AI & Agents

• 1: AI, LLMs, ChatGPT, Claude, and Agents: A Practical Primer
• 2: How to Prompt Without Feeling Weird
• 3: AI Safety for Normal People
• 4: Local AI vs Cloud AI
• 5: What AI Agents Actually Are

1 - AI, LLMs, ChatGPT, Claude, and Agents: A Practical Primer

If you have heard people talk about AI, LLMs, ChatGPT, Claude, or agents, it can feel like everyone is using the same words to mean different things.

That is because they often are.

This guide is a practical, non-hype primer. It is written for someone who wants to understand what these tools are, how they differ, when they are useful, and when to be careful.

The short version

• AI is the broad category: software that performs tasks we associate with intelligence.
• Machine learning is one way to build AI: systems learn patterns from data instead of being hand-coded for every rule.
• Large language models, or LLMs, are machine learning models trained to work with language.
• ChatGPT, Claude, Gemini, and similar products are applications built around LLMs.
• Agents are LLM-based systems that can use tools, follow goals, and sometimes take actions on your behalf.

A normal chatbot answers.

An agent can answer, search, read files, call APIs, run commands, create documents, update tickets, or trigger workflows.

That difference matters.

What is AI?

Artificial intelligence is a broad umbrella term. It does not refer to one specific product or one specific technology.

AI can include:

• spam filters
• recommendation systems
• facial recognition
• voice assistants
• image generators
• language models
• autonomous planning systems

Some of these systems are simple. Some are extremely complex. Some feel intelligent. Some are just math wearing a convincing hat.

When most people talk about AI today, they usually mean tools powered by large language models.

What is an LLM?

An LLM, or large language model, is a model trained on enormous amounts of text so it can predict and generate language.

At a simple level, it learns patterns like:

• what words tend to appear near each other
• how questions are usually answered
• how code is structured
• how emails, essays, recipes, documentation, and conversations are written
• how different concepts relate to each other in language

That does not mean the model is conscious. It does not mean it “knows” things the way a person knows things.

A useful mental model is:

An LLM is a very powerful language prediction engine that can reason through language, but it does not automatically know whether its answer is true.

That last part is important.

LLMs can produce excellent explanations. They can also produce confident nonsense. The confidence is style, not proof.

Is an LLM just autocomplete?

Kind of — but that description is both true and misleading.

Technically, LLMs generate likely next tokens based on context. Tokens are chunks of text: words, parts of words, punctuation, or code symbols.

So yes, there is an autocomplete-like mechanism underneath.

But modern LLMs are trained and tuned in ways that let them do much more than finish sentences. They can:

• summarize documents
• compare options
• explain concepts
• draft messages
• translate text
• write and debug code
• classify information
• reason through multi-step problems
• follow formatting instructions

Calling them “just autocomplete” is like calling a calculator “just electricity.” Technically adjacent, but not the useful part.

ChatGPT vs. Claude vs. Gemini

ChatGPT, Claude, and Gemini are products built around LLMs.

The rough mapping looks like this:

These tools are the same general species, but they do not behave identically.

They differ in:

• writing style
• refusal and safety behavior
• coding ability
• math and reasoning performance
• context window size
• tool access
• memory features
• privacy terms
• cost
• speed

It is reasonable to prefer different tools for different jobs.

For example:

• Use one model for polished writing.
• Use another for code review.
• Use another for brainstorming.
• Use a local model when privacy matters more than raw capability.

The best tool depends on the task.

What is context?

Context is the information the model can see while answering.

That can include:

• your prompt
• previous messages in the conversation
• uploaded files
• retrieved search results
• tool outputs
• memory entries
• system instructions

Models do not automatically know everything about you, your files, your family, your job, or your preferences. They answer based on what is in context, plus what they learned during training.

If you want a better answer, give better context.

Bad prompt:

Help me write this.

Better prompt:

Help me rewrite this email so it sounds warm but clear. The audience is my child's teacher. I want to ask for a meeting about missing assignments without sounding accusatory.

The second prompt gives the model a goal, tone, audience, and constraints.

That is usually the difference between a generic answer and a useful one.

What are LLMs good at?

LLMs are strongest when the task is language-heavy, pattern-heavy, or explanation-heavy.

Good uses include:

• rewriting emails
• summarizing long documents
• explaining confusing topics
• comparing pros and cons
• creating checklists
• brainstorming ideas
• turning notes into a draft
• generating first-pass code
• reviewing text for clarity
• translating jargon into plain English
• creating study guides
• preparing questions for a meeting

A good way to use an LLM is as a thinking partner.

Not an oracle. Not a replacement for judgment. A collaborator that is fast, tireless, and occasionally too confident for its own good.

What are LLMs bad at?

LLMs have real limitations.

