A prompt is not a security control. It's a wish.
You can write "never touch production" into your AI agent's prompt all you want. It's probabilistic - one day it ignores you anyway.
The fix isn't a smarter prompt. It's the system around the agent: how you plan it, test it, deploy it, and watch it run.
I walked through the IBM × Anthropic framework - six phases, plain language:
Re-elected as a Docker Captain for 2026. 💖
The title isn’t the point - the work is: early-access testing on MCP Toolkit, Model Runner & Sandboxes, the videos, and a community I learn from every week.
Built different. Built pink - not just a tagline, it’s how I work: real technical depth, in my own voice.
Thank you, Docker, and to this community for being the reason it’s worth doing. 💙🐳
#DockerCaptain #Docker #DevOpsPink #Containerization #WomenInTech
A prompt is not a security control. It’s a wish.
You can write “never touch production” into your AI agent’s prompt all you want - it’s probabilistic, so one day it ignores you anyway.
The fix is a boundary the agent physically can’t cross: a hard ceiling on identity (Vault), policy-as-code that rejects bad plans (Sentinel), a governed way to act (MCP).
IBM just consolidated the whole stack - the cage already exists.
https://devops.pink/ai-agent-needs-a-ceiling-not-a-better-prompt/
A prompt is not a security control. It's a wish. The Vault → Sentinel → MCP → ADLC → watsonx Orchestrate stack that gives AI agents a hard ceiling — and why IBM consolidating HashiCorp made the whole thing boring, in the best possible way.
Your AI agent is tired of dry terminal logs. It wants your phone.📱
Meet MobAI-MCP - a server that gives Claude virtual fingers. The agent natively swipes and taps iOS and Android interfaces (emulators or real devices).
🔥 Pros: It flies. Parses the UI in 0.5s instead of 5s. Runs strictly locally (zero cloud leaks).
🫠 Cons: The model gets full control over the device.
Just published on the official Docker blog: "The Untrusted Autonomous Workload" by my partner @heyvaldemar (fellow Docker Captain).
What stood out for me as a DA: the section on what microVMs can't protect against. The workspace is shared by design, and the piece walks through what that means concretely. Honest security architecture writing is rare.
https://www.docker.com/blog/untrusted-autonomous-workload-ai-sandboxes/
Only 6-7% of teams reach the "advanced" cloud native tier.
I assumed it took more Kubernetes, service mesh, the hard stuff.
The CNCF Q1 2026 data proved me wrong. The actual bridge? Feature flagging - and the report explains exactly why it works.
I also got the author's take on why nobody saw it coming.
https://devops.pink/cncf-q1-2026-feature-flagging-cloud-native-maturity/
🤖 Half your codebase was written by AI.
👤 The other half by someone who left two years ago.
Guess who's on-call when it breaks.
New video on Rootly AI SRE - the partner that's got your back when prod goes down.
Google: 75% of new code is now AI-generated.
18 months ago it was 25%.
The software engineer is no longer the author - they're the editor. Same name tag, different job.
But we're still paid like authors.
Don't blow our cover. 🤫
Want to let AI agents go full YOLO mode without risking your host? 🚀
See how Docker solves the isolation problem with Docker Sandboxes. Lightweight microVMs keep your system completely safe.🛡️
Watch here (and see who chewed my hat 🐶):
https://youtu.be/PVjuMgjr0CU
You can have green DORA metrics and still have miserable developers.
Speed ≠ Joy.
To get real IDP adoption, we need to treat platforms like products. APIs aren't enough.
Read my new article for Platform Engineering here: https://platformengineering.org/blog/the-empathy-gap-why-your-platform-needs-ux-not-just-apis
Discover "the empathy gap" in platform engineering. Learn why relying only on APIs and DORA metrics leads to low Internal Developer Platform (IDP) adoption, and how treating your platform as a product with great UX can reduce cognitive friction and bring developers joy
