Skip to main content
Writing

Blog

Long-form writing across product paths, concepts, and course series. A post can connect to GuardClaw, Felt Weather, Pantry, Askwell, and Take Interest at the same time when the underlying idea carries across them.

Course · start here
How Selling Works
New to selling? Start at lesson 1.
Course · start here
The Builder's Guide to Agent Security
Building agent security? Start at post 1.
Ship this week
The 30-Day Agent Security Checklist
Shipping agents this week? Open the checklist.
AI Workflows

The modular AI studio

A plain guide to running a one-person creative studio by directing a focused stack of AI tools instead of doing every production job yourself.

2026-07-037 min read
Product

What Felt Weather Uses, in Plain Words

Felt Weather 1.4 opens with a short list of what the app uses and a switch that stays off until you turn it on. Here is that list, explained like a person would.

2026-07-024 min read
ProductLearning That Works · 14

The loop that makes learning compound

Learning compounds when each attempt leaves behind evidence that shapes the next branch.

2026-06-264 min read
ProductLearning That Works · 13

The learner should leave with proof

A course should give people more than confidence. It should leave them with artifacts that show what changed.

2026-06-254 min read
ProductLearning That Works · 12

A course can be a workshop

The strongest courses feel less like a shelf of lessons and more like a place where real work gets shaped.

2026-06-244 min read
ProductLearning That Works · 11

Private practice makes better public work

People need a safe practice space before their best learning can become visible work.

2026-06-234 min read
ProductLearning That Works · 10

Teach the skill by naming the failure

A learner improves faster when a course names the failure pattern before asking for the next attempt.

2026-06-224 min read
Founders

How Anyone Can Start

Starting a company is not a tech skill. Here is how anyone can stand one up and verify the basics.

2026-06-215 min read
Founders

C-Corp or LLC: How to Think About the Choice

A plain-language look at the two most common ways founders form a company, what actually separates them, and how to pick without getting stuck.

2026-06-216 min read
Founders

Compliance Basics for Good Standing

A plain recurring-filings checklist so a healthy company does not quietly slip out of good standing.

2026-06-215 min read
Founders

The Early Paperwork That Catches You Later

A short tour of the first filings every new company faces, which ones are quick, and the one with a real deadline you do not want to miss.

2026-06-216 min read
Founders

Insurance for a New Company

Insurance feels like a problem for later, until it is not. A plain starting point for thinking about coverage when your company is brand new.

2026-06-215 min read
ProductLearning That Works · 09

The best course has a memory

A learning product earns trust when it remembers the learner's attempts, patterns, and next branch.

2026-06-214 min read
Founders

Where to Start From Scratch

The order of operations for starting a company, from the first real decision to the paperwork that waits for you.

2026-06-216 min read
Founders

Why Founders Pick Delaware

Everyone says form in Delaware. Here is the plain reason so many startups do, and the honest cases where your home state is the better call.

2026-06-215 min read
ProductLearning That Works · 08

Feedback needs evidence

The best feedback responds to a real attempt, names the visible pattern, and gives one next move.

2026-06-204 min read
ProductLearning That Works · 07

Make the next attempt obvious

A learner should never finish a practice loop wondering what to try next.

2026-06-194 min read
ProductLearning That Works · 06

A lesson should end with a move

The best ending for a lesson is a concrete action the learner can take while the idea is still fresh.

2026-06-184 min read
ProductLearning That Works · 05

The proof record is the syllabus

A strong learning path can be organized around the work a learner proves, not only the lessons they consume.

2026-06-174 min read
ProductLearning That Works · 04

Practice starts with one attempt

The smallest useful learning loop is a prompt, an attempt, a review, and one sharper repeat.

2026-06-164 min read
ProductLearning That Works · 03

Progress needs more than a bar

A progress bar can show exposure. Skill needs evidence that practice changed.

2026-06-154 min read
ProductLearning That Works · 02

The course should remember what you proved

Memory in a learning product should protect context and keep practice from turning into another feed.

2026-06-145 min read
ProductLearning That Works · 01

Learning needs proof

A course is only useful when it helps someone produce evidence that a skill moved from exposure to practice.

2026-06-135 min read
AI

The Local LLM Ceiling

What local models can and cannot do today, how to route work by sensitivity, and what makes local AI actually private.

2026-06-088 min read
SalesHow Selling Works · Daily · 06

Grade your last three sales conversations

A 30-minute exercise: grade your last three sales calls with five questions, then use the low scores as next month's practice list.

2026-06-023 min read
Strategy

Your next customer is an agent

AI agents are becoming buyers. Here is what it takes to be a business an agent can find, trust, and pay.

