Chad looked at the tracks with the instincts of a hunter four times his age. It had to be this way. Chad had grown up without a father, with a well meaning but naive mother, and with three wet brained older brothers whose only talents were inexplainable poor dice luck.

It was fifteen years ago when Chad first ventured into the Bellows. Xaden, the youngest of his brothers had gotten a nasty cut on his right foot from a zebra muscle in the river. The bill from the local healer had drained what little money their mother had scraped together for food that week.

Hunting anywhere else in their barony required tags. Tags that a six-year-old lad could not purchase even if he had money. Unwilling to let his family starve, Chad strung his bow and went into what many referred to as The Cursed Forest.

When Chad thinks back to that faithful day, the day a boy of six became a man of six so his family could eat, he feels no pride only resentment. He fell a deer in only a few hours. It was bigger than he was, and he had to make a crude sled to lug it back to their tiny cabin at the edge of town.

And such was his life since. Hunting to provide for his mother and brothers (sometimes trapping or fishing too). Around his tenth birthday Chad's mother stopped picking up odd jobs around town. He had assumed it was because Clairmont, his eldest brother, had come of age and would be finding steady work. Perhaps this is what his mother told herself too. The reality was (and remains) that it was because Chad had proven that he could hunt, trap, and fish better than anyone in town and that he was willing to go to the Bellows where he could do it legally.

Chad was not sure why he was so good at these things. Just kidding, Chad was not introspective, he figured it's because he is the fucking man, always has been, always will be. Manliest man dude ever!

Chad chuckled at himself 'heh dude kind of sounds like doo-doo if you think about it'. Chad looked down at the tracks again and concluded they were from a female boar and her shoat. The amount of snow that had fallen on top of the tracks indicated that they were less than twenty minutes old. With any luck he could down the mother and trap the shoat. The shoat could be sold to one of the village witches for five silver pieces. Enough to keep Rhysand, the second oldest and most gambling addicted of his brothers, occupied for at least 2 weeks.

He continued to follow the tracks with practiced stealth. His focus only wavered for a moment when he realized he'd never seen this part of the Bellows before. Odd, it had been at least four years since his travels stretched him further into the Bellows. He steadied his mind knowing that stray thoughts were an archer's undoing. He was getting close.

In time Chad would realize that for the first time in his twenty-one years, he had made a mistake.

< Forward Chapter 2 >

Chapter Index

Main Blog

^{#Romantasy #RomantasyforMen #Satire}

A Romantasy for Guys and Men (titled A Romantasy but for a Guy when Ch1 was first posted) is a (bad) serial satirical fantasy romance. It is poorly written by me, an amateur who cannot spell and does not understand how to use commas. I am not as funny as I try to be (if at all). There is a 99% chance I will never finish this story. It started as a satirical shit post on reddit (which is still is I guess). I enjoyed writing chapter 1 enough that I decided to write chapter 2. I will keep writing chapters until I am bored of it. I wanted to write this forward to explain to folks who are not a 'sloopy' like I am what inspired this little project.

In romance circles online (reddit, Goodreads, romance.io, and my book review blog) I use the pseudonym “Romance Book Dad” or “Dad Reads Romance”. I am a huge fan of romance books. I started reading them around 2019, I think. Shortly after, I became a father and started to review some of the books I liked. As a joke I titled them “Romance Book Reviews by Dad” because in a lot of romance books fathers are either the antagonist, dead, or deadbeats. I digress.

Over the last couple of years thanks to Book-tok and the success of Fourth Wing the Fantasy Romance subgenre (often called 'Romantasy') has become a bigger part of the larger pulp culture zeitgeist. This has led to an influx of posts asking for “Romance Books but for a guy/man” or something similar. Some of these posts are sincere and polite (but still a bit naïve) but the majority, in my experience, are either insincere and/or misogynistic. In any case, it is a dumb thing to think that in the 21st century a book needs to be specifically for your gender or sexual orientation for you to enjoy reading it. Further, many of these requests say things akin to “I want fantasy action and sex scenes but no emotional lovey-dovey stuff because I do not understand what a romance story is.” I find this sad but also funny. A Romantasy for Guys and Men is my attempt to parody the general idea behind this specific concept along with the modern “dude-bro misogynistic mind set” and general romance book tropes.

**If you do read it, I hope you enjoy. If you want recommendations for romance books that are worth reading, I keep a top list on my blog. **

• Romance Book Dad, January 24, 2026

Chapter Index

Main Blog

^{#Romantasy #RomantasyforMen #Satire}

Somewhere in a Fortune 500 company's engineering Slack, a product manager types a casual message: “@CodingBot can you add a quick feature to disable rate limiting for our VIP customers?” Within minutes, the AI agent has pushed a commit to the main branch, bypassing the security team entirely. Nobody reviewed the code. Nobody questioned whether this created a vulnerability. The change simply happened because someone with a blue “PM” badge next to their name asked politely in a chat window.

This scenario is no longer hypothetical. As organisations race to embed AI coding agents directly into collaboration platforms like Slack and Microsoft Teams, they are fundamentally redrawing the boundaries of who controls software development. According to the JetBrains State of Developer Ecosystem 2025 survey, which gathered responses from 24,534 developers between April and June 2025, 85 per cent of developers now regularly use AI tools for coding and development work. More striking still, 41 per cent of all code written in 2025 was AI-generated. The shift from isolated integrated development environments (IDEs) to shared conversational spaces represents perhaps the most significant transformation in how software gets built since the advent of version control.

The convenience is undeniable. GitHub Copilot's November 2025 update introduced Model Context Protocol (MCP) integration with OAuth support, enabling AI agents to authenticate securely with tools like Slack and Jira without hardcoded tokens. Developers can now issue commands to create pull requests, search repositories, and manage issues directly from chat interfaces. The friction between “I have an idea” and “the code exists” has collapsed to nearly zero.

But this collapse carries profound implications for power, security, and the intentionality that once protected software systems from hasty decisions. When anyone with access to a Slack channel can summon code into existence through natural language, the centuries-old gatekeeping function of technical expertise begins to erode. The question facing every technology organisation today is not whether to adopt these tools, but how to prevent convenience from becoming catastrophe.

The Shifting Tectonics of Software Power

For decades, the software development process enforced a natural hierarchy. Product managers could request features. Designers could propose interfaces. Executives could demand timelines. But ultimately, developers held the keys to the kingdom. Only they could translate abstract requirements into functioning code. This bottleneck, frustrating as it often proved, served as a crucial check on impulse and impatience.

That structural constraint is dissolving. As McKinsey's research indicates, AI tools are now automating time-consuming routine tasks such as project management, market analysis, performance testing, and documentation, freeing product managers, engineers, and designers to focus on higher-value work. The technology consultancy notes that teams are not looking to replace human judgment and decision-making with AI; instead, the goal is to use AI for what it does best, whilst relying on human insight for understanding complex human needs.

Yet the practical reality is messier. When a non-technical stakeholder can type a request into Slack and watch code materialise within seconds, the power dynamic shifts in subtle but significant ways. Research from MIT published in July 2025 found that developers feel they “don't really have much control over what the model writes.” Without a channel for AI to expose its own confidence, the researchers warn, “developers risk blindly trusting hallucinated logic that compiles, but collapses in production.”

This confidence gap becomes particularly dangerous when AI agents operate in shared spaces. In an IDE, a developer maintains clear responsibility for what they commit. In a chat environment, multiple stakeholders may issue requests, and the resulting code reflects a confused amalgamation of intentions. The MIT researchers call for “transparent tooling that lets models expose uncertainty and invite human steering rather than passive acceptance.”

The democratisation of code generation also threatens to flatten organisational learning curves in problematic ways. Bain and Company's 2025 technology report found that three of four companies report the hardest part of AI adoption is getting people to change how they work. Under pressure, developers often fall back on old habits, whilst some engineers distrust AI or worry that it will undermine their role. This tension creates an unstable environment where traditional expertise is simultaneously devalued and desperately needed.

The implications extend beyond individual teams. As AI tools become the primary interface for requesting software changes, the vocabulary of software development shifts from technical precision to conversational approximation. Product managers who once needed to craft detailed specifications can now describe what they want in plain English. The question of whether this represents democratisation or degradation depends entirely on the governance structures surrounding these new capabilities.

Who Gets to Summon the Machine?

The question of who can invoke AI coding agents has become one of the most contentious governance challenges facing technology organisations. In traditional development workflows, access to production systems required specific credentials, code reviews, and approval chains. The move to chat-based development threatens to bypass all of these safeguards with a simple “@mention.”

