Delivered systems, not demo scripts.

Challenge

In the era of fully-automated AI lock-picks (Mythos and its successors), enterprises can no longer rely on once-a-year scans or one-shot external pentests. BMCs — the most sensitive, lowest-level server management surface — demand a 24/7, self-hosted, self-scheduled red-team loop. Generic agent shells ("OpenClaw + raw LLM") aimed at production BMCs are unguarded bombs on physical hardware.

Execution focus

• 232 specialized red-team skills routed across 7 deep assessment lanes — Unauth-DAST, Web UI deep parsing, Redfish privilege mapping, IPMI / OEM command audit, iKVM remote desktop, supply-chain SBOM, and the OpenBMC / libpldm collaboration track.
• ADR 0005 multi-model Council architecture: a Hunter (Claude Opus 4.7, Thinking) and a Skeptic (GPT-5.5, Extra Reasoning) debate every candidate, and a deterministic-code Governor makes the final Fail-Closed call — neutralizing single-model hallucination and prompt-injection contamination.
• Proof Ladder: every finding is promoted step by step — static candidate → deployed daemon reachability → controlled lab reproduction → exploitability confirmation. No "AI memo for executives" passes as a security conclusion; every high / critical finding ships with a replayable evidence pack.
• ADR 0002 purple closed-loop discipline: every offensive primitive auto-generates a paired Sigma detection rule that lands in the SIEM in parallel with remediation. Dangerous phases require explicit --allow-* approval + watchdog preflight / after-action + a global PANIC halt; confirmed vulnerabilities trigger an automatic coordinated-disclosure timer.
• Field result: the OpenBMC `libpldm decode_get_types_resp()` report progressed from a source-level OOB read to deployed pldmd reachability, controlled fake MCTP peer-path evidence, and a candidate fix shape — the OpenBMC security team responded and indicated they will address further issues in the area. The same completion-code-first pattern extends to FRU / BIOS / Platform / Firmware Update / IBM OEM decoder hardening candidates.

Impact

Challenge

The customer needed a controlled AI assistant over web content, SharePoint, PDFs, Office files, and multi-tenant configuration without sending private data into a generic chat tool.

Execution focus

• Built a multi-source ingestion and document parsing pipeline into a unified searchable data layer.
• Supported multi-tenant configuration and zero-code deployment patterns across industries.
• Preserved private deployment, permission control, tracing, and evaluation for long-running production operations.

Impact

Challenge

Keyword search could not answer complex enterprise knowledge questions, while vector-only retrieval created recall gaps and weak evidence.

Execution focus

• Combined semantic retrieval, keyword matching, and RRF fusion over 1M+ vectors and 778K+ documents.
• Added multi-stage reranking, metadata filters, parent/sibling expansion, and multi-hop reasoning.
• Used agents to coordinate database queries, web search, and other tools so static documents and live data could share one answer path.

Impact

Challenge

The early RAG pipeline had high latency and insufficient import throughput, blocking realistic enterprise production usage.

Execution focus

• Optimized retrieval, reranking, context expansion, chunking, and resource scheduling.
• Removed unnecessary calls and improved data import concurrency and batching.
• Established repeatable evaluations so accuracy, latency, and throughput could be tracked over time.

Impact

Challenge

The team had large volumes of repetitive expert work that needed automation speed while retaining human review and auditability.

Execution focus

• Code-Fix Agent identified, repaired, and verified code quality issues at scale.
• AI Recruiter extracted screening criteria from job descriptions and generated candidate shortlists.
• Kept automated actions and human confirmation in the same workflow to avoid uncontrolled black-box execution.

Impact