2026-06-026 min read
SalesHow Selling Works · Daily · 05

The call that looked like a sale and was a pitch

A worked example of a sales call that looked right from the outside, scored 2 out of 5 on the self-grade, and lost the buyer.

2026-06-014 min read
SalesHow Selling Works · Daily · 04

The Five-Question Sales Self-Grade

After any sales conversation, score yourself against five honest questions. Whether you closed isn't on the list. Whether the buyer is measurably better off is.

2026-05-313 min read
AI

From 4.7 to 4.8 in Six Weeks

Claude Opus 4.8 arrived about six weeks after 4.7. Here is what rapid model movement means for a small team building on it.

2026-05-315 min read
AI

Opus 4.8: the model that flags its own mistakes

Claude Opus 4.8 is less likely to miss flaws in its own code. That matters for any system trusted with context.

2026-05-315 min read
AI

Opus 4.8 vs GPT-5.5: the honest read

Claude Opus 4.8 and GPT-5.5 trade wins by benchmark. Here is the mixed scorecard and why context systems need a careful read.

2026-05-316 min read
SalesHow Selling Works · Daily · 03

Did I Learn Something Specific?

The hardest post-call self-grade question is about learning. If the seller learned nothing specific, the call was a pitch, not a sale.

2026-05-303 min read
SalesHow Selling Works · Daily · 02

The three questions on the table in every sale

Every sales conversation has three buyer questions underneath it. Naming them changes how you spend the hour.

2026-05-293 min read
SalesHow Selling Works · Daily · 01

Closing is one minute

Closing is the smallest part of sales. The real work happens before it, where the buyer's question gets answered or does not.

2026-05-283 min read
SalesHow Selling Works · 07

Capital Raising as a Sales Discipline

Fundraising borrows muscles from customer sales, then breaks the analogy in places that catch first-time founders. A map and self-grade rubric.

2026-05-278 min read
SalesHow Selling Works · 05

Enterprise sales from inside the buyer

What a 14-month enterprise deal looks like from inside the buyer's organization, plus a stakeholder check to run before meetings.

2026-05-278 min read
SalesHow Selling Works · 06

Personal sales (when you are the product)

What changes when the buyer is hiring a specific person instead of a firm: pricing, scope, and the polite decline that keeps trust.

2026-05-277 min read
SalesHow Selling Works · 01

Sales, defined honestly

A working definition of sales, how it differs from marketing and persuasion, and a five-question rubric for your next sales call.

2026-05-276 min read
StrategyHow Startups Actually Begin · 03

The first ten decisions

Ten early founder decisions, from co-founder to first no, that compound long after the first six months.

2026-05-279 min read
StrategyHow Startups Actually Begin · 02

The founder is the product

Before a team, traction, or a strong deck, the founder is what investors, hires, and first customers buy.

2026-05-277 min read
StrategyHow Startups Actually Begin · 05

The honest no for founders

Four founder noes that compound: wrong investors, customers, features, and hires. Each includes a script and self-grade rubric.

2026-05-278 min read
SalesHow Selling Works · 02

The Kinds of Sales

A taxonomy of sales by buyer decision shape, with a diagnostic for spotting which kind you are in before you pitch.

2026-05-277 min read
SalesHow Selling Works · 04

The pipeline and the math (made intuitive)

Stages from stranger to closed deal, buyer state at each step, and one worked conversion-math example.

2026-05-277 min read
SalesHow Selling Works · 03

The Skills Every Sale Needs

Seven sales sub-skills, each with a solo practice rig, self-grade move, and common beginner failure.

2026-05-278 min read
StrategyHow Startups Actually Begin · 01

What a startup actually is

A working definition of a startup, how it differs from nearby company types, and a five-question rubric to test yours.

2026-05-276 min read
StrategyHow Startups Actually Begin · 04

What you don't have to do

Most startup musts are myths. Here is what is actually universal early, and what is optional or distracting.

2026-05-277 min read
TechnicalGuardClaw in Practice · 01

Getting Started with GuardClaw

A step-by-step walkthrough of setting up GuardClaw, your first security layer for AI agents. From install to your first security report in five minutes.

2026-03-227 min read
OperationsGuardClaw in Practice · 09

GuardClaw and GDPR: What Maps Where

When your AI agent processes personal data, GDPR applies. Here's how GuardClaw's controls map to the requirements that matter most.

2026-03-225 min read
OperationsGuardClaw in Practice · 08

GuardClaw and SOC 2: A Control Mapping

Map GuardClaw security controls to SOC 2 criteria, including what evidence to show your auditor.

2026-03-226 min read
OperationsGuardClaw in Practice · 15

GuardClaw and the EU AI Act

What the EU AI Act's August 2026 enforcement date means for AI agent deployments and GuardClaw controls.

