Blog

SOUL.md Is Not a Security Boundary

“The agent won’t do that. I told it not to in SOUL.md.”

This is the most common response when someone asks how an OpenClaw agent is prevented from running rm -rf /, exfiltrating …

You Can't Pause an AI Workflow. You Can Only Stop at the Right Boundary.

“Pause the workflow before it sends anything.”

This sounds simple. In a traditional batch system, you checkpoint state, stop the process, and resume later from the checkpoint. In a …

Audit Logs Are Not Enough. You Need Decision Context.

Every production AI system has audit logs.

Most of them record the wrong thing.

They capture what happened: which model was called, what the input was, what the output was, how long it took, how much …

Cost Per Call Is a Useless Metric for Agent Systems

Most teams track cost per LLM call.

It is the easiest metric to compute and the least useful for understanding what your system actually costs.

Every provider returns token counts. Multiply by price …

Why Retry Budgets Should Be Per Tool, Not Per Run

Most teams start with a global retry limit or max-iteration cap on agent runs.

It feels safe. It gives one number to monitor.

In production, a single unstable tool can consume most of that budget …

Orchestration Is Not Execution Control

Your orchestration graph can run exactly as designed and still produce incidents.

Tools fire. Models respond. Branches resolve.

Yet you end up with duplicate writes, partial state, and postmortems …

What Breaks First When LLM Workflows Hit Production

Most LLM systems start life as request-response calls.

You send a prompt. You get a response. If it fails, you retry.

This works beautifully in demos.

It breaks quickly in production.

Not because the …