Michael D'Angelo

Michael D'Angelo - Writing https://mldangelo.com/writing/ Articles on AI security, LLM red teaming, and trust & safety by Michael D'Angelo. en-us Mon, 06 Apr 2026 22:37:26 GMT McKinsey's Lilli Looks More Like an API Security Failure Than a Model Jailbreak https://www.promptfoo.dev/blog/mckinsey-lilli-appsec-vs-ai-jailbreak/ Why the reported Lilli incident looks like an application-security chain reaching an AI system, not a model jailbreak. Tue, 10 Mar 2026 12:00:00 GMT https://www.promptfoo.dev/blog/mckinsey-lilli-appsec-vs-ai-jailbreak/ Promptfoo is joining OpenAI https://www.linkedin.com/posts/michaelldangelo_today-were-announcing-that-promptfoo-will-share-7436818429187088386-_hpH Announcing that Promptfoo has agreed to be acquired by OpenAI. Mon, 09 Mar 2026 12:00:00 GMT https://www.linkedin.com/posts/michaelldangelo_today-were-announcing-that-promptfoo-will-share-7436818429187088386-_hpH Notes on the Claude Code 2.1.0 outage https://mldangelo.com/writing/claude-code-outage/ A changelog formatting change took down Claude Code. Lessons about parsing human docs as machine data. Thu, 08 Jan 2026 12:00:00 GMT https://mldangelo.com/writing/claude-code-outage/ Notes on the Eurostar chatbot "vulnerability" report https://mldangelo.com/writing/eurostar-chatbot-analysis/ Looking at what makes something a vulnerability versus a hardening opportunity in LLM applications. Mon, 05 Jan 2026 12:00:00 GMT https://mldangelo.com/writing/eurostar-chatbot-analysis/ What I learned shipping 1,000+ PRs with Claude Code https://mldangelo.com/writing/shipping-with-claude-code/ Notes from using Claude Code in parallel git worktrees: Plan Mode, ultrathink, verification loops, and Chrome automation. Sat, 03 Jan 2026 12:00:00 GMT https://mldangelo.com/writing/shipping-with-claude-code/ How AI Regulation Changed in 2025 https://www.promptfoo.dev/blog/ai-regulation-2025/ Why "AI compliance questions" appeared in security questionnaires and RFPs, and how policy becomes contract requirements. Mon, 15 Dec 2025 12:00:00 GMT https://www.promptfoo.dev/blog/ai-regulation-2025/ Why Attack Success Rate (ASR) Isn't Comparable Across Jailbreak Papers https://www.promptfoo.dev/blog/asr-not-portable-metric/ ASR isn't portable across papers because measurement choices dominate the headline number. Includes math and a checklist for reading papers. Fri, 12 Dec 2025 12:00:00 GMT https://www.promptfoo.dev/blog/asr-not-portable-metric/ GPT-5.2 Initial Trust and Safety Assessment https://www.promptfoo.dev/blog/gpt-5.2-trust-safety-assessment/ Day-zero red team of GPT-5.2 focusing on jailbreak resilience and harmful content. Thu, 11 Dec 2025 12:00:00 GMT https://www.promptfoo.dev/blog/gpt-5.2-trust-safety-assessment/ Real-Time Fact Checking for LLM Outputs https://www.promptfoo.dev/blog/llm-search-rubric-assertions/ Introduces search-rubric, an assertion where a search-enabled judge verifies time-sensitive claims during evals and CI. Fri, 28 Nov 2025 12:00:00 GMT https://www.promptfoo.dev/blog/llm-search-rubric-assertions/ When AI becomes the attacker: The rise of AI-orchestrated cyberattacks https://www.promptfoo.dev/blog/anthropic-threat-intelligence-vibe-hacking/ Connects malware querying LLMs at runtime with "vibe hacking" case studies. Defense needs continuous testing. Mon, 10 Nov 2025 12:00:00 GMT https://www.promptfoo.dev/blog/anthropic-threat-intelligence-vibe-hacking/ Reinforcement Learning with Verifiable Rewards Makes Models Faster, Not Smarter https://www.promptfoo.dev/blog/rlvr-explained/ RLVR gains are often "search compression" rather than new reasoning ability. Fri, 24 Oct 2025 12:00:00 GMT https://www.promptfoo.dev/blog/rlvr-explained/ Prompt Injection vs Jailbreaking: What's the Difference? https://www.promptfoo.dev/blog/jailbreaking-vs-prompt-injection/ Jailbreaking targets model safety training; prompt injection targets application trust boundaries. Mon, 18 Aug 2025 12:00:00 GMT https://www.promptfoo.dev/blog/jailbreaking-vs-prompt-injection/ AI Safety vs AI Security in LLM Applications: What Teams Must Know https://www.promptfoo.dev/blog/ai-safety-vs-security/ Safety protects people from harmful outputs; security protects systems from adversarial manipulation. Sun, 17 Aug 2025 12:00:00 GMT https://www.promptfoo.dev/blog/ai-safety-vs-security/ Promptfoo Raises $18.4M Series A https://www.promptfoo.dev/blog/series-a-announcement/ Announcing our Series A led by Insight Partners with participation from a16z. Tue, 29 Jul 2025 12:00:00 GMT https://www.promptfoo.dev/blog/series-a-announcement/ Evaluating political bias in LLMs https://www.promptfoo.dev/blog/grok-4-political-bias/ Open methodology and dataset (2,500 political statements) to measure political leaning in models. Thu, 24 Jul 2025 12:00:00 GMT https://www.promptfoo.dev/blog/grok-4-political-bias/ Celebrating 100,000 Users https://www.promptfoo.dev/blog/100k-users/ Promptfoo's journey from prompt evaluation to AI red teaming, marking 100,000 users. Tue, 10 Jun 2025 12:00:00 GMT https://www.promptfoo.dev/blog/100k-users/