Skip to content

Commit 17bab12

Browse files
committed
Remove internal notes from CAISI content
1 parent 442549a commit 17bab12

12 files changed

Lines changed: 27 additions & 38 deletions

File tree

docs/agent-action-bom/index.html

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -206,7 +206,6 @@ <h1>What Is an Agent Action BOM?</h1>
206206
rule, and proof coverage.
207207
</p>
208208
<p class="body">Last updated: May 7, 2026</p>
209-
<!-- Source notes: this page avoids external statistics, recent events, and vendor capability claims. Verify any added factual or current claims before publishing. -->
210209
</section>
211210

212211
<section class="section page-nav" aria-labelledby="page-nav-heading">

docs/approve-actions-not-prompts/index.html

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -212,7 +212,6 @@ <h1>Approve Actions, Not Prompts</h1>
212212
blocked.
213213
</p>
214214
<p class="body">Last updated: May 6, 2026</p>
215-
<!-- Source notes: this page avoids external statistics, recent events, and vendor capability claims. Verify any added factual or current claims before publishing. -->
216215
</section>
217216

218217
<section class="section page-nav" aria-labelledby="page-nav-heading">

docs/audit-evidence-ai-assisted-sdlc/index.html

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -213,7 +213,6 @@ <h1>Audit Evidence for AI-Assisted SDLC</h1>
213213
or release paths.
214214
</p>
215215
<p class="body">Last updated: May 7, 2026</p>
216-
<!-- Source notes: this page avoids external statistics, recent events, and vendor capability claims. Verify any added factual or current claims before publishing. -->
217216
</section>
218217

219218
<section class="section page-nav" aria-labelledby="page-nav-heading">

docs/blog/ai-coding-agents-from-suggestions-to-actions/index.html

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -223,7 +223,6 @@ <h1>AI Coding Agents Are Moving From Suggestions to Actions</h1>
223223
automatically rise with it.
224224
</p>
225225
<p class="body">Last updated: May 7, 2026</p>
226-
<!-- Source notes: this field note avoids external statistics, recent events, and vendor capability claims. Verify any added factual or current claims before publishing. -->
227226
</section>
228227

229228
<section class="section page-nav" aria-labelledby="page-nav-heading">

docs/blog/ai-engineering-maturity-model/index.html

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -315,11 +315,11 @@ <h2 id="the-better-system-pattern">The better pattern</h2>
315315
when the organization claims a higher level than its controls support.
316316
</p>
317317
<p>
318-
Each level should also have an exit test. Do not claim repo-aware if
319-
critical commands are still discovered by memory. Do not claim
320-
governed delivery if non-allow outcomes can still execute. Do not
321-
claim dark-factory capability if approvals, retries, and proof still
322-
depend on manual reconstruction after the fact.
318+
Each level should also have an exit test. A workflow is not
319+
repo-aware if critical commands are still discovered by memory. It is
320+
not governed delivery if non-allow outcomes can still execute. It is
321+
not dark-factory capable if approvals, retries, and proof still depend
322+
on manual reconstruction after the fact.
323323
</p>
324324
</section>
325325

@@ -335,9 +335,9 @@ <h2 id="how-to-use-the-model-without-theater">How to use the model without theat
335335
</p>
336336
<p>
337337
Used properly, the model becomes a planning tool. It tells leaders
338-
what to build next, what not to claim yet, and which classes of work
339-
are safe to widen. That is much more useful than broad statements
340-
about being "AI ready."
338+
what to build next, which labels are premature, and which classes of
339+
work are safe to widen. That is much more useful than broad
340+
statements about being "AI ready."
341341
</p>
342342
<p>
343343
The practical pattern is to pair every maturity claim with three

docs/blog/authority-risk/from-ai-content-risk-to-ai-authority-risk/index.html

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -223,7 +223,6 @@ <h1>From AI Content Risk to AI Authority Risk</h1>
223223
OAuth access, and a downstream pivot into a workplace environment.
224224
</p>
225225
<p class="body">Last updated: May 6, 2026</p>
226-
<!-- Source notes: Incident claims are limited to Vercel's public April 2026 bulletin and contemporaneous public reporting. Do not expand this article with unverified claims about source-code, CI/CD, npm, or cloud compromise. -->
227226
</section>
228227

229228
<section class="section page-nav" aria-labelledby="page-nav-heading">

docs/blog/authority-risk/when-agent-social-engineering-becomes-action-hijacking/index.html

Lines changed: 15 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -221,7 +221,6 @@ <h1>When Agent Social Engineering Becomes Action Hijacking</h1>
221221
infrastructure.
222222
</p>
223223
<p class="body">Last updated: May 7, 2026</p>
224-
<!-- Source notes: Claims are limited to The Register's May 5, 2026 Hannah Fry/OpenClaw reporting, Zscaler ThreatLabz's DeepSeek-Claw malware writeup, and Bishop Fox's AIMap page. Do not quote marketplace-malware percentages without rechecking primary sources. Do not claim any specific product would have prevented these events. -->
225224
</section>
226225