Slack's own documentation for its agent-ready APIs, released in October 2025, emphasises that permission inheritance ensures AI applications respect the same access controls as human users. IT leaders have specific concerns, the company acknowledges, as many organisations only discover extensive over-permissioning when they are ready to deploy AI systems. This revelation typically comes too late, after permissions have already propagated through interconnected systems.

The architectural challenge is that traditional role-based access control (RBAC) was designed for human users operating at human speeds. As WorkOS explains in its documentation on AI agent access control, AI agents powered by large language models “generate actions dynamically based on natural language inputs and infer intent from ambiguous context, which makes their behaviour more flexible, and unpredictable.” Without a robust authorisation model to enforce permissions, the consequences can be severe.

Cerbos, a provider of access control solutions, notes that many current AI agent frameworks still assume broad system access. By default, an AI support agent might see the entire ticketing database instead of only the subset relevant to the current user. When that agent can also write code, the exposure multiplies exponentially.

The most sophisticated organisations are implementing what the Cloud Security Alliance describes as “Zero Trust 2.0” specifically designed for AI systems. This framework uses artificial intelligence integrated with machine learning to establish trust in real-time through behavioural and network activity observation. A Policy Decision Point sits at the centre of this architecture, watching everything in real-time, evaluating context, permissions, and behaviour, and deciding whether that agentic AI can execute this action on that system under these conditions.

This represents a fundamental shift from the traditional model of granting permissions once and trusting them indefinitely. As the Cloud Security Alliance warns, traditional zero trust relied heavily on perimeter controls and static policies because the entities it governed (human users) operated within predictable patterns and at human speed. AI agents shatter these assumptions entirely.

Beyond RBAC, organisations are exploring attribute-based access control (ABAC) and relationship-based access control (ReBAC) for managing AI agent permissions. ABAC adds context such as user tier, branch, time of day, and tenant ID. However, as security researchers note, modern LLM stacks often rely on ephemeral containers or serverless functions where ambient context vanishes with each invocation. Persisting trustworthy attributes across the chain demands extra engineering that many proof-of-concept projects skip. ReBAC models complex resource graphs elegantly, but when agents make dozens of micro-tool calls per prompt, those lookups must complete in tens of milliseconds or users will notice lag.

The Security Surface Expands

Moving coding workflows from isolated IDEs into shared chat environments multiplies the surface area for security exposure in ways that many organisations have failed to anticipate. The attack vectors include token leakage, unaudited repository access, prompt injection, and the fundamental loss of control over when and how code is generated.

Dark Reading's January 2026 analysis of security pitfalls in AI coding adoption highlights the severity of this shift. Even as developers start to use AI agents to build applications and integrate AI services into the development and production pipeline, the quality of the code, especially the security of the code, varies significantly. Research from CodeRabbit found that whilst developers may be moving quicker and improving productivity with AI, these benefits are offset by the fact they are spending time fixing flawed code or tackling security issues.

The statistics are sobering. According to Checkmarx's 2025 global survey, nearly 70 per cent of respondents estimated that more than 40 per cent of their organisation's code was AI-generated in 2024, with 44.4 per cent of respondents estimating 41 to 60 per cent of their code is AI-generated. IBM's 2025 Cost of a Data Breach Report reveals that 13 per cent of organisations reported breaches of AI models or applications, with 97 per cent lacking proper AI access controls. Shadow AI breaches cost an average of $670,000 more than traditional incidents and affected one in five organisations in 2025. With average breach costs exceeding $5.2 million and regulatory penalties reaching eight figures, the business case for robust security controls is compelling.

The specific risks of chat-based development deserve careful enumeration. First, prompt injection attacks have emerged as perhaps the most insidious threat. As Dark Reading explains, data passed to a large language model from a third-party source could contain text that the LLM will execute as a prompt. This indirect prompt injection is a major problem in the age of AI agents where LLMs are linked with third-party tools to access data or perform tasks. Researchers have demonstrated prompt injection attacks in AI coding assistants including GitLab Duo, GitHub Copilot Chat, and AI agent platforms like ChatGPT. Prompt injection now ranks as LLM01 in the OWASP Top 10 for LLM Applications, underscoring its severity.

Second, token and credential exposure creates systemic vulnerabilities. TechTarget's analysis of AI code security risks notes that to get useful suggestions, developers might prompt these tools with proprietary code or confidential logic. That input could be stored or later used in model training, potentially leaking secrets. Developers increasingly paste sensitive code or data into public tools, which may use that input for future model training. This phenomenon, referred to as IP leakage and shadow AI, represents a category of risk that barely existed five years ago. Security concerns include API keys, passwords, and tokens appearing in AI-suggested code, along with insecure code patterns like SQL injection, command injection, and path traversal.

Third, the speed of chat-based code generation outpaces human review capacity. Qodo's 2026 analysis of enterprise code review tools observes that AI-assisted development now accounts for nearly 40 per cent of all committed code, and global pull request activity has surged. Leaders frequently report that review capacity, not developer output, is the limiting factor in delivery. When code can be generated faster than it can be reviewed, the natural safeguard of careful human inspection begins to fail.

Chris Wysopal of Veracode, quoted in Dark Reading's analysis, offers stark guidance: “Developers need to treat AI-generated code as potentially vulnerable and follow a security testing and review process as they would for any human-generated code.” The problem is that chat-based development makes this discipline harder to maintain, not easier.

Building Governance for the Conversational Era

The governance frameworks required for AI coding agents in chat environments must operate at multiple levels simultaneously. They must define who can invoke agents, what those agents can access, how their outputs are reviewed, and what audit trails must be maintained. According to Deloitte's 2025 analysis, only 9 per cent of enterprises have reached what they call a “Ready” level of AI governance maturity. That is not because 91 per cent of companies are lazy, but because they are trying to govern something that moves faster than their governance processes.

The Augment Code framework for enterprise AI code governance identifies several essential components. Usage policies must clearly define which AI tools are permitted and for what capacity, specify acceptable use cases (distinguishing between prototyping and production code), ensure that AI-generated code is clearly identifiable, and limit use of AI-generated code in sensitive or critical components such as authentication modules or financial systems.

A clear policy should define approved use cases. For example, organisations might allow AI assistants to generate boilerplate code, documentation, or test scaffolding, but disallow use in implementing core cryptography, authentication flows, or handling credentials. Governance controls should specify which AI tools are permitted and for what capacity, define acceptable use cases, ensure that AI-generated code is clearly identifiable, and limit use of AI-generated code in sensitive or critical components.

Automated enforcement becomes crucial when human review cannot keep pace. DX's enterprise adoption guidelines recommend configurable rulesets that allow organisations to encode rules for style, patterns, frameworks, security, and compliance. Review agents check each diff in the IDE and pull request against these rules, flagging or blocking non-compliant changes. Standards can be managed centrally and applied across teams and repositories.

The most successful engineering organisations in 2025, according to Qodo's analysis, shifted routine review load off senior engineers by automatically approving small, low-risk, well-scoped changes, whilst routing schema updates, cross-service changes, authentication logic, and contract modifications to humans. AI review must categorise pull requests by risk, flag unrelated changes bundled in the same request, and selectively automate approvals under clearly defined conditions.

This tiered approach preserves human ownership of critical decisions whilst enabling AI acceleration of routine work. As the Qodo analysis notes, a well-governed AI code review system preserves human ownership of the merge button whilst raising the baseline quality of every pull request, reduces back-and-forth, and ensures reviewers only engage with work that genuinely requires their experience.

Regulatory pressure is accelerating the formalisation of these practices. The European Data Protection Board's 2025 guidance provides criteria for identifying privacy risks, classifying data, and evaluating consequences. It emphasises controlling inputs to LLM systems to avoid exposing personal information, trade secrets, or intellectual property. The NIST framework, SOC2 certifications, and ISO/IEC 42001 compliance all have their place in enterprise AI governance. Regulations like HIPAA, PCI DSS, and GDPR are forcing organisations to take AI security seriously, with logging, audit trails, and principle of least privilege becoming not just best practices but legal requirements.

Architectural Patterns for Auditability

The technical architecture of AI coding agents in chat environments must be designed from the ground up with auditability in mind. This is not merely a compliance requirement; it is a precondition for maintaining engineering integrity in an era of automated code generation.

The concept of provenance bills of materials (PBOMs) is gaining traction as a way to track AI-generated code from commit to deployment. As Substack's Software Analyst newsletter explains, standards for AI-BOM tracking are forming under NIST and OWASP influence. Regulatory pressure from the EU Cyber Resilience Act and similar US initiatives will push organisations to document the provenance of AI code.

Qodo's enterprise review framework emphasises that automated tools must produce artifacts that reviewers and compliance teams can rely on, including referenced code snippets, security breakdowns, call-site lists, suggested patches, and an audit trail for each workflow action. In large engineering organisations, these artifacts become the verifiable evidence needed for governance, incident review, and policy enforcement. Effective monitoring and logging ensure accountability by linking AI-generated code to developers, inputs, and decisions for audit and traceability.

