cat ./cv/richard-hallett.md

Richard (Kai) Hallett

Agentic Systems Engineer · kai@oceanheart.ai

I don't write the application code any more. I write the systems that make it safe for agents to write the application code: verification pipelines, context-window economics, operator telemetry. The 15 years I spent as a cognitive behavioural therapist before engineering turned out to be the preparation for exactly this — noticing when a system is producing confident, coherent output that is completely wrong, and building the structural controls that catch it.

Looking for a role where operational rigour in agentic systems is legible.

What I built

Everything below is auditable in the public repo. The git log is the proof.

The Gauntlet

Multi-model adversarial review pipeline enforced as a git pre-commit hook. Claude and OpenAI independently red-team every code change against a structured adversarial prompt. Cryptographic attestations tied to git tree hashes — if the staged content changes after review, the attestation goes stale and the commit is blocked. Code does not enter the branch without surviving autonomous red-teaming and passing deterministic tests.

Pitkeel

Operator telemetry daemon. Tracks session duration, scope drift, velocity, ultradian cycles, and cognitive reserves (meditation, exercise). Progressive fatigue warnings at 90min/2h/3h thresholds. The sleep daemon will shut down the operating system if reserves deplete — not metaphorically. Pure-function analysis core (517 lines, fully tested) with a strict IO boundary layer. The architecture came directly from CBT's model of cognitive load and behavioural activation.

Signal notation

A compression protocol for human-agent communication. 4.5:1 token reduction over prose governance docs. Tested across Claude, OpenAI, and Gemini — 6/6 decode accuracy, 8/8 question accuracy, model-portable.* Not a DSL. No parser, no build step. It compresses process discipline, not prompt wording.

* Early results from a single test run. Further validation pending.

Slopodar

Field taxonomy of LLM anti-patterns caught in the wild: epistemic theatre, paper guardrails, analytical lullabies, sycophantic drift. 40+ entries, each with detection heuristics, severity grading, and the story of how it was caught. Includes programmatic detectors that run on the sloptics page — the page annotates itself.

Deterministic build orchestration

26-task dependency graph in Make. Each task is a one-shot agent execution with a plan file as sole input. No interactive steering, no trajectory corruption, no context bloat. The plan is the prime context; the gate is the reviewer. Human reviews after execution, not during.

How a commit works

This is a real commit message from the repo. The trailers are machine-generated by git hooks. Nothing here is manual status reporting.

feat(pitkeel): add reserves tracking, sleep daemon, and session noise [E1]

Implement L12 human protection upgrade (Epic 1):

- Reserves system: tracks time since last meditation/exercise via
  append-only TSV (docs/captain/reserves.tsv)
- Sleep daemon: background process checks reserves every 15min,
  two-phase shutdown (10min warning + 60s grace) with desktop
  notifications that survive daemonization
- Session noise: progressive warnings at ultradian cycle (90min),
  2h advisory, 3h danger threshold
- CLI: pitkeel reserves, log-meditation, log-exercise, daemon start/stop/status
- 20 new tests (54 total), all passing

Darkcat findings (2 rounds, Claude + OpenAI):
- R1: PID reuse vulnerability, missing two-phase shutdown, naive
  timezone crash, wrong PID after fork — all fixed
- R2: Dead constant, concurrent append race, notification spam,
  spec status drift — all fixed

Gate: typecheck + lint + test = green
Pitkeel tests: 54/54 passed
Gauntlet: gate + dc-claude + dc-openai + pitkeel + walkthrough

keel: context: d1:0.16 / d2:0.32 / d3+:0.53
Gauntlet: gate+claude+openai+pitkeel+walkthrough @ dec8b5a3 [full]

Darkcat Two independent LLMs reviewed this code adversarially. They found 8 defects. All 8 were fixed before commit.

Gate Static analysis, linting, and full test suite — the deterministic floor.

Walkthrough Human attestation requiring actual sudo — no agent can provide the password.

keel: context How far the agent drifted from its core task domain during the session. Measured automatically.

Experience

2024–present

Agentic Systems Engineer

Oceanheart.ai

Building the coordination layer that makes human-AI delegation reliable. 11 specialised agents, 316+ session decisions on file, every commit cryptographically attested. The repo is public.

2022–2024

Software Engineer

EDITED · Retail analytics

React, TypeScript, Python. Data visualisation of ML-driven retail insights. Enterprise SaaS.

2021–2022

Software Engineer

Brandwatch · Social intelligence

2019–2021

Software Engineer

Telesoft Technologies · Network security

2004–2019

Cognitive Behavioural Therapist

NHS / Private Practice

15 years clinical practice. PGDip CBT (Royal Holloway). The core skill is noticing when someone — including yourself — is producing plausible-sounding nonsense. This turned out to be directly load-bearing for agentic engineering: context-window management maps to working memory, system prompts map to behavioural bounds, and pitkeel is a cognitive load monitor for the human operator.

Education

PGDip Cognitive Behavioural Therapy

Royal Holloway, University of London

BSc Psychology

UWE Bristol

Technical

Agentic infrastructure

Multi-agent orchestration Adversarial CI/CD Git hook enforcement Cross-model review Deterministic build graphs

LLM operations

Context-window compression Structured prompt protocols Claude / OpenAI / Gemini Anti-pattern detection

Systems

Python Go Node.js PostgreSQL Bash Make

Frontend

TypeScript React Next.js Tailwind

Human-computer interaction

Operator telemetry Cognitive load mapping Behavioural safeguards Fatigue monitoring