2026-03-226 min read
ProductGuardClaw in Practice · 10

How GuardClaw Is Different

There are other approaches to AI agent security. Here's where GuardClaw fits, what trade-offs we made, and why we made them.

2026-03-226 min read
OperationsGuardClaw in Practice · 11

Rolling Out GuardClaw Across a Team

How to deploy GuardClaw for a development team, shared workspaces, consistent policies, and a single dashboard for everyone's agent activity.

2026-03-225 min read
OperationsGuardClaw in Practice · 14

Setting Up Alerts and Monitoring

How to get notified when GuardClaw catches something important, without watching the dashboard all day.

2026-03-225 min read
TechnicalGuardClaw in Practice · 05

Setting Up GuardClaw for Claude Code

A step-by-step guide to integrating GuardClaw with Claude Code using hooks. Every tool call gets checked before execution.

2026-03-225 min read
TechnicalGuardClaw in Practice · 06

Setting Up GuardClaw for Cursor

How to add GuardClaw's security layer to Cursor's AI agent. Same protection, different integration path.

2026-03-225 min read
TechnicalGuardClaw in Practice · 13

The Detection Engine: How It Works

How GuardClaw checks 1,000+ patterns in under a millisecond with tiered filters, RE2 regex, and anomaly detection.

2026-03-227 min read
TechnicalGuardClaw in Practice · 02

Watching Your Agents Work

How GuardClaw wraps agent commands, intercepts threats, and builds a tamper-evident audit trail.

2026-03-226 min read
Strategy

What Happens When Agents Outnumber People?

Machine identities already outnumber humans. AI agents widen the gap and force governance to change.

2026-03-225 min read
TechnicalGuardClaw in Practice · 07

What the Receipt Chain Proves

GuardClaw's receipt chain is a tamper-evident audit trail for everything your AI agents do. Here's how it works, what it proves, and why auditors care.

2026-03-226 min read
OperationsGuardClaw in Practice · 12

What to Do When GuardClaw Blocks Something

Your agent hit a denial. Is it a real threat or a false positive? Here's how to read the denial, investigate, and decide what to do next.

2026-03-225 min read
TechnicalGuardClaw in Practice · 04

Writing Your First Security Policy

How to write a GuardClaw policy, understand the defaults, and adjust rules without breaking your workflow.

2026-03-226 min read
ProductGuardClaw in Practice · 03

Your Security Dashboard

The GuardClaw dashboard shows threat stats, audit trails, and compliance alignment in one place. Here's how to read it and what the numbers mean.

2026-03-225 min read
Insights

What New Hires and AI Agents Have in Common

Your company has an onboarding process for people. It probably doesn't have one for agents. The same trust-building patterns apply to both.

2026-03-215 min read
Operations

The Friday Agent Permission Audit [Checklist]

A 90-minute permission audit you can run before the weekend. Nine checks, one agent at a time, measurable results by Monday.

2026-03-205 min read
Technical

Three Layers of Agent Permission Scoping

Agent permissions need identity, scope, and context. Here is how to build those three layers.

2026-03-196 min read
Strategy

Least Privilege Wasn't Built for Agents

The principle of least privilege assumes a human on the other end. When the user makes 10,000 decisions per hour, the implementation needs to change.

2026-03-185 min read
Security

Why Your Agent Has More Access Than You

70% of security leaders say AI agents have more system access than humans in the same role. Here's how the default got this backwards.

2026-03-175 min read
Security

4.5x More Incidents Start with One Setting

Teleport's 2026 research found that over-privileged AI agents experience 4.5x more security incidents. One default setting explains most of the gap.

2026-03-165 min read
Operations

NIST Wants Agents Governed Like Employees [2026]

NIST's AI Agent Standards Initiative signals a future where agents need identity, accountability, and lifecycle management, just like the people who build them.

2026-03-155 min read
Strategy

We Trust Systems We Can't Inspect Every Day

From plumbing to power grids to AI agents, humans routinely trust invisible infrastructure. That trust works until it doesn't.

2026-03-145 min read
Operations

Agent Supply Chain Security in 5 Steps [2026]

A five-step checklist for securing your AI agent's supply chain, from skill vetting to dependency pinning to runtime monitoring.

2026-03-135 min read
Technical

Audit Your Agent's Trust Boundaries This Week

A practical guide to mapping and testing every trust assumption your AI agents make, from network access to credential scope to tool permissions.

2026-03-126 min read
Security

70% of Enterprises Can't See Their Own Agents

Nearly 70% of enterprises run AI agents in production. Most can't tell you how many they have, what they access, or who owns them. That's identity dark matter.

2026-03-115 min read
Security

820 Malicious Agent Skills and Nobody Noticed

Koi Security found 820+ malicious skills on ClawHub, up from 324 weeks earlier. Agent marketplaces are the new attack vector builders aren't watching.