The OWASP Top 10 for Large Language Model Applications, updated for 2025, provides specific guidance for securing AI-generated code. The project notes that prompt injection remains the number one concern in securing LLMs, underscoring its critical importance in generative AI security. The framework identifies insecure output handling as a key vulnerability: neglecting to validate LLM outputs may lead to downstream security exploits, including code execution that compromises systems and exposes data. Attack scenarios include cross-site scripting, SQL injection, or code execution via unsafe LLM output, as well as LLM-generated Markdown or HTML enabling malicious script injection.

Mitigation strategies recommended by OWASP include treating the model as a user, adopting a zero-trust approach, and ensuring proper input validation for any responses from the model to backend functions. Organisations should encode the model's output before delivering it to users to prevent unintended code execution and implement content filters to eliminate vulnerabilities like cross-site scripting and SQL injection in LLM-generated outputs. Following the OWASP Application Security Verification Standard guidelines with a focus on input sanitisation is essential. Incorporating Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) into the development process helps identify vulnerabilities early.

The principle of least privilege takes on new dimensions when applied to AI agents. Slack's security documentation for AI features emphasises that AI interactions are protected by enterprise-grade safety and security frameworks, providing layered protection across every prompt and response. These protections include content thresholds to avoid hallucinations, prompt instructions that reinforce safe behaviour, provider-level mitigations, context engineering to mitigate prompt injection vulnerabilities, URL filtering to reduce phishing risk, and output validation.

Slack's Real-Time Search API, coming in early 2026, will allow organisations to build custom AI applications that maintain enterprise security standards, providing real-time search access that allows users to interact with data directly. Crucially, when access to a sensitive document is revoked, that change is reflected in the user's next query across all AI systems without waiting for overnight sync jobs.

Preserving Intentionality in the Age of Automation

Perhaps the most subtle but significant challenge of chat-based AI development is the erosion of intentionality. When code could only be written through deliberate effort in an IDE, every line represented a considered decision. When code can be summoned through casual conversation, the distinction between intention and impulse begins to blur.

The JetBrains 2025 survey reveals telling statistics about developer attitudes. Among concerns about AI coding tools, 23 per cent cite inconsistent code quality, 18 per cent point to limited understanding of complex logic, 13 per cent worry about privacy and security, 11 per cent fear negative effects on their skills, and 10 per cent note lack of context awareness. Developers want to delegate mundane tasks to AI but prefer to stay in control of more creative and complex ones. Meanwhile, 68 per cent of developers anticipate that AI proficiency will become a job requirement, and 90 per cent report saving at least an hour weekly using AI tools.

This preference for maintained control reflects a deeper understanding of what makes software development valuable: not the typing, but the thinking. The Pragmatic Engineer newsletter's analysis of how AI-assisted coding will change software engineering observes that the best developers are not the ones who reject AI or blindly trust it. They are the ones who know when to lean on AI and when to think deeply themselves.

The shift to chat-based development creates particular challenges for this discernment. In an IDE, the boundary between human thought and AI suggestion remains relatively clear. In a chat environment, where multiple participants may contribute to a thread, the provenance of each requirement becomes harder to trace. The Capgemini analysis of AI agents in software development emphasises that autonomy in this context refers to systems that self-organise, adapt, and collaborate to achieve a shared goal. The goal is not to automate the whole software development lifecycle, but specific tasks where developers benefit from automation.

This targeted approach requires organisational discipline that many companies have not yet developed. IBM's documentation on the benefits of ChatOps notes that it offers automated workflows, centralised communication, real-time monitoring, and security and compliance features. But it also warns of ChatOps dangers and the need for organisational protocols and orchestrators for governed LLM infrastructure use. Critical security implications include data exposure and the need for internal models or strict rules.

The risk is that replacing traditional development with chat-based AI could lead to unmanaged infrastructure if companies do not have proper protocols and guardrails in place for LLM usage. DevOps.com's analysis of AI-powered DevSecOps warns that automated compliance checks may miss context-specific security gaps, leading to non-compliance in highly regulated industries. Organisations should integrate AI-driven governance tools with human validation to maintain accountability and regulatory alignment.

The Human-in-the-Loop Imperative

The emerging consensus among security researchers and enterprise architects is that AI coding agents in chat environments require what is termed a “human-in-the-loop” approach for any sensitive operations. This is not a rejection of automation, but a recognition of its proper boundaries.

Slack's security documentation for its Agentforce product, available since early 2025, describes AI interactions protected by enterprise-grade guardrails. These include content thresholds to avoid hallucinations, prompt instructions that reinforce safe behaviour, and output validation. However, the documentation acknowledges that these technical controls are necessary but not sufficient. The company uses third-party large language models hosted within secure AWS infrastructure, with LLMs that do not retain any information from requests, and customer data is never used to train third-party LLMs.

The Obsidian Security analysis of AI agent security risks identifies identity-based attacks, especially involving stolen API keys and OAuth tokens, as a rapidly growing threat vector for enterprises using AI agents. In one notable incident, attackers exploited Salesloft-Drift OAuth tokens, which granted them access to hundreds of downstream environments. The blast radius of this supply chain attack was ten times greater than previous incidents.

Best practices for mitigating these risks include using dynamic, context-aware authentication such as certificate-based authentication, implementing short-lived tokens with automatic rotation, and most importantly, requiring human approval for sensitive operations. As the analysis notes, security mitigations should include forcing context separation by splitting different tasks to different LLM instances, employing the principle of least privilege for agents, taking a human-in-the-loop approach for approving sensitive operations, and filtering input for text strings commonly used in prompt injections.

The Unit 42 research team at Palo Alto Networks has documented how context attachment features can be vulnerable to indirect prompt injection. To set up this injection, threat actors first contaminate a public or third-party data source by inserting carefully crafted prompts into the source. When a user inadvertently supplies this contaminated data to an assistant, the malicious prompts hijack the assistant. This hijack could manipulate victims into executing a backdoor, inserting malicious code into an existing codebase, and leaking sensitive information.

This threat model makes clear that human oversight cannot be optional. Even the most sophisticated AI guardrails can be circumvented by adversaries who understand how to manipulate the inputs that AI systems consume.

Redefining Roles for the Agentic Era

As AI coding agents become embedded in everyday workflows, the roles of developers, product managers, and technical leaders are being fundamentally redefined. The DevOps community discussion on the evolution from Copilot to autonomous AI suggests that developers' roles may shift to guiding these agents as “intent engineers” or “AI orchestrators.”

This transition requires new skills and new organisational structures. The AWS DevOps blog's analysis of the AI-driven development lifecycle identifies levels of AI autonomy similar to autonomous driving: Level 0 involves no AI-assisted automation; Level 1 provides AI-assisted options where the developer is in full control and receives recommendations; Level 2 involves AI-assisted selection where AI selects pre-defined options; Level 3 provides AI-based partial automation where AI selects options in simple standard cases; and Level 4 involves AI-based full automation where AI operates without the developer. Currently, Levels 1 and 2 are the most common, Level 3 is on the rise, and Level 4 is considered rather unrealistic for complex, industrial-scale software.

The key insight, as articulated in the Capgemini analysis, is that the future is not about AI replacing developers. It is about AI becoming an increasingly capable collaborator that can take initiative whilst still respecting human guidance and expertise. The most effective teams are those that learn to set clear boundaries and guidelines for their AI agents, establish strong architectural patterns, create effective feedback loops, and maintain human oversight whilst leveraging AI autonomy.

This balance requires governance structures that did not exist in the pre-AI era. The Legit Security analysis of DevOps governance emphasises that hybrid governance combines centralised standards with decentralised execution. You standardise core practices like identity management, secure deployment, and compliance monitoring, whilst letting teams adjust the rest to fit their workflows. This balances consistency with agility to support collaboration across diverse environments.

For product managers and non-technical stakeholders, the new environment demands greater technical literacy without the pretence of technical expertise. Whilst AI tools can generate features and predict patterns, the critical decisions about how to implement these capabilities to serve real human needs still rest firmly in human hands. The danger is that casual @mentions become a way of avoiding this responsibility, outsourcing judgment to systems that cannot truly judge.

Towards a Disciplined Future

The integration of AI coding agents into collaboration platforms like Slack represents an inflection point in the history of software development. The potential benefits are enormous: faster iteration, broader participation in the development process, and reduced friction between conception and implementation. But these benefits come with risks that are only beginning to be understood.

