
AI safety here means guardrails on what the public assistant can say, do, and leak — refusals, schema validation, and scoped tools.
In my daily workflow
- I maintain an allowlist of topics the assistant should answer from corpus only.
- Outputs pass schema and policy checks before streaming completes.
- PII and secrets are stripped from logs and retrieval chunks.
- I review refusal and override logs for patterns worth new eval cases.
How it makes me work smarter
Safety is not a bolt-on model — it's retrieval boundaries, tool scopes, and validation. A portfolio assistant should not invent client work or expose admin paths. Structured refusals beat confident hallucinations.
My setup
- System prompts with explicit out-of-scope rules
- Zod validation on structured copilot outputs
- No admin tools on public routes
- Rate limits and input length caps on assistant API
On this portfolio
The public assistant answers from published knowledge with citations; copilot registry tools exist only behind auth. Job-fit flows handle recruiter data with minimal retention and clear feedback channels.


