Prompt Injection is generally acknowledged as the most serious vulnerability in the deployment of AI apps, and AI agents in particular. The Open Worldwide Application Security Project (OWASP), considered by many the world’s leading authority on web-facing system security risks, lists prompt injection as Number One on their list of the top ten
“Human in the loop” has quickly become one of the most reassuring phrases in the modern AI vocabulary. It suggests prudence, restraint, and—above all—control. If a human must approve the system’s actions, what could go wrong?
Human in the loop, often shortened to HITL, describes any arrangement in which a person reviews or authorizes an
Many law firms are understandably reluctant to adopt agentic AI because of its well-documented security risks. Running open-source AI models on computers you own—but that are not connected to your business network—lets lawyers who want to experiment do so far more safely. There is much less risk of leaking confidential information.
For lawyers, that is
What are AI agents and how do they differ from AI apps most of us have been using for the past few years?
AI Chatbots like Claude, ChatGPT, and Gemini are built on large language models. They respond to prompts and provide answers. They give us information, but don’t take any actions.
AI Agents are
Agentic AI Conventional software keeps code (instructions) strictly separate from data (the files being processed). Large language models collapse the distinction. To an agent, both are just natural language. A firm’s internal policy and an incoming email are structurally similar. The model cannot reliably tell a document it is meant to read from an order
She begged “Do not do that,” then “STOP OPENCLAW.” Neither worked.
That’s what happened to Summer Yue, Meta’s Director of Alignment at their superintelligence safety lab. By the time she reached her desktop to kill the process manually, the AI agent she’d created had already deleted hundreds of emails. You would expect someone with
The hype machine is working overtime on Agentic AI. Don’t fall for it.
AI chatbots merely respond to prompts. They only give you information. AI agents like Claude Cowork or Openclaw go beyond this. They are built on large language models, but can take action on your behalf.
That sounds great, but there is a
When people think about malware, they often imagine someone clicking a suspicious attachment or downloading a shady file. In reality, one of the most dangerous forms of infection requires no obvious mistake at all. It’s called a drive-by download, and it remains a quiet but serious threat.
A drive-by download occurs when
There is a reason Smart Guys like Jim Calloway keep returning to the topic of password managers. Too many lawyers still don’t understand that besides improving security, they can improve productivity. Fellow members of the Smart Guys Club Tom Mighell and Catherine Reach have also weighted in on the subject.
After experimenting with Last