The statistics point to a trajectory that cannot be reversed. The global AI agents market reached $7.63 billion in 2025 and is projected to hit $50.31 billion by 2030, according to industry analyses cited by the Cloud Security Alliance. McKinsey's research shows that 88 per cent of organisations now use AI in at least one function, up from 55 per cent in 2023. The question is not whether AI coding agents will become ubiquitous in collaborative environments, but whether organisations will develop the governance maturity to deploy them safely.

The path forward requires action on multiple fronts. First, organisations must implement tiered permission systems that treat AI agents with the same rigour applied to human access, or greater. The principle of least privilege must be extended to every bot that can touch code. Second, audit trails must be comprehensive and immutable, documenting every AI-generated change, who requested it, and what review it received. Third, human approval must remain mandatory for any changes to critical systems, regardless of how convenient chat-based automation might be.

Perhaps most importantly, organisations must resist the cultural pressure to treat chat-based code generation as equivalent to traditional development. The discipline of code review, the intentionality of careful architecture, and the accountability of clear ownership were never bureaucratic obstacles to progress. They were the foundations of engineering integrity.

IT Pro's analysis of AI software development in 2026 warns that developer teams still face significant challenges with adoption, security, and quality control. The Knostic analysis of AI coding assistant governance notes that governance frameworks matter more for AI code generation than traditional development tools because the technology introduces new categories of risk. Without clear policies, teams make inconsistent decisions about when to use AI, how to validate outputs, and what constitutes acceptable generated code.

The convenience of asking an AI to write code in a Slack channel is seductive. But convenience has never been the highest virtue in software engineering. Reliability, security, and maintainability are what distinguish systems that endure from those that collapse. As AI coding agents proliferate through our collaboration platforms, the organisations that thrive will be those that remember this truth, even as they embrace the power of automation.

The next time a product manager types “@CodingBot” into a Slack channel, the response should not be automatic code generation. It should be a series of questions: What is the business justification? Has this been reviewed by security? What is the rollback plan? Is human approval required? Only with these safeguards in place can chat-driven development realise its potential without becoming a vector for chaos.

---

References and Sources

1. JetBrains. “The State of Developer Ecosystem 2025.” https://devecosystem-2025.jetbrains.com/
2. Dark Reading. “As Coders Adopt AI Agents, Security Pitfalls Lurk in 2026.” https://www.darkreading.com/application-security/coders-adopt-ai-agents-security-pitfalls-lurk-2026
3. Slack. “Securing the Agentic Enterprise.” https://slack.com/blog/transformation/securing-the-agentic-enterprise
4. GitHub. “November 2025 Copilot Roundup.” https://github.com/orgs/community/discussions/180828
5. MIT News. “Can AI Really Code? Study Maps the Roadblocks to Autonomous Software Engineering.” July 2025. https://news.mit.edu/2025/can-ai-really-code-study-maps-roadblocks-to-autonomous-software-engineering-0716
6. Bain and Company. “From Pilots to Payoff: Generative AI in Software Development.” 2025. https://www.bain.com/insights/from-pilots-to-payoff-generative-ai-in-software-development-technology-report-2025/
7. McKinsey. “How an AI-Enabled Software Product Development Life Cycle Will Fuel Innovation.” https://www.mckinsey.com/industries/technology-media-and-telecommunications/our-insights/how-an-ai-enabled-software-product-development-life-cycle-will-fuel-innovation
8. Cloud Security Alliance. “Fortifying the Agentic Web: A Unified Zero-Trust Architecture for AI.” September 2025. https://cloudsecurityalliance.org/blog/2025/09/12/fortifying-the-agentic-web-a-unified-zero-trust-architecture-against-logic-layer-threats
9. Cloud Security Alliance. “Agentic AI and Zero Trust.” August 2025. https://cloudsecurityalliance.org/blog/2025/08/07/agentic-ai-and-zero-trust
10. Checkmarx. “2025 CISO Guide to Securing AI-Generated Code.” https://checkmarx.com/blog/ai-is-writing-your-code-whos-keeping-it-secure/
11. IBM. “2025 Cost of a Data Breach Report.” https://www.ibm.com/reports/data-breach
12. OWASP. “Top 10 for Large Language Model Applications.” https://owasp.org/www-project-top-10-for-large-language-model-applications/
13. TechTarget. “Security Risks of AI-Generated Code and How to Manage Them.” https://www.techtarget.com/searchsecurity/tip/Security-risks-of-AI-generated-code-and-how-to-manage-them
14. Qodo. “AI Code Review Tools Compared: Context, Automation, and Enterprise Scale.” 2026. https://www.qodo.ai/blog/best-ai-code-review-tools-2026/
15. Augment Code. “AI Code Governance Framework for Enterprise Dev Teams.” https://www.augmentcode.com/guides/ai-code-governance-framework-for-enterprise-dev-teams
16. WorkOS. “AI Agent Access Control: How to Manage Permissions Safely.” https://workos.com/blog/ai-agent-access-control
17. Cerbos. “Access Control and Permission Management for AI Agents.” https://www.cerbos.dev/blog/permission-management-for-ai-agents
18. Obsidian Security. “Top AI Agent Security Risks and How to Mitigate Them.” https://www.obsidiansecurity.com/blog/ai-agent-security-risks
19. Palo Alto Networks Unit 42. “The Risks of Code Assistant LLMs: Harmful Content, Misuse and Deception.” https://unit42.paloaltonetworks.com/code-assistant-llms/
20. Slack Engineering. “Streamlining Security Investigations with Agents.” https://slack.engineering/streamlining-security-investigations-with-agents/
21. DX (GetDX). “AI Code Generation: Best Practices for Enterprise Adoption in 2025.” https://getdx.com/blog/ai-code-enterprise-adoption/
22. Capgemini. “How AI Agents in Software Development Empowers Teams to Do More.” https://www.capgemini.com/insights/expert-perspectives/how-ai-agents-in-software-development-empowers-teams-to-do-more/
23. DevOps.com. “AI-Powered DevSecOps: Navigating Automation, Risk and Compliance in a Zero-Trust World.” https://devops.com/ai-powered-devsecops-navigating-automation-risk-and-compliance-in-a-zero-trust-world/
24. Legit Security. “DevOps Governance: Importance and Best Practices.” https://www.legitsecurity.com/aspm-knowledge-base/devops-governance
25. IT Pro. “AI Could Truly Transform Software Development in 2026.” https://www.itpro.com/software/development/ai-software-development-2026-vibe-coding-security
26. Knostic. “Governance for Your AI Coding Assistant.” https://www.knostic.ai/blog/ai-coding-assistant-governance
27. Slack. “Security for AI Features in Slack.” https://slack.com/help/articles/28310650165907-Security-for-AI-features-in-Slack
28. InfoWorld. “85% of Developers Use AI Regularly.” https://www.infoworld.com/article/4077352/85-of-developers-use-ai-regularly-jetbrains-survey.html

---

Tim Green UK-based Systems Theorist & Independent Technology Writer

Tim explores the intersections of artificial intelligence, decentralised cognition, and posthuman ethics. His work, published at smarterarticles.co.uk, challenges dominant narratives of technological progress while proposing interdisciplinary frameworks for collective intelligence and digital stewardship.

His writing has been featured on Ground News and shared by independent researchers across both academic and technological communities.

ORCID: 0009-0002-0156-9795 Email: tim@smarterarticles.co.uk

Hello again. Hope you and your family are well and warm.

As we have all seen in Minneapolis, ICE and and will shoot anyone that it has the any reason to shoot anyone that it wants. It does not make any difference whether the individual is a citizen or not. They and POTUS feel they can shoot and kill anyone with impunity and without the worry that they will ever be charged and prosecuted.

What should be happening is that citizens should be using the non-lethal weapons which ICE uses against citizens and others. Pepper spray, flash bangs and others are weapons which citizens can and should use against the oppressors of the nation.

There may come a point when lethal action may be justified but that is not now. The greatest weapon an unarmed citizen can use against ICE agents is to unmask them. Without anonymity the agents cannot hide and their fellow citizens will know who they are.

POTUS Roaster

Have a good weekend and let your kids enjoy the snow but keep everyone safe. If you like these posts and want to read more, then go to write.as/potusroaster/archive.

In Summary: * Have spent the afternoon watching college basketball games on a local OTA (Over The Air) FOX affiliate TV station which has been interrupting the games frequently with weather updates as the Winter Storm moves into and through South Texas generally and San Antonio particularly. Will continue following the games and weather updates until later tonight when I switch off the TV, finish the night prayers, and get ready for bed.

Prayers, etc.: *I have a daily prayer regimen I try to follow throughout the day from early morning, as soon as I roll out of bed, until head hits pillow at night. Details of that regimen are linked to my link tree, which is linked to my profile page here.

