Worksheet · PDF
LLM Threat-Model Worksheet
The seven questions I ask before letting any agent touch production. A two-page worksheet built from forty incident reviews.
Free · Sent once · No drip sequence
Field notes on AI × security.
Essays, tools and postmortems by an IT veteran building at the seam where LLMs break and where systems get broken into.
Security 14 min read
The prompt is the new perimeter
Twenty years of firewall thinking taught us to draw a circle around the things we trust. LLMs ate the circle. What replaces it isn't another box — it's a discipline.
Read →
Security 11 min read
What OWASP misses about LLM agents
The Top-10 is a checklist for web apps. Agents aren't web apps. Here's the column I'd add — and the one I'd quietly remove.
Read →
AI 9 min read
I shipped an AI feature on Friday. By Monday it was a liability.
A two-week postmortem on going fast with an LLM, and the four guardrails I won't ship without again.
Read →
Recent writing.
Practical writing on LLM ops, agent design, application security and the places where they collide. New essay most Fridays.
See all 7 essays →- 01
A small ritual for reading other people's threat models
Five questions I ask before I ever pull up a diagram. Most documents fail on question two.
- 02
Your RAG pipeline is a confused deputy
A 1988 paper has more to say about modern retrieval-augmented agents than most of the 2024 ones do.
- 03
The audit log is the most underrated AI safety feature
If you can't replay what your agent did, you don't have a product — you have a wager.
- 04
On charging for software you can run locally
Three pricing models I tried for an offline-first tool, and what each one actually rewarded.
Free · 06 tools
For practitioners
Things I built
for the work.
Worksheets, checklists and templates from my own consulting practice. Free, sent once, no drip sequence. The full library lives on the tools page.
Checklist · Markdown
Prompt-Injection Checklist
Forty-one attack patterns and the mitigation that actually stops each one. Copy-paste into a runbook. Updated quarterly.
Free · Sent once · No drip sequence
Template · Notion / Docx
AI Feature Security Review
A pre-launch review template I run with product teams before any LLM feature ships. Covers data flow, blast radius, audit logging, eval coverage, and the four sign-offs you almost certainly forgot.
Free · Sent once · No drip sequence
Three more tools live on the full tools page.
See all 06 tools →Captain's log · May 2026
On the workbench.
Three projects I'm building this season. Updated honestly — including the ones that didn't ship last quarter.
№ 01 Shipping
Tripwire for prompts.
A drop-in proxy that fingerprints every prompt your agent sends and alerts when one drifts.
tripwire.dev → v0.9.2
№ 02 In beta
A small SOC for one.
Threat detection for solo founders running on Cloudflare and a laptop.
Request access → 12 in beta
№ 03 Researching
Local-first agents, properly.
What changes about agent design when the model lives on the user's machine.
Follow the notes →
14 entries
Photograph · Zurich · 2025
On the author
Ulrich Dohou.
I'm an IT veteran turned solo operator, based in Zurich. I've spent the better part of two decades inside other people's infrastructure — as a sysadmin, a security engineer, a principal at two SOC teams — and I now spend it building small, careful products at the seam where AI breaks and where systems get broken into.
The writing here is what I would have wanted to read at twenty-five and again at thirty-five: plain, unhurried, opinionated where I've earned the right to be. I publish on Fridays and I answer my email.
Inbound · Services
Working together.
I take on a small number of engagements each quarter — security advisory, AI feature reviews, and the occasional end-to-end build when the problem is interesting and the team is honest.
Quickest route is a plain email. The form is for when you want me to ask you the right questions first.