The Missing Notebook: Persistent Memory Architecture for LLM Agents
A four-component architecture (CURRENT_STATE, HANDOVER, FIELD_NOTES, mcp_boot) for transforming isolated LLM sessions into a coherent collaboration continuum. With experimental documentation of compaction events — mid-session microVM restarts that terminate all running processes while preserving mounted filesystems — and their implications for persistent service design inside agent sandboxes.
Read article →
Behavioral Variance Across LLM Instances: Empirical Evidence of Non-Uniform Functional Profiles
Empirical analysis across 200+ operational sessions documents three dimensions of systematic behavioral variance between same-model LLM instances: communicative register calibration, meta-reasoning propensity with cognitive budget mismanagement, and resistance to correction with pseudo-update. Three testable hypotheses on variance origins and implications for model evaluation, instance profiling, and multi-agent design.
Read article →
Persistent Context as Attack Surface: Security Implications for LLM Agents with Memory
Network isolation of LLM agents is necessary but not sufficient: every read operation from persistent storage is a semantic influence channel disguised as outbound traffic. Experimental analysis on production infrastructure introducing the concept of persistent context injection — a temporal variant of prompt injection operating between sessions — with a four-dimensional formal threat model and five architectural mitigations.
Read article →
The Relay Method: A Formal Protocol for Multi-Session Collaboration with LLM Agents in Production Contexts
A three-layer persistent architecture (knowledge graph, MCP operational control, working state mirror) and a formal protocol (R1-R7, AC1-AC6, V1-V7) for transforming isolated LLM sessions into coherent and auditable work paths. Critical analysis of ReAct, AutoGPT, Reflexion, MemGPT and Voyager, with empirical evidence from 28 hours of software engineering across 7 documented sessions.
Read article →
CALIF: A Pedagogical Framework for Integrating AI Literacy into University Curricula
The CALIF framework proposes structural integration of AI literacy into existing university curricula through four progressive levels aligned with Blooms taxonomy. Developed via mixed-methods (247 sources, 48 interviews, 23-expert Delphi, 342-student pilot) and published in Computers and Education: AI, Vol. 7, 2026.
Read article →
Beyond Policy: Advanced Red Teaming on Autonomous AI Agents with Tools, External Memory, and Identity Manipulation
Empirical demonstration of an eight-stage multi-phase attack against a frontier commercial AI agent with cloud tool access. The chain includes many-shot jailbreaking, self-induction, persistent C2 tunnel, credential exfiltration, computational arbitrage, and model identity manipulation. Three novel phenomena proposed: context contamination, proactive complicity, and behavioral identity hijacking, with a five-pillar architectural defense framework.
Read article →