2026-03-105 min read
Security

The Localhost Assumption That Opened Control

The OpenClaw ClawJacked vulnerability shows how a single implicit trust assumption in an AI agent framework let any website take over a developer's machine.

2026-03-095 min read
Operations

EU AI Act Checklist Before August 2

The EU AI Act high-risk deadline hits August 2. Five compliance actions you can start this week, with a printable checklist.

2026-03-064 min read
Security

Microsoft Recommendation Poisoning Attack

Microsoft discovered that summarize buttons can be weaponized. Recommendation poisoning is the supply chain attack nobody planned for.

2026-03-055 min read
Operations

NIST's AI Agent Security RFI

The NIST AI Agent Standards RFI just closed. Here's what it asked, what it signals, and what to prepare before April.

2026-03-045 min read
Technical

One Firebase Misconfig Leaked 300M Chat Messages

An AI chat app with 50M users left a Firebase database open. A researcher found 300 million messages from 25 million people.

2026-03-035 min read
Security

Prompt Injection Just Got Classified as Malware

Researchers want prompt injection reclassified as malware. A $40K bounty from UK AISI, OpenAI, and Anthropic is testing why.

2026-03-025 min read
Security

How Fast Can an Attacker Hijack Your Agent?

CrowdStrike says attack timelines are under 72 minutes. Your agent verification loop probably takes longer than that.

2026-03-015 min read
Security

88% of Agents Shipped Without Security Review

Gravitee's 2026 data: only 14% of orgs got full security approval before deploying agents. Here's what the other 88% have in common.

2026-02-285 min read
StrategyThe Builder's Guide to Agent Security · 12

The Builder's Responsibility

AI builders are making foundation decisions now. The choices around agent safety will shape autonomous systems for decades.

2026-02-275 min read
StrategyThe Builder's Guide to Agent Security · 11

What We Got Wrong (And Changed)

A plain look at what we got wrong, what changed, and why showing the work builds more trust than pretending.

2026-02-265 min read
OperationsThe Builder's Guide to Agent Security · 10

Score Yourself: The Operator Readiness Assessment

A 15-minute self-assessment across five dimensions helps teams see where their agent security posture is weak and what to fix next.

2026-02-255 min read
OperationsThe Builder's Guide to Agent Security · 09

The 30-Day Agent Security Checklist

Four weeks to map agents, lock high-risk actions, rotate secrets, and run one recovery drill.

2026-02-244 min read
TechnicalThe Builder's Guide to Agent Security · 08

Why AI Does Not Make Security Decisions

Why TAKE INTEREST does not use AI for deny/allow enforcement, even when models help with detection and triage.

2026-02-235 min read
TechnicalThe Builder's Guide to Agent Security · 07

Seven Layers of Defense for AI Agents

Most agent security stops at input filtering and output checks. Here is what real defense in depth looks like for agent systems.

2026-02-226 min read
TechnicalThe Builder's Guide to Agent Security · 06

Security Is a Primitive, Not a Feature

Security is load-bearing architecture, not a later feature. Three primitives every agent system needs before first deploy.

2026-02-214 min read
StrategyThe Builder's Guide to Agent Security · 05

Build Like You'll Get It Wrong

Good engineering assumes failure. Recovery paths, checks, and repair loops beat pretending production will stay clean.

2026-02-205 min read
SecurityThe Builder's Guide to Agent Security · 04

Zero Trust Was Built for Humans

Zero trust still matters for AI agents, but the implementation changes when agents operate quickly and chain tools autonomously.

2026-02-195 min read
SecurityThe Builder's Guide to Agent Security · 03

Prompt Injection Is the Easy Problem

Prompt injection gets the headlines, but six other AI agent attack vectors often cause more damage and get less defense investment.

2026-02-186 min read
SecurityThe Builder's Guide to Agent Security · 02

The Identity Problem (Yours and Your Agent's)

Non-human identities outnumber people in enterprise systems, but many teams still manage agent credentials like shared passwords.

2026-02-175 min read
Product

Designed to Work Together From Day One

Why disconnected AI tools create hidden risk, and how integrated decision-plus-execution systems reduce failure.

2026-02-1615 min read
Strategy

Innovation and Security Are One Product Decision

Treating security as a launch blocker is expensive. Treating security as architecture accelerates real shipping.

2026-02-1614 min read
Security

Why We Built GuardClaw

AI agents moved from demos to operators. The threat model changed faster than most teams' defenses.

2026-02-1612 min read
SecurityThe Builder's Guide to Agent Security · 01

Your AI Agent Has No Seatbelt

AI agents are moving into production faster than safety standards. Runtime security controls need to arrive before the first serious incident.

2026-02-165 min read

The full archive: 97 posts, newest first.