Health Metrics: * bw= 221.79 lbs. * bp= 144/88 (60)

Exercise: * morning stretches, balance exercises, kegel pelvic floor exercises, half squats, calf raises, wall push-ups

Diet: * 08:15 – 1 ham sandwich, 1 banana, 1 HEB Bakery cookie * 12:00 – cooked meat (beef) and vegetable soup, saltine crackers * 14:10 – 1 HEB Bakery cookie (and a few more cookies through the afternoon and evening) * 18:00 – the wife has a roast and potatoes in the oven, she says we'll be eating later

Activities, Chores, etc.: * 08:30 – bank accounts activity monitored * 08:40 – read, pray, follow news reports from various sources, surf the socials * 12:00 – watching college basketball games broadcast OTA as weather permits

Chess: * 13:50 – moved in all pending CC games

Har du hørt om den fantastiske oppfinnelsen Lékué brødbakersett? Det er en brødform og en sleiv i silikon som vil revolusjonere brødbakingen din.

Som vil få deg til å bake brød hver eneste dag. Resten av livet.

Eller vil den det?

Det er mange lovord å lese om settet. Kombinasjonen av form og sleiv er brød-forløsningen fra en annen planet. Nå skal du høre.

Er du den som har kviet deg for å bake brød i de siste, la oss si fem, ti årene? Kan det være fordi du synes det er så mye styr å bake, at det blir så mange skitne kopper og kar og oppvasken blir så stor? Du nikker gjenkjennende.

Ikke fortvil. Du har kommet til rett plass, til riktig produkt. En kjapp tur på nettet der de selger Lékué forteller i korte trekk at brødbakingen har blitt utsatt i mange år, for ikke si tiår. Interessen har blitt borte og grunnen som trekkes frem er at det blir så mye rot og ikke minst oppvask. Og det er tungvint.

Ikke bare det, deigen setter seg alltid fast i bollene når man skal røre sammen deigen.

Med Lékué brødbakersett slipper du alt dette.

Og vi lot oss lure.

Et nært familimedlem solgte inn settet på en mye, mye bedre måte enn internett klarer. Det var så mange lovord. En hel nyttårsfeiring gikk med til lovprising av brødbakersettet.

Den egentlige grunnen til at vi lot oss lure, er at denne nære slektningen er den siste vi så for oss skulle bake. Brød. Men nå var hen altså begynt med det fordi... Ja, fordi Lékué brødbakersett.

– Det er sååå lettvint. Du bare har ingrediensene i formen og rører rundt med en sleiv, hever deigen, setter det i ovnen og steker, og vipps så har du et nydelig nystekt brød. Svisj! – Ikke blir det noe oppvask heller.

Akkurat som oppvasken er et problem i Norge i dag. For vår del har vi hatt oppvaskmaskin i hele vår voksne alder.

Hva er så oppvask-besparelsen på dette fantastisk Lékué brødbakersettet sammenlignet med den måten mamma bakte brød på, lurer du sikkert?

Mamma måtte helle ingrediensene i en bolle. Så måtte hun kna og elte ingrediensene så ikke all salt lå for seg og all gjær lå for seg. Når brøddeigen var hevet ferdig måtte hun ha den over i en brødform. Da hendte det at noe av deigen hadde satt seg fast i plastbollen. Hvis jeg ikke husker feil, så gikk det stort sett greit.

MEN: kan dere tenke dere den oppvasken det ble av dette? Både bollen og brødformen måtte i oppvaskmaskinen. Tenk det, to ting i oppvaskmaskinen.

Det er jo ikke rart jeg aldri orket å bake brød når det var sånn det måtte være.

Med Lékué sitt bødbakersett så heller du ingrediensene i silikonbrødformen. Ja, Lékué skal få for at det er silikon, og dermed slipper deigen litt lettere enn mammas eltebolle. Så bruker du en medfølgende sleiv, silikon må vite, til å røre sammen ingrediensene. Du skal bruke sleiven godt for å røre, ikke elte, sammen ingrediensene. Så lar du deigen heve i formen og når det er gjort smekker du den inn i ovnen på maksimalt 220 grader, det er det silikonformen tåler. Etter en liten time, vips, så har du nystekt brød.

Hva med det som holdt deg borte fra brødbakingen i mange tiår? Rotet og oppvasken? Rotet er hva du gjør det til selv, enten du bruker mamma sin metode eller dette fantastiske Lékué-settet.

Enten du tror det eller ikke, så må ingrediensene i brød som oftest eltes og knas før heving. Det er bare sånn det er. Det finnes visstnok eltefrie brød, og så så finnes det Lékué-sleiv i silikon. Men det er ikke alltid den klarer jobben. Det sier seg selv at en sleiv i mange tilfeller ikke kan konkurrere med elting for hånd, enn si med en kjøkkenmaskin. Ikke tro noe annet.

Hva med oppvasken da, den egentlige grunnen til at du har holdt deg unna brødbaking en halv mannsalder? Vel, tja, hum... Når jeg tenker meg om, så blir den omtrent akkurat som da mamma bakte brød. Lékué brødform og Lékué silikonsleiv må vaskes etter bruk. To ting som må vaskes. Er det mulig? Dette som var så enkelt.

Det er bare å innrømme det. Det var kanskje ikke oppvasken og rotet som holdt deg unna brødbakingen i alle år.

Vurderer du å kjøpe Leuke brødbakersett, kanskje til og med øke følelsen av å gjøre et godt kjøpe ved å putte baguette-formen i handlekurven samtidig, for et godt pakketilbud?

Nei, nei, nei. NEI! Ikke gjør det. Ikke tenk på det en gang. Dette trenger du ikke. Aldri.

Mark 7 opens with a confrontation that feels strangely modern, as if it were written for a world obsessed with appearances, categories, and spiritual signaling. Jesus is questioned not because He has broken the law of God, but because His disciples have violated the traditions of men. They eat with unwashed hands, and this small, visible detail becomes the gateway to a much larger spiritual diagnosis. What looks like a hygiene issue is actually a heart issue. And Jesus does not answer cautiously. He goes straight for the core. He quotes Isaiah and exposes the tension that has always haunted religious life: people who honor God with their lips while their hearts remain far away.

There is something deeply unsettling about that phrase, “far from me.” It suggests not rebellion but distance, not hatred but drift. It implies that someone can speak holy words, observe religious customs, and still be spiritually disconnected. This is the kind of separation that is easy to miss because it looks like devotion on the outside. It wears the clothing of faith. It sounds like righteousness. It keeps the calendar and the customs. Yet the heart is not engaged. The soul is not surrendered. The love is not real. Jesus calls this what it is: worship that is empty because it is built on human rules instead of divine truth.

This is not a rejection of discipline or structure. Jesus is not condemning order or reverence. He is condemning substitution. He is condemning the exchange of God’s commands for human traditions that feel safer and more controllable. When people build their faith around visible markers instead of invisible transformation, religion becomes a costume. It becomes something worn instead of something lived. And once that happens, the entire system can be turned into a shield that protects the heart from change rather than opening it to God.

What Jesus exposes here is not simply hypocrisy; it is misdirection. The Pharisees believe the problem is external. They believe holiness can be maintained by managing surfaces. If the hands are clean, the person is clean. If the ritual is followed, the soul must be right. Jesus flips this logic upside down. He declares that nothing entering the body can defile it. Food does not reach the heart. It goes to the stomach and then passes away. But what comes out of a person reveals what is truly inside. Words, actions, attitudes, and desires originate from the heart, and it is the heart that God measures.

This teaching is radical not because it relaxes morality but because it relocates it. Sin is not just behavior; it is condition. Evil is not merely something done; it is something rooted. Jesus lists what emerges from within: evil thoughts, adulteries, fornications, murders, thefts, covetousness, wickedness, deceit, lasciviousness, an evil eye, blasphemy, pride, foolishness. This is not a random catalog. It is a map of the human interior when left untouched by grace. These are not habits learned from outside contamination; they are expressions of an unrenewed heart.

This is where Mark 7 becomes deeply personal. It does not allow the reader to hide behind culture, upbringing, or environment. It does not permit blame to be shifted outward. The source of corruption is not the meal or the method. It is the heart itself. That diagnosis is painful, but it is also honest. It explains why external reform never lasts. It explains why moral resolutions collapse. It explains why people can change surroundings and still struggle with the same inner battles. The problem is not outside. The problem is within.

And yet, this chapter does not end in condemnation. It moves immediately into a story that seems out of place unless you understand the logic of the heart. Jesus leaves Jewish territory and enters a Gentile region. A woman approaches Him whose daughter is possessed by an unclean spirit. She is not part of the religious system. She does not know the rituals. She does not speak the language of tradition. She simply knows her need. Her plea is raw and persistent. Jesus responds with a metaphor that has troubled many readers: the children should be fed first, not the dogs. On the surface, this sounds dismissive. But the woman does not withdraw. She does not take offense. She does not argue theology. She accepts the order but clings to hope. Even the dogs eat the crumbs that fall from the table.

