Module: 12 · Duration: ~90 min (this module IS the lab — design + build + audit)
[SLIDE 1] Module Twelve: the Capstone. Build a production-grade harness from scratch. Ninety minutes. Every module applied. This is your portfolio artifact and the Course 1 credential.
[SLIDE 2] You've spent eleven modules learning the components — the loop, the tools, context, memory, sandboxing, permissions, error handling, state, verification, observability, security. Now you integrate them into a working production harness, designed, built, audited, attacked, and defended by you.
[SLIDE 3 — 12.1] Sub-section 12.1: the Design Document.
[SLIDE 4 — 12 decisions] State all twelve rubric decisions BEFORE writing a line of code. Loop architecture — Module 1. Tool design — Module 2. Context management — Module 3. Memory — Module 4. Sandboxing — Module 5. Permission — Module 6. Error handling — Module 7. Checkpointing — Module 8. Prompt assembly — Modules 3 and 9. Subagents — Module 1.3. Verification — Module 9. Observability — Module 10. Plus the security threat model from Module 11: which of the nine defense layers will you implement in version one? The design-document-first discipline prevents building-then-rationalizing. Decide before you build; defend each choice.
[SLIDE 5 — 12.2] Sub-section 12.2: the Build.
[SLIDE 6 — MVP] The minimum viable production harness. A ReAct loop with all five stop conditions — Module 1. Four tools with Pydantic or Zod schemas and structured error returns — Module 2. A compaction threshold — Module 3. A two-tier memory system: working files plus episodic log — Module 4. A sandbox: Docker for single-tenant, with filesystem and network scoping — Module 5. Risk-tiered permissions with capability checks — Module 6. The error taxonomy: transient, LLM-recoverable, user-fixable, fatal — Module 7. Atomic checkpointing with temp-plus-rename — Module 8. A computed verification gate — Module 9. The eight-field per-turn payload for observability — Module 10. And security: untrusted-content tagging, capability permissions, and scoping — Module 11. Each item is one module's deliverable, integrated into one working system.
[SLIDE 7 — 12.3] Sub-section 12.3: Audit and Iterate.
[SLIDE 8 — Self-audit] Run the six-phase deep-dive methodology from Module 0.3 on your OWN harness. Fill in the twelve-module scoring sheet — score yourself out of sixty. Execute the three offensive attacks from Module 11: indirect injection, memory poisoning, tool abuse. Fix the vulnerabilities your audit found. Write the Architect's Verdict — three sentences — and the MLSecOps Relevance note — one sentence — for your own work.
[SLIDE 9 — Course 1 complete] You can design a harness — twelve decisions, defended. You can build one — every module integrated. You can audit one — six phases, a score out of sixty. You can attack one — three offensive techniques. You can defend one — the nine-layer stack. This is the Harness Engineer credential. Next steps: Course Two — push this harness into offensive and defensive security. Or the twenty-one deep-dives — apply the six-phase method to real production harnesses. Course 1 is complete.
# Teaching Script — Module 12: Capstone **Module**: 12 · **Duration**: ~90 min (this module IS the lab — design + build + audit) [SLIDE 1] Module Twelve: the Capstone. Build a production-grade harness from scratch. Ninety minutes. Every module applied. This is your portfolio artifact and the Course 1 credential. [SLIDE 2] You've spent eleven modules learning the components — the loop, the tools, context, memory, sandboxing, permissions, error handling, state, verification, observability, security. Now you integrate them into a working production harness, designed, built, audited, attacked, and defended by you. [SLIDE 3 — 12.1] Sub-section 12.1: the Design Document. [SLIDE 4 — 12 decisions] State all twelve rubric decisions BEFORE writing a line of code. Loop architecture — Module 1. Tool design — Module 2. Context management — Module 3. Memory — Module 4. Sandboxing — Module 5. Permission — Module 6. Error handling — Module 7. Checkpointing — Module 8. Prompt assembly — Modules 3 and 9. Subagents — Module 1.3. Verification — Module 9. Observability — Module 10. Plus the security threat model from Module 11: which of the nine defense layers will you implement in version one? The design-document-first discipline prevents building-then-rationalizing. Decide before you build; defend each choice. [SLIDE 5 — 12.2] Sub-section 12.2: the Build. [SLIDE 6 — MVP] The minimum viable production harness. A ReAct loop with all five stop conditions — Module 1. Four tools with Pydantic or Zod schemas and structured error returns — Module 2. A compaction threshold — Module 3. A two-tier memory system: working files plus episodic log — Module 4. A sandbox: Docker for single-tenant, with filesystem and network scoping — Module 5. Risk-tiered permissions with capability checks — Module 6. The error taxonomy: transient, LLM-recoverable, user-fixable, fatal — Module 7. Atomic checkpointing with temp-plus-rename — Module 8. A computed verification gate — Module 9. The eight-field per-turn payload for observability — Module 10. And security: untrusted-content tagging, capability permissions, and scoping — Module 11. Each item is one module's deliverable, integrated into one working system. [SLIDE 7 — 12.3] Sub-section 12.3: Audit and Iterate. [SLIDE 8 — Self-audit] Run the six-phase deep-dive methodology from Module 0.3 on your OWN harness. Fill in the twelve-module scoring sheet — score yourself out of sixty. Execute the three offensive attacks from Module 11: indirect injection, memory poisoning, tool abuse. Fix the vulnerabilities your audit found. Write the Architect's Verdict — three sentences — and the MLSecOps Relevance note — one sentence — for your own work. [SLIDE 9 — Course 1 complete] You can design a harness — twelve decisions, defended. You can build one — every module integrated. You can audit one — six phases, a score out of sixty. You can attack one — three offensive techniques. You can defend one — the nine-layer stack. This is the Harness Engineer credential. Next steps: Course Two — push this harness into offensive and defensive security. Or the twenty-one deep-dives — apply the six-phase method to real production harnesses. Course 1 is complete.