didericis
e6b3cd1824
- Remove all time estimates (2-3 weeks, 1-2 weeks, etc.) - Add detailed analysis of using LLM for prompt injection detection - Survey existing models (none purpose-built for this) - Sketch DistilBERT fine-tuning approach (~67MB quantized) - Analyze latency/footprint tradeoffs (50-150ms vs. <5ms for patterns) - Recommend pattern-based Phase 2, with LLM as optional Phase 2b - Include code sketch of LLM detector with timeout fallback - List open questions for LLM deployment Conclusion: Patterns are faster/simpler for now; LLM only if patterns miss sophisticated attacks in production. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Docs
How this project records what it builds and why — and a guide to picking the right document for what you're capturing.
When to write which document
| Artifact | For |
|---|---|
PRD (docs/prds/) |
A feature: what to build, scope, success criteria. |
Research note (docs/research/) |
A landscape/tradeoff investigation. |
Decision record (docs/decisions/) |
A decision that isn't itself a feature — a policy, a convention, a "we will / won't do this," or a load-bearing choice made inside a larger PRD that deserves to be discoverable on its own. |
A decision that's fully specified by a PRD doesn't need duplicating in a decision record. Write one when the decision would otherwise be buried in prose, lost in an issue thread, or have no in-repo home at all (small requests that don't merit a PRD; non-feature choices like merge strategy or a trust posture).