Field Notes
Operational writing for AI in production.
Governance, supply-chain security, agent ops, observability. Written for the IT executive whose org is past the AI demo and into the audit review.
- 5 min readIAMMCP
Every MCP connection is a service account no one provisioned.
MCP connections behave like long-lived service principals — broad scope, no owner, no expiry, no review. IAM teams spent a decade learning that lesson once. The agent stack is unlearning it in real time.
- 4 min readAI Supply ChainSecurity
The AI supply chain stopped being about model providers.
When your team connects an MCP server to Claude or ChatGPT, third-party tools, prompts, and resources land directly in a model's working memory. That's a software supply chain — and almost no one is inventorying it yet.
- 5 min readAI GovernanceAgent Ops
Your AI agents act in production. The audit trail does not.
Agents now ship code, file tickets, send email, move money. The systems they touch keep their usual logs — but the agent's reasoning, the tools it considered, and the version of the prompt it was running rarely make it anywhere durable. That gap is where the next class of incidents will be diagnosed, after the fact, with no data.