Systems & AI

The operating system behind the work.

My working thesis: AI's real leverage is giving one disciplined operator the reach of a small team — if judgment, verification and security stay in the loop. This page is how that actually runs, and this site was built the same way.

Process

How a build runs

  1. Research

    The prospect's real footprint, the market, the workflow — before any pixels.

  2. Design system

    Tokens, type and components first, so every screen agrees with itself.

  3. Build

    AI-assisted, human-directed. TypeScript, Supabase, static-first delivery.

  4. Verify

    E2E suites, RLS pentests, fuzzed money-math, accessibility passes.

  5. Deploy

    Edge-served, security headers, previews before production.

  6. Operate

    Scheduled agents: nightly tests, weekly stress-runs, health pings.

Infrastructure

The standing systems

  • Knowledge layer

    Every working session is distilled and ingested automatically — hundreds of sessions searchable by meaning, so no decision or context is lost between conversations.

  • Scheduled agents

    Morning standups, weekly briefings, nightly test runs and weekly security stress-tests fire on cron — the systems check themselves whether or not I'm at the desk.

  • Verification discipline

    Playwright E2E suites, row-level-security pentests, property-tested financial math, accessibility audits. AI writes a lot of the code; nothing merges on trust.

  • Delivery rail

    Cloudflare + Vercel + Supabase, static-first with strict security headers. Small payloads, self-hosted fonts, no third-party scripts.

Research

Investigations

Smaller research builds that sharpened the practice — kept honest, including the negative results.

  • Market-forecast calibration engine

    Foundation-model price forecasting, tested out-of-sample: no directional edge survived, so the engine keeps the one property that did — calibrated uncertainty — and sizes risk off it.

    Prototype
  • Personal-data removal agent

    An agent that maps a personal data-broker footprint and drafts jurisdiction-correct removal requests, with human approval gates and reappearance checks on a schedule.

    In Use
  • Security-research aide

    A multi-agent recon → scope-validation → report-drafting pipeline for authorised bug-bounty work. The human stays the decision-maker at every consequential step.

    In Use
  • Repository safety dossier

    Paste any public repo and get a split verdict — risk score vs maintenance hygiene — before it ever touches your machine.

This site is one of the systems: a dependency-free typed static generator, hand-built design system, strict CSP, and the same verification pass as everything else here. See the work

Contact

Have a business problem that needs a better system?

A website that doesn't convert, a workflow held together by spreadsheets, an idea that needs a working pilot — tell me about it. I'll give you an honest read, including when you don't need custom software.