This page describes the direction I find most useful in practical AI work: reusable skills, connected knowledge packs, narrowly scoped tools and MCP-ready workflows, and explicit human review instead of opaque automation.
Transparency and Responsibility
No autonomous production agents
I do not use autonomous agents that make risky changes in production on their own. Decisions remain with people.
Bounded data handling
Each workflow only gets the data and references required for a specific step. No broad “just in case” access to internal information.
Suggestions, not decisions
A workflow may draft, structure, triage, or explain. Prioritisation, approvals, and production changes are always confirmed by humans.
Versioned workflow parts
Skills, knowledge packs, and review rules are versioned so the resulting output stays traceable and easier to audit.
What a skill is
Reusable skill
A repeatable unit of work with a clear input, a clear output, and a defined review step. A skill is more useful than a generic chatbot answer because it is scoped and testable.
Knowledge pack
A controlled package of SOPs, runbooks, checklists, references, and naming conventions. This is how we add experience without pretending the model has magic memory.
Connected tool
A safe data source or action surface: monitoring output, security findings, advisories, documentation, or a remote MCP integration. The key is narrow access, not broad access.
Human review
The workflow drafts, explains, triages, or prepares. A human approves risky changes, checks ambiguity, and decides what is actually executed.
The goal is not an opaque black box. The goal is a controlled workflow that can prepare useful work faster and more consistently.
Practical skills
| Skill | Input | Output | Human review |
|---|---|---|---|
| Security advisory triage | CVE/advisory/vendor bulletin | Risk summary, affected stack, next actions | Confirm impact and urgency |
| Runbook draft builder | Rough notes, screenshots, partial steps | Structured runbook draft | Validate exact commands and edge cases |
| Incident handoff writer | Alerts, timelines, current status | Clean handoff note for next shift/team | Confirm chronology and unresolved items |
| Infrastructure change review | Planned change or maintenance window | Checklist, dependencies, rollback notes | Approve execution plan |
| SME security explainer | Scan result or warning list | Plain-language explanation and priority | Check business context |
| Tool output explainer | Logs, dashboards, scanner output | Interpretation, likely causes, next checks | Confirm diagnosis before action |
Knowledge packs
SME Security Pack
Security headers, TLS posture, priority rules, “what matters first”, and language suitable for non-specialist teams.
Windows / AD Ops Pack
Recurring checks, naming patterns, admin boundaries, change templates, and rollback expectations for daily operations.
Cloud Migration Review Pack
Readiness questions, cutover patterns, dependency mapping, and post-migration validation steps.
Security Warnings Interpretation Pack
How to translate advisories into triage, SME summaries, remediation lists, and follow-up actions.
Connected workflows
Security warnings → triage
Take a fresh advisory stream and turn it into a short list of items that matter for a specific stack, with safer wording for SMEs.
Security check → explanation
Turn technical findings into a readable remediation plan: what is critical, what can wait, and what should be confirmed manually.
Remote support → pre-triage
Before a session starts, prepare a structured summary of symptoms, screenshots, likely causes, and missing details.
AI-OS → controlled workspace
Use a sandboxed workspace to test prompts, structure skills, and evaluate small workflow patterns before connecting anything sensitive.
Workflow readiness checklist
Give the workflow
- Runbooks, SOPs, standard checklists
- Sanitized examples and approved references
- Narrow tool access with explicit scope
- Clear output format and review rules
Do not give the workflow
- Raw secrets, private keys, or unrestricted admin access
- Unfiltered internal dumps “just in case”
- Authority to execute risky changes silently
- Ambiguous instructions like “handle everything”
Process guardrails
- Human review for production-impacting actions
- Logging of inputs, outputs, and approvals
- Versioned prompts and knowledge packs
- Small, testable workflows before scaling
Success looks like
- Less repetitive drafting and triage work
- Cleaner handoffs and fewer missed steps
- Faster explanation of technical findings
- More consistency without losing control
Useful starting point for SMEs
For many smaller teams, the best first step is not a full autonomous system. It is a narrow workflow: one skill, one knowledge pack, one tool connection, and one clear human approval point.
That is usually enough to save time immediately without introducing unnecessary risk.