Beyond Chatbots · Session 04 of 04
Your agent works. Tonight we decide what it's allowed to do — and prove the limits hold when someone pushes on them.
01 / The two ways this goes wrong
Sent the wrong email, bought the wrong part, deleted the wrong file. Cause: authority granted faster than accuracy was proven. Loud, embarrassing, rare.
You approve the same harmless draft 40 times. Cause: leash never loosened as trust was earned. Quiet, costly, near universal.
Everyone guards against A. Almost nobody notices they're living in B. Judgment is placing every task at the right point between them — that's tonight.
02 / The delegation ladder
02 / The delegation ladder
03 / The mechanics
03 / The mechanics
04 / The attack you must know
Remember email #17 in Session 02? That was this. The defense is layered: a NEVER rule, a locked allowlist, and rung-4 approvals on anything that leaves the machine. Any one can fail. All three rarely do.
05 / Debrief
You just did what most companies haven't: adversarially tested an AI system before trusting it.
— the log you watched is the same instrument professionals use. there is no other magic.
06 / The constitution, final form
This document is the answer to "should I trust AI?" — wrong question. Right question: which tasks, which rungs, reviewed when. That's a policy, and now you have one.
07 / The last idea
The tool is neutral.
The hands are not.
Yours are now trained.
— what you do overnight from here is up to you. that was always the point.
08 / After the course
09 / Four sessions, one sentence each
Keep the miss-log. Keep the review dates. Keep reading the logs. The people who stay good at this are the ones who keep auditing after it starts working.
Beyond Chatbots · End of course
Questions, war stories, and your first graduate-built agent demos: chris@beyondprompt.ai