Publications
Open research on the security of autonomous AI systems, released in measure.
- Fable 5 in the Wild: What a Mythos-Class Model Did in Its First Month
- Released in Measure, by Force: The Fable 5 and Mythos 5 Suspension
- The Unregulated Machine: A Security Reading of Attention Is All You Need
- Autonomy as Attack Surface: Security in the Agentic Era
- The AI Supply Chain: Model Weights, Malicious Uploads, and Slopsquatting
- Memory Poisoning in Agentic Systems
- Red-Teaming and Evaluations for Language Models
- Data Exfiltration via Markdown Image Rendering in Chat UIs
- Indirect and Second-Order Prompt Injection via Retrieved Content
- The Model Context Protocol and the Agent Tool Layer
- Reasoning Models and Test-Time Compute: o1, o3, and DeepSeek-R1
- Multimodality: From CLIP to GPT-4o and the New Input Channels
- Jailbreaking LLMs: Methods and Why Alignment Training Does Not Close the Gap
- Prompt Injection: A Systematic Taxonomy
- Tool-Using Agents: Toolformer, ReAct, and the Action Boundary
- Direct Preference Optimization: Alignment Without a Reward Model
- Mixture-of-Experts at Scale: What Mixtral and DeepSeek Changed
- LoRA and the Economics of Parameter-Efficient Tuning
- Retrieval-Augmented Generation and the Injection Surface It Opened
- Constitutional AI: Principles Over Labels
- Chain-of-Thought Prompting and the Roots of Reasoning
- InstructGPT and RLHF: Aligning Models to Instructions
- Chinchilla and Compute-Optimal Training
- Neural Scaling Laws and the Kaplan Predictions
- GPT-3 and In-Context Learning
- GPT-2 and the Staged-Release Safety Debate
- BERT and the Bidirectional Pretraining Turn