Security, Privacy & Guardrails — Deep Dive
Comprehensive security documentation for the MangaAssist AI chatbot system design, covering production scenarios, architecture decisions, interview preparation, and storytelling techniques.
Documents
| # | Document | What It Covers | Best For |
|---|---|---|---|
| 01 | Prompt Injection Defense | Attack taxonomy (direct, indirect, multi-turn, exfiltration), multi-layer defense architecture, red-team test matrix, 4 production scenarios | Understanding adversarial LLM attacks and defenses |
| 02 | PII Protection & Data Privacy | 4-layer detection pipeline (regex + NER + custom + confidence routing), GDPR deletion, multi-locale PII, data retention architecture | Privacy engineering and regulatory compliance |
| 03 | Guardrails Pipeline Deep Dive | 6-stage pipeline (PII → Price → Toxicity → Competitor → ASIN → Scope), execution analysis, intent-aware configuration, 4 production scenarios | Core guardrail architecture and debugging |
| 04 | Content Moderation & Abuse Prevention | HLD and LLD for abuse prevention, shopping-specific abuse patterns, rate limiting, behavioral scoring, 4 production scenarios, follow-up Q&A | Abuse detection and anti-scraping defense |
| 05 | Incident Response & Forensics | Severity classification (SEV-1 to SEV-4), detection architecture, forensic logging, runbook templates, 3 production scenarios | Incident management and post-mortems |
| 06 | ML-Specific Threats | Model extraction, RAG data poisoning, adversarial classifier attacks, model inversion, bias & fairness | AI/ML security beyond traditional application security |
| 07 | Third-Party & Supply Chain Risk | Bedrock shared responsibility, dependency CVE management, SBOM, vendor lock-in assessment, cross-region failover | Supply chain security and operational resilience |
| 08 | Encryption & Key Management | 3-CMK key hierarchy, envelope encryption for PII, VPC endpoints, secrets management, encryption performance optimization | Cryptographic architecture decisions |
| 09 | Interview Scenarios | 40 new questions across 6 difficulty levels and 10+ personas, with compact hints | Interview preparation (non-overlapping with existing pack) |
| 10 | Storytelling Guide | STAR-D framework, opening hooks, weak vs. strong examples, audience framing, document narrative structure | Interview delivery and written communication |
Reading Order
For system design interviews: 1. Start with 03 — Guardrails Pipeline (the core differentiator) 2. Then 01 — Prompt Injection (most asked about) 3. Then 05 — Incident Response (demonstrates operational maturity) 4. Then 10 — Storytelling Guide (how to present the above)
For security-focused interviews: 1. Start with 01 — Prompt Injection 2. Then 06 — ML-Specific Threats 3. Then 08 — Encryption 4. Then 02 — PII Protection
For comprehensive preparation: - Read docs 01-08 in order (they cross-reference progressively) - Then 09 — Interview Scenarios to test yourself - Then 10 — Storytelling Guide to refine delivery
Relationship to Other Folders
| This Folder | Related Folder | Relationship |
|---|---|---|
| 01-08 (scenario docs) | Challenges/ | This folder goes deeper per security topic; Challenges covers broader real-world issues |
| 01-08 (scenario docs) | Debugging/ | Complementary — Debugging covers logging infrastructure; this folder covers security-specific forensics |
| 09 (interview questions) | MangaAssist-Interview-Pack/ | 40 new questions, non-overlapping with existing 9 security questions in the interview pack |
| 10 (storytelling) | Prompt-Engineering/ | Different domains — this covers interview/document storytelling, not LLM prompt design |
| 03 (guardrails) | 10-ai-llm-design.md | This folder deep dives into the guardrails mentioned in the AI/LLM design doc |
| 07 (supply chain) | 11-scalability-reliability.md | Complementary — scalability covers availability; this covers security resilience |
| All docs | 12-security-privacy.md | This folder is the deep dive expansion of the original security overview |
Key Metrics Across All Documents
| Metric | Value | Source Doc |
|---|---|---|
| PII false positive rate | 8% → 0.4% | 02 |
| Guardrail pipeline latency | 14-27ms (serial) | 03 |
| Fallback rate (overblocking incident) | 14% → 2.8% | 03 |
| SEV-1 containment time | < 15 min target, 8 min actual | 05 |
| Cross-session blast radius | 23 sessions over 3 days | 05 |
| Encryption overhead (optimized) | 35ms → 2ms with key caching | 08 |
| Security infrastructure cost | ~$2,000/month (production) | 09 Q38 |
| Interview questions | 40 new + 9 existing = 49 total | 09 |