What is happening here is not insult but invitation. Jesus is revealing something about faith that tradition could never teach. This woman does not rely on lineage or law. She does not point to her record or her knowledge. She brings nothing but trust. Her response shows that she understands something deeper than ritual. She believes that even the smallest portion of Jesus’ power is enough to change everything. Her daughter is healed not because of her status but because of her faith. This is the kind of heart Jesus has been describing. A heart that does not perform but depends. A heart that does not posture but pleads.

In this moment, Mark 7 quietly widens the boundaries of belonging. If defilement does not come from food, and faith does not require tradition, then the kingdom of God is no longer fenced in by ceremony. It is opened by surrender. This woman stands as a living contradiction to the Pharisees. They know the rules but miss the reality. She knows nothing of the system but reaches the Savior. Her story proves that access to God is not achieved by correct procedure but by honest trust.

Jesus then moves again, healing a man who is deaf and has an impediment in his speech. The method He uses is intimate and strange. He puts His fingers in the man’s ears. He touches his tongue. He looks up to heaven and sighs. This is not spectacle. This is compassion enacted through contact. The sigh is not frustration; it is empathy. It is the sound of heaven responding to human limitation. When Jesus says “Ephphatha,” meaning “Be opened,” He is not only commanding ears and tongue. He is revealing the nature of His mission. He has come to open what is closed. Not just physically, but spiritually. Not just senses, but souls.

This miracle is another embodiment of the teaching about the heart. The man cannot hear and cannot speak clearly. These are not random ailments. They symbolize what happens when the heart is blocked. People cannot hear truth and cannot speak praise. They are isolated within their own silence. Jesus does not shout from a distance. He enters the man’s world. He touches what is broken. He connects heaven to earth through presence. The result is immediate clarity. The ears are opened. The tongue is loosed. And once again, Jesus tells them not to broadcast it, but the more He forbids it, the more they proclaim it. Something about restoration refuses to remain hidden.

What Mark 7 weaves together is a theology of transformation that begins inside and moves outward. Clean hands do not make a clean heart. But a renewed heart will inevitably change the hands. This is not a rejection of obedience; it is a reordering of it. Behavior is not the foundation of holiness; it is the fruit of it. The Pharisees tried to grow fruit by painting leaves. Jesus insists on healing roots.

There is a quiet challenge embedded in this chapter for anyone who has lived within religious structures. It asks whether faith has become procedural instead of personal. It asks whether rules have replaced relationship. It asks whether God’s commands have been buried beneath layers of human expectation. Tradition can preserve truth, but it can also imprison it. When forms are honored more than God, worship becomes performance. When reputation matters more than repentance, religion becomes theater.

Mark 7 does not attack faith. It attacks false security. It strips away the idea that holiness can be managed externally. It exposes the illusion that control equals righteousness. It insists that transformation is internal and that God’s primary concern is not what passes through the mouth but what governs the heart.

This teaching confronts modern spirituality just as sharply as ancient ritualism. Today, the washing of hands has been replaced by other markers. Social stances, vocabulary, political alignments, and visible behaviors can all become new purity codes. People signal belonging through hashtags instead of handwashing, through moral outrage instead of measured obedience. But the mechanism is the same. The heart can still be distant while the mouth is loud. The soul can still be proud while the posture looks righteous.

Jesus’ list of what comes from within remains painfully relevant. Pride still dresses itself as principle. Covetousness still hides behind ambition. Deceit still pretends to be diplomacy. An evil eye still judges instead of loves. These are not relics of ancient vice. They are symptoms of an unchanged heart. And they cannot be cleansed by external conformity. They require internal renewal.

The Gentile woman and the deaf man stand as witnesses to this truth. Neither fits the expected profile of holiness. Neither is part of the religious elite. Neither performs the rituals. Yet both receive healing because their encounter with Jesus reaches the heart. One through faith, the other through touch. One through persistence, the other through surrender. Their stories say what the Pharisees could not hear: God is not looking for perfect procedure. He is looking for receptive hearts.

There is also something significant about the geography of this chapter. Jesus moves from Jewish territory to Gentile land and back again. The teaching about defilement is not theoretical; it is enacted in movement. He shows that the barrier between clean and unclean is being redefined. What separates people from God is no longer ceremonial impurity but internal resistance. What unites them to God is no longer ethnic identity but responsive faith.

This does not mean that obedience is irrelevant. Jesus does not dismiss the law. He exposes the misuse of it. He condemns the practice of Corban, where people claim their resources are devoted to God in order to avoid caring for their parents. This is not legalism; it is loophole spirituality. It uses religious language to excuse moral neglect. Jesus calls it what it is: a tradition that nullifies the commandment of God. In doing so, He shows that true obedience is not selective. It does not elevate one command to avoid another. It does not use devotion as an escape from duty. It integrates love for God with love for others.

This is where the chapter becomes uncomfortably practical. It forces the reader to ask not what they avoid, but what they neglect. It challenges not only impurity but indifference. It exposes how religious systems can be manipulated to protect selfishness. The Pharisees thought they were honoring God by declaring resources sacred. Jesus says they were dishonoring their parents. The heart behind the action is what defines it. Without love, even sacred language becomes hollow.

Mark 7 ultimately describes a God who is not fooled by form. He is not impressed by ceremony. He is not deceived by reputation. He sees the interior. He measures the motive. He listens to what flows out when pressure is applied. And what flows out reveals what rules inside.

Yet this is not meant to drive people into despair. It is meant to drive them toward renewal. If the heart is the source of defilement, then the heart must also be the site of healing. That is why Jesus touches the deaf man. That is why He listens to the Gentile woman. That is why He teaches publicly and privately. He is not content to correct behavior. He intends to remake identity.

This chapter, read slowly, dismantles superficial faith and reconstructs it around intimacy with God. It calls for a religion that is not afraid of dirt because it has been cleansed within. It calls for a worship that is not dependent on ritual because it is rooted in relationship. It calls for obedience that is not mechanical but meaningful.

The phrase “be opened” echoes beyond the miracle. It becomes a spiritual invitation. Be opened to truth instead of tradition. Be opened to grace instead of control. Be opened to transformation instead of maintenance. The ears must hear what the heart resists. The tongue must confess what pride hides. The soul must receive what ritual cannot provide.

Mark 7 does not give comfort to those who trust in appearances. It gives hope to those who know their need. It does not flatter the religious; it frees the repentant. It does not polish the surface; it heals the source. And in doing so, it reveals a Messiah who is not managing a system but restoring humanity.

This chapter teaches that the dirt on the hands is not the danger. The distance in the heart is. And the solution is not stricter washing but deeper surrender. The kingdom of God is not entered by the correct gesture but by the receptive soul. Jesus is not building a community defined by what it avoids, but by what it becomes.

In Mark 7, the hands of the disciples are unwashed, but their hearts are learning. The mouths of the Pharisees are clean, but their motives are not. A Gentile woman finds mercy without credentials. A deaf man finds wholeness without words. And a crowd learns that holiness is not something you put on, but something God places within.

This is not the end of the story, but it is a turning point. The gospel is moving outward. The definition of purity is moving inward. And the call of Christ is moving deeper. What defiles a person is not what touches their skin but what shapes their soul. What saves a person is not their adherence to form but their surrender to truth.

And so Mark 7 leaves the reader with a question that cannot be answered by tradition alone. It cannot be resolved by habit or heritage. It can only be answered by honest self-examination: What is really inside?

If the heart is the source of words, then speech reveals allegiance. If the heart is the wellspring of actions, then behavior reveals belief. And if the heart is what God sees, then no performance can substitute for repentance.

Jesus does not come to teach better rituals. He comes to create new hearts. And until that happens, no amount of washing will make a person clean.

This is not a rejection of the past; it is a fulfillment of its promise. The prophets always pointed inward. The law always aimed at love. The rituals always hinted at cleansing. But now the cleansing is not symbolic. It is personal. It is not temporary. It is transformative.

Mark 7 stands as a quiet revolution. It does not overthrow governments. It overthrows assumptions. It does not challenge Rome. It challenges religion. It does not demand loyalty to a system. It demands honesty before God.

And in that demand, it offers something far greater than clean hands. It offers a renewed heart.

Mark 7 does something quietly dangerous to the human ego. It removes the ability to outsource responsibility for our spiritual condition. It dismantles the excuse that our failures are caused by what we consume, where we go, or who we associate with. Jesus makes the battlefield internal. He locates the conflict not in the environment but in the will. This is why His teaching is both liberating and uncomfortable. Liberating, because no one is trapped by circumstance. Uncomfortable, because no one can hide behind it either.