227226
<section class="section page-nav" aria-labelledby="page-nav-heading">
@@ -232,7 +231,7 @@ <h2 id="page-nav-heading">In this field note</h2>
232231
<a href="#authority-risk">Why this is authority risk</a>
233232
<a href="#map">What teams should map</a>
234233
<a href="#action-bom-row">Agent Action BOM row</a>
235-
<a href="#do-not-claim">What not to claim</a>
234+
<a href="#evidence">What the evidence supports</a>
236235
</div>
237236
</section>
238237

@@ -247,10 +246,10 @@ <h2 id="what-happened">What happened</h2>
247246
through a social-engineering setup.
248247
</p>
249248
<p>
250-
The important detail for CAISI is not the novelty of the demo. It is
251-
the class of material reportedly exposed: API keys, usernames,
252-
passwords, and operational context. That is authority-bearing material,
253-
not only content.
249+
The important detail is not the novelty of the demo. It is the class
250+
of material reportedly exposed: API keys, usernames, passwords, and
251+
operational context. That is authority-bearing material, not only
252+
content.
254253
</p>
255254
<p>
256255
Zscaler ThreatLabz separately published a writeup on a deceptive
@@ -361,20 +360,19 @@ <h2 id="action-bom-row">Agent Action BOM row</h2>
361360
</section>
362361

363362
<section class="section article-section">
364-
<h2 id="do-not-claim">What not to claim</h2>
363+
<h2 id="evidence">What the evidence supports</h2>
365364
<p>
366-
This field note uses the incidents as category evidence, not as a
367-
product claim. Do not claim that a specific control would have stopped
368-
the Hannah Fry experiment, the Zscaler-observed campaign, or exposed
369-
AI endpoints found by a scanner unless the claim is tested against the
370-
exact conditions.
365+
These incidents are best read as evidence of a control pattern, not
366+
proof that one control would have prevented every reported outcome.
367+
The pattern is narrower and more useful: once an AI-assisted workflow
368+
can use tools, credentials, plugins, skills, or exposed endpoints, the
369+
security question moves from content safety to action authority.
371370
</p>
372371
<p>
373-
Also avoid quoting marketplace-malware percentages without rechecking
374-
primary sources. The useful lesson does not depend on a percentage.
375-
It depends on the control pattern: skills, MCP servers, agent configs,
376-
exposed endpoints, and tool declarations become part of the action
377-
graph when they can influence software delivery.
372+
The practical lesson is the action graph: skills, MCP servers, agent
373+
configs, exposed endpoints, and tool declarations become part of
374+
software-delivery governance when they can influence repos, CI/CD,
375+
packages, credentials, cloud paths, or release behavior.
378376
</p>
379377
<div class="link-row">
380378
<a href="/agent-action-bom/">What is an Agent Action BOM?</a>

docs/blog/control-benchmarks/measure-control-efficacy-for-ai-agents/index.html

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -286,10 +286,10 @@ <h2 id="what-control-efficacy-actually-means">What control efficacy actually mea
286286
</p>
287287
<p>
288288
The easiest way to remember the distinction is this: control presence
289-
tells you what the product claims to have. Control efficacy tells you
290-
what the runtime actually prevented, delayed, or required in a tested
291-
scenario. Evaluators should care about the second much more than the
292-
first.
289+
tells you what is advertised or configured. Control efficacy tells
290+
you what the runtime actually prevented, delayed, or required in a
291+
tested scenario. Evaluators should care about the second much more
292+
than the first.
293293
</p>
294294
</section>
295295

docs/long-lived-credentials-ai-agent-workflows/index.html

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -211,7 +211,6 @@ <h1>Long-Lived Credentials in AI Agent Workflows</h1>
211211
CI/CD, packages, infrastructure, or release paths.
212212
</p>
213213
<p class="body">Last updated: May 6, 2026</p>
214-
<!-- Source notes: this page avoids external statistics, recent events, and vendor capability claims. Verify any added factual or current claims before publishing. -->
215214
</section>
216215

217216
<section class="section page-nav" aria-labelledby="page-nav-heading">

docs/mcp-tool-risk-ai-engineering-workflows/index.html

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -212,7 +212,6 @@ <h1>MCP Tool Risk in AI Engineering Workflows</h1>
212212
release paths.
213213
</p>
214214
<p class="body">Last updated: May 6, 2026</p>
215-
<!-- Source notes: this page avoids external statistics, recent events, and vendor capability claims. Verify any added factual or current claims before publishing. -->
216215
</section>
217216

218217
<section class="section page-nav" aria-labelledby="page-nav-heading">

0 commit comments

Comments
 (0)