raucle
Blog
Notes on cryptographic provenance, agent security, and turning audit machinery into a primitive.
- Cryptographic provenance for AI workflows — a draft standard
Every prompt-injection defence in production is a filter, and the filters keep failing the same way. A short argument for treating agent actions like a software supply chain — with signed, content-addressed receipts — and a first draft of the format.