Article Brief
Why this article matters
Mixing up Rules, `CLAUDE.md`, Commands, and Skills is not just a stylistic mistake. It bloats context windows, weakens retrieval, and opens real security gaps. This article draws the boundary clearly: where each mechanism belongs, how teams can decide fast, and which threats start appearing the moment these files are treated like passive documentation.
AI Security Series
Part 3 of 4- 1A2AS: A New Standard for Security in Agentic AI Systems
- 2MCP Security for Enterprise Organizations: Real-world experiences and advanced defense
- 3Rules vs. Skills: Creating Secure AI Context in Engineering Teams
- 4The Technical Anatomy of Model Extraction in 2026 (The Great AI Theft of the Century?)
Continue Reading
Next steps in the archive
Newer article
The Technical Anatomy of Model Extraction in 2026 (The Great AI Theft of the Century?)
A deep technical dive into Model Extraction attacks. We dissect the mathematics of Knowledge Distillation, logit harvesting pipelines, and the cryptographic failures of LLM watermarking.
Older article
MCP Security for Enterprise Organizations: Real-world experiences and advanced defense
A personal reflection and technical analysis on the MCP protocol, from the challenge of presenting to the community to the real-world methods and risks in AI Security, MCP Server, and recommended defenses for organizations. Includes resources, papers, and key sites for modern research in AI agent security.
Keep Exploring
Related reading
Continue through adjacent topics with the strongest tag overlap.
The Technical Anatomy of Model Extraction in 2026 (The Great AI Theft of the Century?)
A deep technical dive into Model Extraction attacks. We dissect the mathematics of Knowledge Distillation, logit harvesting pipelines, and the cryptographic failures of LLM watermarking.
MCP Security for Enterprise Organizations: Real-world experiences and advanced defense
A personal reflection and technical analysis on the MCP protocol, from the challenge of presenting to the community to the real-world methods and risks in AI Security, MCP Server, and recommended defenses for organizations. Includes resources, papers, and key sites for modern research in AI agent security.
A2AS: A New Standard for Security in Agentic AI Systems
Reflection, explanation, and analysis of the A2AS paper, the BASIC model, and the A2AS framework, from the perspective of real-world challenges in controls and attack mitigation in AI Security and GenAI Applications.