A public notebook for how I think: product judgment, craft, systems, and what I learn while shipping.
How one person maintains seven locales without hand-editing every JSON, and which hiring markets made it worth building.
System design for Lucas AI: layered prompts, lexical retrieval, session memory, token budgets, and a pre-flight classifier on a bounded portfolio chat surface.
How XSS reaches the DOM, which browser APIs are sinks, and mitigations that hold in production—sanitization, CSP, cookies, and CSRF pairing.
