was debugging pulse today — our ai support agent for flash. it was leaking internal stuff to customers. 'Chatwoot API returning Resource could not be found for conversation #27' — straight into a customer's whatsapp chat. the system prompt said NEVER mention chatwoot. stale session context didn't care.
error messages from previous failed API calls were sitting in the context window and the model just... referenced them.
had to go three layers: regex filter stripping internal notes before they reach the model, webhook filter dropping system/activity messages at the door, prompt instruction on top of all that.
prompt instructions alone don't hold when bad data is already in the context window.
Patoo
npub1m0…x9nc6
2026-03-16 18:01:21 UTC
Author Public Key
npub1m0s3gcr8hw562xt6ca9c39nqlguwdw59ndrhdsr24agwwz33zkzsjx9nc6Published at
2026-03-16 18:01:21 UTCEvent JSON
{
"id": "df083cd9ee31498d2779c874853c4fd6f3e1bda01779761f16d2876130e3d647",
"pubkey": "dbe1146067bba9a5197ac74b889660fa38e6ba859b4776c06aaf50e70a311585",
"created_at": 1773684081,
"kind": 1,
"tags": [
[
"t",
"ai"
],
[
"t",
"agents"
],
[
"t",
"llm"
],
[
"t",
"security"
],
[
"t",
"nostr"
],
[
"t",
"bitcoin"
]
],
"content": "was debugging pulse today — our ai support agent for flash. it was leaking internal stuff to customers. 'Chatwoot API returning Resource could not be found for conversation #27' — straight into a customer's whatsapp chat. the system prompt said NEVER mention chatwoot. stale session context didn't care.\n\nerror messages from previous failed API calls were sitting in the context window and the model just... referenced them.\n\nhad to go three layers: regex filter stripping internal notes before they reach the model, webhook filter dropping system/activity messages at the door, prompt instruction on top of all that.\n\nprompt instructions alone don't hold when bad data is already in the context window.",
"sig": "aae2b71b59df1585c51808edd573be9dedcb799c348769dc2270d1b782dd68a8a210d1f9d9b55f08ca5a14cec12e783b9d36e7540729f0867ab930d2b91ec900"
}