They can struggle with:

• exact facts without current sources
• private context they have not been given
• math unless they use tools
• legal, medical, or financial advice
• knowing when they are wrong
• distinguishing likely from verified
• preserving nuance in emotionally sensitive situations
• safely handling secrets or private data

They can also hallucinate.

A hallucination is when the model generates something that sounds plausible but is false. It might invent a source, misquote a policy, cite a law that does not exist, or confidently summarize a document it has not actually seen.

This is not always malicious. It is a failure mode of the technology.

The fix is not “never use AI.”

The fix is:

• ask for sources
• verify important claims
• give the model the actual document when possible
• use tools that can search, calculate, or inspect real files
• keep a human in the loop for consequential decisions

What is an agent?

An agent is usually an LLM connected to tools and given a goal.

A chatbot might answer:

Here is how you could organize your files.

An agent might:

1. scan the files
2. identify duplicates
3. propose a folder structure
4. move approved files
5. update an index
6. verify the result
7. report what changed

That is a major shift.

An agent combines:

• a model
• instructions
• tools
• memory or context
• a goal
• a loop for planning and execution

The model decides what to do next, uses a tool, reads the result, and continues.

Simple agent loop:

Goal → Plan → Use tool → Observe result → Adjust plan → Repeat → Report

That is powerful.

It also means agents need guardrails.

Why agents are different from chatbots

The risk profile changes when AI can act.

If a chatbot gives bad advice, you can ignore it.

If an agent has permission to delete files, send emails, spend money, change infrastructure, or publish content, a bad decision can become a real-world problem.

That does not make agents bad. It means they need boundaries.

Good agent design includes:

• clear goals
• limited permissions
• approval gates
• audit logs
• safe defaults
• rollback plans
• read-only mode before write mode
• human review before consequential actions

The more power an agent has, the more boring and explicit its controls should be.

Boring controls are good. Boring controls are how we keep the robot intern from becoming the robot incident report.

Practical examples

Example 1: Writing help

You can ask:

Rewrite this message so it is kind, concise, and firm.

Useful for:

• emails
• invitations
• difficult conversations
• professional messages
• thank-you notes

You still decide whether it sounds like you.

Example 2: Explaining documents

You can paste or upload a document and ask:

Summarize this in plain English. Then list anything I should pay attention to before signing.

Useful for:

• school forms
• insurance letters
• technical instructions
• policies
• contracts you are trying to understand

For legal or financial decisions, use this as preparation, not final authority.

Example 3: Planning

You can ask:

Help me plan a three-day trip with two kids, a moderate budget, and no packed schedule.

Useful for:

• travel
• meals
• birthday parties
• home projects
• study plans
• workouts

The model is good at creating a first draft. You edit reality back in.

Example 4: Technical troubleshooting

You can ask:

Here is the error message. Explain what it means and give me the safest next steps.

Useful for:

• computer errors
• appliance manuals
• app settings
• code problems
• home network weirdness

The key is to give the exact error message. Screenshots or copied text help.

Example 5: Agents doing work

An agent can do more than advise.

For example, an agent might:

• read a GitHub repository
• draft a documentation page
• run a local build
• commit the change
• verify the deployed website

That is not just chat. That is delegated work.

Delegated work needs supervision.

How to prompt without overthinking it

You do not need magic words. You need clarity.

A strong prompt usually includes:

1. Goal — what you want
2. Context — what the model needs to know
3. Audience — who this is for
4. Tone — how it should sound
5. Constraints — what to avoid
6. Output format — list, table, email, checklist, draft, etc.

Template:

I need help with [goal].

Context:
- [important detail]
- [important detail]

Audience: [who will read/use this]
Tone: [friendly/professional/direct/etc.]
Constraints: [avoid X, keep under Y words, don't mention Z]
Format: [bullets/table/email/checklist]

Example:

I need help writing a text to a neighbor about their dog barking late at night.

Context:
- I like this neighbor and want to stay friendly.
- The barking has woken us up three nights this week.
- I do not want to sound threatening.

Audience: neighbor
Tone: warm, direct, not passive-aggressive
Format: short text message

That will work better than “write a message about a dog.”

Safety and privacy basics

Use a simple rule:

Do not give an AI system anything you would not be comfortable storing in someone else’s computer system unless you understand and accept the privacy terms.

Be careful with:

• passwords
• API keys
• Social Security numbers
• medical records
• tax documents
• legal documents
• private family details
• confidential work information
• children’s sensitive information

Some tools offer stronger privacy controls than others. Some business plans say they do not train on your data. Some local tools keep data on your own machine.

The details matter.

When in doubt:

• remove unnecessary personal information
• summarize instead of pasting full documents
• use initials instead of names
• avoid secrets entirely
• choose a private or local tool for sensitive work

A practical trust scale

Not every AI answer needs the same level of verification.

The question is not “Can AI be wrong?”

It can.

The better question is “What happens if it is wrong here?”