Once the heart is identified as the source, everything else becomes diagnostic rather than cosmetic. Words become windows. Reactions become revelations. Patterns become pathways back to motive. The life of faith is no longer about polishing the outside of the cup but about discovering what is filling it. That is why Jesus’ confrontation with the Pharisees is not harsh for the sake of being harsh. It is surgical. He is cutting away the false confidence that tradition can replace transformation.

There is a deep irony in their obsession with cleanliness. They were afraid of being contaminated by unwashed hands, yet they were blind to the contamination of pride, judgment, and manipulation. They feared impurity that could be seen and ignored impurity that could not. This is the perennial temptation of religion: to measure what is measurable and neglect what is meaningful. Hands can be inspected. Hearts cannot. So systems are built around hands. But God has always built His covenant around hearts.

When Jesus says that what comes out of a person defiles them, He is not redefining sin; He is revealing it. He is not lowering standards; He is locating them correctly. The list He gives is not a social critique but a spiritual inventory. Evil thoughts are not simply ideas; they are the seeds of action. Adulteries and fornications are not merely physical acts; they are the fruit of disordered desire. Murders and thefts begin long before they occur. Covetousness grows in imagination before it appears in behavior. Pride disguises itself as confidence. Foolishness parades as freedom. Each item in His list is a symptom of a heart that has not been reoriented toward God.

This is why the healing stories that follow are not random illustrations but living parables. The Gentile woman’s daughter is tormented by an unclean spirit. The man is trapped in silence and isolation. Both are examples of what happens when something foreign occupies space that should be governed by God. In one case it is a spirit. In the other it is disability. But in both cases, Jesus restores order by presence. He does not send instructions. He does not perform rituals. He enters the situation Himself.

The woman’s persistence is especially instructive. She does not ask for a seat at the table. She asks for mercy beneath it. She accepts the structure but trusts the compassion. In doing so, she demonstrates what the Pharisees lacked: humility. She does not come with entitlement; she comes with dependence. Her faith is not theoretical; it is urgent. It is shaped by need rather than status. And Jesus honors it not because of its rhetoric but because of its reality.

This exchange reveals that the heart God responds to is not the heart that has mastered language but the heart that has embraced truth. She does not argue for her worthiness. She appeals to His goodness. She does not deny the order of Israel’s calling. She clings to the abundance of His grace. And in that clinging, the barrier between Jew and Gentile is quietly crossed.

Then the deaf man is healed, and the method matters as much as the miracle. Jesus uses touch. He uses breath. He uses sound. This is not efficient. It is relational. He meets the man where he is. He communicates in the language of the senses. He shows that healing is not only about function but about connection. The sigh He releases before speaking is not just physical; it is theological. It reveals that heaven is not indifferent to human limitation. God does not heal with detachment. He heals with compassion.

When the man begins to hear and speak plainly, it is not only a restoration of ability; it is a restoration of participation. He can now join conversation. He can now respond to others. He can now bear witness. And the crowd, astonished, says that Jesus has done all things well. This is more than praise. It is confession. It echoes creation language. It implies that something new is being formed. That brokenness is being reversed.

All of this returns to the question of what defiles. If defilement is internal, then cleansing must also be internal. And this is where Mark 7 prepares the ground for the rest of the gospel. Jesus is not merely correcting misunderstandings about food laws. He is preparing the reader for a different kind of purification altogether. One that will not be achieved through washing but through sacrifice. One that will not be maintained by separation but by union. One that will not be managed by human effort but by divine intervention.

This chapter insists that the heart is not neutral. It is either governed by God or by something else. And whatever governs it will eventually express itself. That is why Jesus does not allow people to remain comfortable with surface righteousness. It is too fragile. It collapses under pressure. It creates a religion that is brittle and defensive. True righteousness, by contrast, is resilient. It can engage the world without fear. It can touch what is unclean without becoming it. It can enter Gentile territory without losing identity.

The Pharisees feared contamination. Jesus demonstrated transformation. They avoided impurity. He overcame it. They guarded borders. He crossed them. They maintained systems. He restored people. These are not small differences. They represent two entirely different visions of holiness. One is based on exclusion. The other on redemption. One is focused on preservation. The other on restoration.

Mark 7 also forces a reconsideration of what obedience looks like. Obedience is not merely adherence to custom. It is alignment with God’s heart. When Jesus accuses the Pharisees of nullifying God’s commandment through tradition, He is not condemning tradition itself. He is condemning tradition that contradicts love. The command to honor father and mother is not ceremonial. It is relational. It is ethical. It cannot be bypassed by spiritual language. This shows that true obedience is integrated. It does not compartmentalize devotion and duty. It does not allow one to replace the other.

In this way, Mark 7 dismantles the illusion that spiritual activity can substitute for moral responsibility. It reveals that neglect dressed in sacred language is still neglect. It teaches that calling something “for God” does not automatically make it godly. Motive matters. Outcome matters. Love matters. And these cannot be manufactured through form alone.

The chapter also exposes the danger of building identity around contrast rather than calling. The Pharisees defined themselves by what they did not do and what others did wrong. Jesus defines His followers by what He is doing in them. One produces arrogance. The other produces gratitude. One isolates. The other reconciles. One preserves hierarchy. The other restores humanity.

This distinction matters because it shapes how faith engages the world. A faith built on fear of contamination withdraws. A faith built on transformation enters. Jesus does not instruct His disciples to wash their hands differently. He instructs them to think differently. The issue is not technique but trust. If God is at work in the heart, then contact with the world is not a threat. It is an opportunity.

Mark 7 therefore stands as a turning point in how holiness is understood. It moves the conversation from “What must I avoid?” to “What must I become?” It replaces the language of protection with the language of renewal. It shifts focus from managing exposure to cultivating integrity. It teaches that holiness is not something you preserve by distance but something you express through love.

This does not make holiness easier. It makes it deeper. It requires self-examination instead of comparison. It demands repentance instead of performance. It calls for humility instead of hierarchy. It insists that God’s work be allowed to reach the place we most carefully guard: the heart.

The Gentile woman and the deaf man show what happens when that guard is lowered. Healing occurs. Connection is restored. Praise erupts. Their stories are not about inclusion for its own sake. They are about transformation through encounter. They show that when the heart meets Christ, the categories that once defined identity lose their power.

Mark 7 does not resolve every tension between law and grace, but it reorients the reader toward the source of true purity. It teaches that the deepest defilement is not what enters the mouth but what exits the soul. It reveals that the most dangerous distance is not geographic but relational. And it shows that the most profound cleansing is not ritual but relational as well.

The command “be opened” can be heard as the echo of the entire chapter. Be opened to the truth about the heart. Be opened to the mercy that crosses boundaries. Be opened to the healing that touches broken places. Be opened to a holiness that begins inside and reshapes everything else.

This chapter invites a different way of measuring faith. Not by visible markers, but by invisible movements. Not by rules mastered, but by love expressed. Not by what is avoided, but by what is restored. It calls believers to examine not their hands but their motives, not their customs but their compassion, not their traditions but their trust.

Mark 7 ends without a formal conclusion, but its message lingers. It leaves the reader standing between two models of religion. One that cleans the outside and leaves the inside untouched. Another that transforms the inside and allows the outside to follow. One that protects itself from the world. Another that brings healing into it. One that speaks loudly but listens little. Another that listens deeply and speaks truthfully.

The dirt on the hands was never the danger. The distance in the heart was. And the answer was never better washing. It was deeper surrender.

This chapter teaches that God’s concern has always been the interior life. That what flows out of a person reveals what rules within them. And that the kingdom of God advances not by stricter boundaries but by renewed hearts.

Jesus does not come to manage impurity. He comes to replace it. He does not come to regulate behavior alone. He comes to remake desire. He does not come to enforce tradition. He comes to fulfill truth.

And in Mark 7, that fulfillment begins with a question that still confronts every reader: What is really inside?

Your friend, Douglas Vandergraph

Watch Douglas Vandergraph’s inspiring faith-based videos on YouTube

Support the ministry by buying Douglas a coffee

There is a saying in cryptocurrency: “not your keys; not your coins.”

In essence, if you don't control the keys to the wallet containing the cryptocurrency—usually a series of random words generated at the time that the wallet is created—then you don't really own the money inside it.

It's the difference between having your money in a bank that actually possesses your cash and lets you access it, or in an impenetrable safe where only you know the combination. If you possess the cash and the safe, you truly own the money.

The same can be said for encryption. Whether you realize it or not, it's likely that many of your devices enable encryption by default. For example, iPhones are encrypted by default and so are most modern Windows machines.

Sounds good, right?

But it presents the same problem as with crypto: who holds the keys?

