Introduction to LLM
This page provides an easy-to-understand guide on LLMs (Large Language Models) from basics to applications for AI enthusiasts.
Chapter 12 — Protocol Hardening and Defenses
Thirteenth post of the LLM Primer IV walkthrough. The four defense clusters — cryptographic attestation, OAuth scope discipline with bounded sessions, runtime sandboxing, and human-in-the-loop gates — compose into a posture that does not depend on the model behaving correctly under adversarial conditions.
2026-04-10Chapter 11 — Attack Surfaces and Protocol Vulnerabilities
Eleventh post of the LLM Primer IV walkthrough. The classical attacks adapted to MCP — Confused Deputy, Token Passthrough, Session Hijacking — the protocol-level flaws around capability escalation and unauthenticated sampling, and the implicit trust propagation that makes context poisoning a structural problem rather than a hygiene one.
2026-04-09Chapter 10 — Long-Horizon Task Memory
Tenth post of the LLM Primer IV walkthrough. Short-term memory through windows and ReAct scratchpads, long-term memory through episodic vectors and semantic stores, and the compaction techniques that keep an agent productive over hours and days.
2026-04-08Chapter 7 — Advanced Collaborative and Dynamic Patterns
Seventh post of the LLM Primer IV walkthrough. Roundtable consensus, handoff routing, and magentic orchestration — the patterns that emerge when the topology has to be built per request, with the failure modes (non-termination, mis-routing, runaway planning) the simpler patterns avoid.
2026-04-05
Chapter 7 — Implementing Access Control
Seventh post of the LLM Primer III walkthrough. Document-level ACLs as the foundation, RBAC with Microsoft Purview sensitivity labels, ReBAC with Zanzibar and SpiceDB, and the pre-filter versus post-filter discipline that runs underneath all of them.
2026-03-24
Chapter 6 — RAG Threat Models and Vulnerabilities
Sixth post of the LLM Primer III walkthrough. The expanded attack surface of retrieval — corpus poisoning, adversarial chunks, indirect prompt injection, embedding inversion, and the confused-deputy problem in agentic RAG. Concrete attacks, each demonstrated, each reproducible.
2026-03-23
Chapter 5 — Architecting the Retrieval Pipeline
Fifth post of the LLM Primer III walkthrough. Why a single vector search is not a pipeline — hybrid retrieval, reciprocal rank fusion, cross-encoder reranking, and query-side rewriting and HyDE — assembled into the production architecture that mature RAG systems converge on.
2026-03-22