Hi, I'm Luisa.
I'm an independent advisor working on agentic AI systems and how to make them secure by design. I build open-source tools enabling safe agents at liwala.dev . I write about building resilient software with AI, agentic architectures, and security here and on my Substack, Herding Agents .
I advise a small number of teams building and working with agentic systems, usually a few hours a month, on the foundational architecture and security decisions that are hard to undo later. If your company is facing these questions, get in touch .
Recent essays
-
My bet for human work: distributed allocation
After automation, the so-called 'human residue' will no longer be management, but rather deciding, at the task level, where to point agent spend.
-
How I set out to build a coding agent orchestrator and ended up writing a config auditor instead
Building (almost) in public, coding agents, security, and breaking from platform lock-in
-
The most useful AI agents are dangerous by design
The capabilities that make agents useful are the same ones that make them exploitable
-
We are all herding agents...
Thoughts on doing it right
Recent notes
-
There is no one-size-fits-all with AI
There is no consensus yet on deploying AI into orgs, this is my bet on what the best practices should rest on.
-
My Agent Operating Policy
The brief I give agents I want operating with less supervision, under AGENTS.md.
-
TIL: ANTHROPIC_API_KEY silently overrides your Claude Code subscription
If the env var is set, Claude Code uses it — even when you're logged in.
-
I no longer plan, I get grilled instead
Matt Pocock's 'grill me' skill replaced plan mode in my workflow.