Skip to main content
Start
Now
Principles
Agentic & GenAI
Projects
Writing
About
Resume
Contact Me

Book · serialized in public

The Production Agent

How to ship agentic AI to production without getting paged at 3am.

Battle-tested playbooks from shipping multi-agent systems at 99.9% uptime — orchestration, evals, security, MCP integrations, and the failure modes you don't read about in the launch posts.

Subscribe to The Production AgentBuy the bundle (Gumroad)

Chapters 1-2 free on Substack and on this site. Chapters 3-5 are paid Substack subscriber-only (or buy the lifetime PDF bundle on Gumroad).

Table of Contents

5 chapters · 2 free

  1. Chapter 1
    FREE
    22 min read

    Designing the Production Agent

    Orchestration patterns, agent contracts, and the deny-by-default starting line.

    How to design an agent that survives contact with production. Tool inventories, capability contracts, deny-by-default surfaces, and the cost router pattern that takes simple problems off the frontier model.

    Read draft
  2. Chapter 2
    FREE
    18 min read

    MCP Security & STDIO Posture

    Why MCP STDIO is RCE-by-design and the sandbox patterns that fix it.

    The Model Context Protocol unlocks composable agent tooling — and ships a critical-by-default vulnerability in its STDIO transport. CVE-2026-30623, what it actually means, and the three-layer sandbox pattern that keeps it from owning your host.

    Read draft
  3. Chapter 3
    PAID
    Outlined
    31 min read

    Agent Supply-Chain Audit

    50-point audit for the upstream surface of an agent stack.

    The upstream supply chain of an AI agent is model provenance + MCP server graph + eval-set lineage + secret rotation policy + audit-emit channels. 50 audit points, each with a concrete check and a remediation.

    Releases on Substack first
  4. Chapter 4
    PAID
    Outlined
    28 min read

    Migrating to Claude Managed Agents

    Step-by-step runbook for moving production workloads.

    Claude Managed Agents shipped with Anthropic's nine-connector creative launch and ten finance-agent templates. Here's the migration runbook — control-plane wiring, capability-lease bindings, MCP connector hardening, and the rollback playbook for when a vendor surface shifts.

    Releases on Substack first
  5. Chapter 5
    PAID
    Outlined
    24 min read

    Agent-on-Agent Commerce — The Honest Version

    What works today, what's marketing, and what the next 12 months look like.

    Anthropic Project Deal, Cloudflare Mesh, Cisco Agentic Workforce Identity, Okta for AI Agents — the agent-on-agent stack is real. Here's what actually ships in 2026 vs what's vendor positioning, and what an honest /api/quote agent contract looks like.

    Releases on Substack first

Why this book

Most LLM books teach you to call the API. Most agent posts celebrate a launch. Neither tells you what breaks at week 2 of production, what your audit-emit channel actually needs to capture, or why your MCP STDIO config just gave an attacker a shell on your box.

This is the missing manual — orchestration patterns, eval harnesses, capability-lease identity, MCP-security posture, supply-chain audit points, and the migration runbook for moving onto Claude Managed Agents — distilled from shipping multi-agent systems at 99.9 % uptime, plus the open-source tooling (agent-audit-kit, agent-airlock, mnemo) that I use to keep them honest.

Each chapter ships on The Production Agent first — subscribers get it free if it's a free chapter, paid subscribers get every chapter. Or buy the lifetime PDF bundle on Gumroad once if you'd rather not subscribe.