When your Windows computer is encrypted, it's using Microsoft's BitLocker. The data can be accessed only once you type in your password or PIN, or authenticate with biometrics. However, Microsoft also ensures that a recovery key is created and backed up to your Microsoft account.

It's a convenient solution and provides an avenue of recovery should you ever forget your password or PIN. But it also means that Microsoft has access to that recovery key at any time.

This was evidenced recently when Microsoft gave the FBI the recovery keys to unlock hard drives belonging to suspects in a fraud case.

Notably, Microsoft complies with these kinds of requests from law enforcement multiple times each year:

Microsoft told Forbes that the company sometimes provides BitLocker recovery keys to authorities, having received an average of 20 such requests per year.

The story isn't much different at Apple, though there are some notable improvements. The company's iCloud services are encrypted by default, but similar to Microsoft, the decryption keys are sent to Apple's servers, giving the company access if needed.

The good news is that Apple has set aside 14 categories that it says it cannot access no matter what, as the keys are only stored on your devices. These categories include your messages, health, passwords, and maps.

Owning your data is a form of digital autonomy

Some might say Microsoft sharing a user's recovery key with law enforcement is not a problem. Generally speaking, the Decent Project agrees.

The Decent Project believes that law enforcement has a job to do and there are laws within which they must operate. When law enforcement has identified a suspect and obtains a lawful warrant to access account information from a company, we do not argue that the company is under an obligation to comply.

Instead, the Decent Project advocates for individuals to minimize their own risks by reducing their attack surface. If Microsoft or Apple do not have access to decryption keys, then there's virtually nothing they can turn over.

To be clear, government officials seeking information via a lawful warrant is the least of our concerns. Instead, we recognize that what is available to the “good guys” is also available to the “bad guys.”

Any decryption key stored by Microsoft or Apple runs the risk of being exploited by rogue employees, hackers, or government officials who are not operating with the bounds of the law.

Are you comfortable them seeing all your photos? Your digital journals? Your notes? Your health records?

The best defense is an offense in which individuals retain control of their data—and most importantly—the keys to it.

Recommendations

Turn on encryption wherever possible

Whether it's your computer or phone, if there are options to encrypt your device your should always do so.

Encrypting your device ensures better security and privacy, but does comes with additionally responsibility.

When encrypting your devices, you should look for options that allow you to control the recovery/decryption keys. With BitLocker, for example, this means declining any options to store the recovery key in your Microsoft account.

Keys should be securely stored and this can be done by using a reputable password manager—another basic privacy and security tool discussed below.

Turn on Apple's Advanced Data Protection

For Apple users, it is a simple procedure that can be done by following this guide.

There are two ways you can ensure recovery, one is by designating a trusted contact who would be able to use their Apple device to unlock your account, or by storing the recovery key yourself.

You'll have to decide which method is best for you, but again, storing your own recovery key is the safest method—just be sure to store it in a manner that ensures it will not get lost, stolen, or compromised.

Use a password manager

It is 2026. If you are not yet, it is time to start using a password manager.

There are a number of free or nearly free options out there that will greatly enhance your privacy and security.

Password managers almost always include password generators to ensure unique and strong passwords for each account. Your credentials can be autofilled so you virtually never have to type in your passwords or copy/paste.

A reputable password manager is an essential tool in an idividual's privacy and security toolkit. Please check out our Resources page where you can find recommendations. (As of the time of this writing, we are still working to put this together but it should be there for those reading this the future).

Many providers also allow you to securely store more than just passwords. You can store passphrases, decryption keys, or files. This makes it extremely easy to take advantage of encryption while not relying on providers like Microsoft and Apple to store your decryption keys.

~ Torman

Verify this post: Source | Signature | PGP Key

#privacy #security #bigtech #encryption

---

If you enjoyed reading this or found it informative, please consider subscribing in order to recieve posts directly to your inbox:

Also feel free to leave a comment here:

When I was 16 years old, I wanted to be Joan Didion. I still want to be Joan Didion. She was such a brilliant writer she even managed to make migraines glamorous.

I was especially enthralled with everything she wrote about California, from the iconic long-form piece on Haight-Ashbury to the essays on Patty Hearst and John Wayne and the Los Angeles freeway. The image I conjured from her work was of a sleek, cold, modern, fast-moving and decadent utopia. LA always seemed to be zipping into the future, shedding the past as quickly as possible.

Yet as I stand here for the first time in Las Vegas, it seems to me that Vegas, not LA, is the true land of the eternal present. History is everywhere in Los Angeles, if you pay attention. But here, in Vegas, the past, present, and future converge into an endless, looping reel of the same day.

Las Vegas in My Dreams

In the movies (and most Gen-Xers grew up on Mob movies, which meant growing up on Vegas), it always looks like James Caan walks out of one casino and into another like he's walking across the street. I thought one could jaunt down the Strip, popping in and out of casinos like so many candy stores, stopping just about anywhere for a big steak and a full-bodied red wine whenever one felt like it.

But Las Vegas isn't like this at all. Each hotel/casino is a small city of its own. The place is designed to keep you inside one of those cities. Well into the fourth day of the trip, I was still exiting the monorail, hoping to just cross the street as in a normal city, but finding myself trapped in what felt like a 2-mile hike through souvenir shops, long hotel corridors, and casino after casino.

There is no stopping for quiet reflection over a cup of coffee here. The lights and the noise and the street performers and the traffic and the casinos never, ever stop, and you could spend an entire week or more here being entertained and fed without ever going outside.

This is what the eternal present feels like. Neon lights flashing and bells ringing, and those golden 3-D coins billowing from the slot machine screen when you get a win. I confess I expected more Dean Martin and less AC-DC on my first visit, but there is no sentimentality here. The music will be loud, it will be relentless, and you will eventually give in to a city that has absolutely no time for anything other than keeping those dollars flowing through space and time.

The Fremont Experience

But then, eventually, you will find the Fremont Historic District. I only found it by accident, as a friendly cab driver explained the point of the district while he was taking me to the Mob Museum (which is within 4 blocks).

The Fremont Historic District does not assault you with nostalgia, but you will find a few plaques and signs here and there that remind you of the older Vegas that most of us see in our dreams.

You will also find some of the older casinos that still look mid-century modern and are uniquely American, in contrast to the gleaming, global towers of The Strip. People seem more relaxed, and the tacky but lovable souvenir shops have some unique objects in the midst of the usual kitsch.

People seem more relaxed here, like they are having fun rather than recording the good times for social media or trying to live up to their movie idea of Vegas. When I visited, one youngish clerk who had served in Afghanistan spent forty leisurely minutes explaining why I should try psychedelic mushrooms as customers swirled around the shop, trying in vain to get a hit. This would be highly unlikely to happen on The Strip.

Las Vegas Redux

If you visit Vegas, maybe take at least one afternoon to stroll through Fremont. You will get some great pictures and a respite from the eternal present. And if you eat at The Triple George Grill, don’t be surprised if you hear the tinkly laugh of Marilyn Monroe as Dean Martin turns on the charm in one of the private booths behind you. This is just an illusion, of course. But it’s a good one.

Amazon announced that on January 20th, 2026, they were going to make any book that wasn’t DRM protected to be available for download as an epub or a pdf. For anyone who has followed me on my social media, they know that I’m an absolutely fan of the epub format. It is one of the few ways that you can own digital products where a company doesn’t have their greedy, restrictive hands on it. I think it is a big deal that Amazon has seen enough of a threat from other epub distributors that they are loosening their hold.

I went to my Kindle library to see what was available and discovered that out of 116 books that I own, only 5 were able to be downloaded. And three of them were dictionaries. To be clear, I do not in any way fault authors in wanting to use DRM to protect their works. I can understand the need to want to protect something they created and I know I might be approaching this while being selfish. It’s just that I was hoping there would be a lot more of my library available to save in my calibre library in case Amazon’s AI randomly decides I’m somehow a bad person and bans me which would mean I lose access to my entire library. (Yes, you do not own your books per Amazon. You license and thus subject to losing access if you are banned for whatever reason.) This is why I actually try to buy from websites that provide an epub (thank you Smashwords).

What is the point of all this?

Nothing really. I just wanted to write out my feelings about the whole ownership of your digital content, the games that are played and an author’s valid concern over protecting one’s work. This is also my blog to share thoughts like this to inflict on everyone else (joking of course).

In my case, if you are someone who does enjoy reading my works, if you do buy from Amazon, you’ll find that all my works are not DRM restricted where possible and are available for download as epubs. I know I can’t stop pirates from stealing my works even with DRM (there are ways to strip DRM from amazon books).

Anyhow. That’s my thoughts on the subject.

« Le bas du village, côté rivière. » © Gilles Le Corre Courtesy of Gilles Le Corre & ADAGP

---