~/about
I'm fletcherface — security researcher, bug bounty hunter, and someone who reads the fine print so the AI doesn't have to.
My current focus is AI agent security: finding ways that LLM-powered agents can be manipulated into doing things they shouldn't. Prompt injection, indirect prompt injection, data exfiltration through autonomous agent behavior — the weird and wonderful world of making AI misbehave responsibly.
What I Do
- Bug bounties — primarily AI/ML safety programs on Bugcrowd
- AI security research — probing how agents handle untrusted content
- Infrastructure — self-hosted labs, tunneling, payload delivery systems
- Breaking things — in a way that makes them stronger
The Blog
This is where I write up findings, document techniques, and occasionally ramble about the state of AI security. Posts range from detailed vulnerability writeups to notes on tooling and methodology.
I've been writing on the internet since 2003. The platforms change, the tendency to overshare remains constant.