How a non-engineer PM verifies delegated technical work, and why the cleanest 'all done' report is often the one worth checking hardest.
AI Product Manager · 9 years at PayPal across product and operations
Privacy and Safety Architecture for Consumer AI
I spent nine years at PayPal across product and operations. As a Product Manager, I built HR onboarding tooling that served 90,000+ employees and contingent workers globally, including automation that cut support tickets by 50%. As a Senior Manager, I led cross-functional operations programs across HR, IT, security, information security, and workplace resources.
Now I'm applying that product discipline to AI: building a consumer AI companion app in active testing, with multi-layer safety architecture, adversarial testing, and compliance design for three emerging AI laws (California's SB 243, New York's AI Companion Law, and Washington's HB 2225).
I believe the system prompt is the product spec and that every feature you don't build is a risk you don't carry.
Case Studies
AI Companion UX
Designing Luna
Designing a bedtime AI companion required solving a tension most AI products ignore: how to be emotionally present without becoming emotionally necessary.
- Three-tone personality framework
- Five-iteration system prompt architecture
- Emotional dependency guardrails
14 min readRead case study →
Safety Architecture
Proving Luna Is Safe
The safety infrastructure required more engineering than the AI behavior itself, and a testing philosophy that treats false positives as correct behavior.
- OWASP-mapped 11-layer security pipeline
- 50-test adversarial suite, 100% pass rate
- Crisis detection that bypasses the LLM
16 min readRead case study →
Privacy & Compliance
Operationalizing Compliance Solo
Three state AI companion laws required features no user would request. The PM challenge was turning regulatory text into product architecture without a legal team.
- Regulatory-to-feature mapping for three state laws
- Data minimization as architectural principle
- Incident response and attorney review pipelines
13 min readRead case study →
The Product
Duskglow
Nightly Gratitude Journaling with Luna
A mobile-first PWA for nightly gratitude journaling, powered by an AI companion named Luna. Built solo from architecture to deployment: React, Supabase, Gemini 2.5 Flash, and a multi-layer safety pipeline.
Selected Writing
- An 11-Chat Sprint and the Architecture of Trust
Building working memory into an AI companion, letting the model author its own UX signals, and why a 429 error in a journaling app hits harder than a loading spinner.
- Crisis Detection, Context Infrastructure, and the Trade-Offs of Shipping an AI Journaling App
Why crisis detection must bypass the LLM entirely, how adversarial testing exposed the cost of false positives, and building an AI personality framework where tone carries real risk weight.
- What Vibe Coding an AI Journaling App Taught Me About Building Safe AI Products
Seven security layers mapped to OWASP LLM Top 10, a system prompt rewritten as a behavioral spec, and the discovery that your safety infrastructure can fight itself at the worst possible moment.
Journal
Filter by keyword or select a tag.
A runtime mismatch in production telemetry surfaced via mandatory verification, and what it reveals about the structural discipline that catches what recognition-based judgment cannot.
Why a recognition-triggered confidence rule kept failing on the same kind of claim, and what shipping a structural backstop taught me about scaling solo founder leverage through delegation.
How a single beta tester report rejected the 'monitor and see' default and surfaced a reframe of how the product treats in-flight state.
A 30-second schema check found a column-type bug that would have silently killed telemetry on the exact device segment it was built to diagnose.
An exploration session testing whether you can prompt your way out of an AI tool's house style, run on the tool itself.
A couple moments today taught me the same lesson from different angles. AI tools have defaults that compound into your product, and noticing them is becoming part of the PM job.
When a voice input bug surfaced on a phone but not on the laptop where the code lived, the question wasn't what to fix. It was how to see what was actually happening.
A regression closed without a real fix, an AI agent that surfaced tension instead of choosing silently, and a governance rule whose premise had quietly expired, all in one day.
A five-element structure for delegating technical decisions to an AI collaborator when you own product vision but cannot verify the code yourself, built live during a cryptographic ship.
Why replacing a working development tool mid-project, before finishing in-progress ship work, was the right sequencing call for my AI-assisted build loop.
A UI task turned into a pressure test of every trust assumption in the encryption posture, and why that pressure test is the real work.
An admin dashboard is a product for one user and a liability for everyone else, and that reframing changed what I built and what I turned off by default.
Twelve chats turned safety infrastructure into three case studies, and the translation process surfaced product decisions the building process missed.
An eight-session sprint to feature-completeness where the hardest PM decisions were what to revert, where to draw API boundaries, and when to override your own AI's design instincts.
How mapping real AI companion lawsuits to OWASP vulnerability categories produced four concrete Edge Function fixes deployed in a single session.
A stateless search architecture that eliminates the vector database entirely, compliance features designed as architectural patterns instead of checkboxes, and managing AI development context as production infrastructure.
Migrating off a no-code platform mid-build, designing a summarization feature as a side-channel architecture, and the debugging tax that comes with every AI-generated line of code.