Konstantin Pavlov

Direct prompt injection is just the beginning. Higher-order attacks manipulate agents into producing malicious code, propagating intent across systems, and persisting vulnerabilities long-term.

If your AI code agent treats repository content as instructions, any contributor can execute commands. This article maps the direct injection attack surface and practical defenses.

Javable is a KSP2 processor that generates Java-friendly wrappers for Kotlin classes, turning suspend functions into CompletableFuture, Flow into Stream, and handling CoroutineScope lifecycle automatically.

Every time you rename a Kotlin function parameter, the hand-written JSON schema your LLM reads is wrong — and it fails silently. kotlinx-schema derives the schema from your Kotlin types directly, via three strategies that cover runtime and compile-time generation across all Kotlin Multiplatform targets.

Kotlin encourages grouping related code in a single file, which is useful — until files grow past 1,000 lines. This article explores why that happens, how it affects LLM-based tooling, and what teams can do about it.