity-awareaudit-logsinline-enforcement
Read post →

AI Security for Marketing Content: The Inspection Layer Between the Drafting Prompt and the Brand-Approved Output

Marketing teams now draft a large share of campaign copy, ad variants, and landing-page hero blocks through LLM workflows. The boundary between the marketer identity, the brief, the brand guideline retrieval, and the generated draft is where the security and audit obligations sit. This piece walks through the data a marketing LLM workflow reads, the identity-aware policy decisions the deployment commits, the audit record that satisfies EU AI Act Article 12 obligations for high-risk marketing claims, and the architectural pattern that closes the gap most content-generation pipelines leave open.

marketing-contentcontent-llmai-securityidentity-awareaudit-logsinline-enforcement
Read post →

AI Security for Product Analytics: The Inspection Layer Between the Analyst Prompt and the Customer Data Warehouse

Product analytics teams have moved a significant share of exploration onto LLMs. The analyst asks a natural-language question and the LLM emits SQL that runs against the customer data warehouse. The boundary between the analyst identity, the prompt, the generated SQL, and the warehouse result set is where the security and audit obligations sit. This piece walks through the request-time data an analyst LLM workflow reads, the identity-aware policy decisions the deployment has to commit, the audit record format that satisfies EU AI Act Article 12 and GDPR Article 22, and the architectural pattern that closes the post-authentication gap.

product-analyticsanalyst-llmai-securityidentity-awareaudit-logsinline-enforcement
Read post →

What is Agentic AI vs Generative AI: The Authorization Boundary

Generative AI returns text. Agentic AI takes actions in systems of record. The shift moves the security boundary from content moderation to authorization. Most enterprise deployments still treat agentic AI as if it were a chatbot, and the audit trail collapses the first time an agent writes to a database.

agentic-aiai-securityidentity-and-authorizationai-governanceinline-enforcementllm-security
Read post →

Shadow AI Risks: Quantified Loss Exposure, Regulatory Liability, and the Per-Incident Math

Shadow AI risk lives in three separate ledgers: the per-incident breach cost, the regulatory liability that attaches to the deploying organization regardless of which employee pasted what, and the contractual liability already shifting from AI vendors to enterprises. This piece walks through each ledger with the numbers from IBM, the EU AI Act, Fannie Mae, and Gartner, and shows where the architecture closes the exposure.

shadow-airiskai-governancecomplianceliabilityaudit
Read post →