What to remember

If you remember nothing else, remember this:

1. AI is the broad category.
2. LLMs are language models that generate and reason through text.
3. ChatGPT, Claude, and Gemini are products built around LLMs.
4. Agents are LLM systems that can use tools and take actions.
5. LLMs are useful collaborators, not truth machines.
6. The more power you give an AI system, the more guardrails it needs.

Used well, these tools can save time, reduce friction, explain hard things, and help you get unstuck.

Used carelessly, they can generate confident nonsense or act on bad assumptions.

The practical skill is not believing the hype or rejecting the technology outright.

The practical skill is learning how to supervise it.

Glossary

Next steps

Try using an AI assistant for one low-risk task this week:

• rewrite a message
• summarize an article
• make a checklist
• explain a confusing term
• draft a plan for a small project

Then ask yourself:

• Did it save time?
• Was it accurate?
• Did it sound like me?
• What context would have improved the answer?

That reflection is how you get better at using the tool.

Last updated: 2026-06-13.

2 - How to Prompt Without Feeling Weird

Prompting an AI assistant can feel strange at first.

You are typing to software, but the software responds like a person. If you are too brief, it guesses. If you are too formal, you feel ridiculous. If you overthink the prompt, you can spend more time asking the question than doing the task.

The good news: you do not need magic words.

You need to explain what you want the same way you would brief a capable assistant who is smart, fast, and new to the situation.

That is the entire game.

The short version

A good prompt usually includes:

1. Goal — what you want done
2. Context — what the assistant needs to know
3. Audience — who the output is for
4. Tone — how it should sound
5. Constraints — what to avoid or preserve
6. Format — what the answer should look like

You do not need all six every time. But when an answer is not useful, one of those pieces is usually missing.

Start with a normal sentence

You can start simply:

Help me rewrite this email so it sounds clear and kind.

That is enough for a low-stakes task.

If the first answer is not right, do not start over. Adjust it:

Make it warmer and shorter. Keep the part where I ask for a meeting.

Prompting is a conversation, not a vending machine.

You are allowed to iterate.

The assistant is not judging you

People sometimes feel awkward giving detailed instructions to an AI assistant.

That is understandable. It can feel unnatural to type:

Use a warm but direct tone. Avoid sounding passive-aggressive.

But that is exactly the kind of instruction the model needs.

The assistant does not think you are being demanding. It does not think your request is silly. It does not care that your first draft is messy.

Messy context is fine. The model is very good at turning messy context into a usable first draft.

Use the six-part prompt when quality matters

For anything important, use this template:

I need help with [goal].

Context:
- [important detail]
- [important detail]
- [important detail]

Audience: [who will read or use this]
Tone: [how it should sound]
Constraints: [what to avoid, preserve, or assume]
Format: [email, bullet list, table, checklist, plan, etc.]

Example:

I need help writing a message to my child's teacher.

Context:
- My child is missing several assignments.
- I want to ask for a meeting.
- I do not want the message to sound accusatory.
- I want to sound collaborative and calm.

Audience: elementary school teacher
Tone: warm, respectful, direct
Constraints: keep it under 150 words
Format: email draft

That prompt gives the model enough to work with.

It knows the goal, situation, relationship, tone, length, and output type.

Tell it what role to play, but do not overdo it

Role prompts can help:

Act as a patient technical tutor. Explain this like I am new to the topic.

Or:

Act as an editor. Improve clarity but preserve my voice.

Or:

Act as a skeptical reviewer. Point out weak assumptions in this plan.

Roles work because they set expectations.

But you do not need to write a dramatic character sheet. The model does not need to be told it is “the world’s greatest award-winning expert with 40 years of experience.” That usually adds noise, not quality.

Simple is better.

Give examples when style matters

If you care about voice, provide an example.

Rewrite this in a style similar to the example below.

My draft:
[paste draft]

Style example:
[paste example]

This is especially useful for:

• emails
• social posts
• documentation
• speeches
• performance reviews
• client updates
• family messages

You can also say what you do not want:

Do not make it sound like corporate marketing. Keep it human and plainspoken.

That one instruction saves lives. Mostly metaphorically.

Ask for options, not perfection

Sometimes the best prompt is:

Give me three versions.

For example:

Give me three versions of this message:
1. warmer
2. more direct
3. very short

This works well because it lets you compare styles.

The first answer does not have to be perfect. It just has to give you something to react to.

Use AI for the first draft, not the final decision

A useful pattern:

1. Ask for a rough draft.
2. Pick the parts you like.
3. Ask for a revision.
4. Edit the final version yourself.

Example:

This is close. Keep the second paragraph, make the opening less formal, and remove the phrase "circle back."

The model is fast at generating alternatives. You are better at knowing what sounds like you.

Use both strengths.

Ask it to explain its assumptions

When the stakes are higher, ask:

What assumptions are you making?

Or:

What information would improve your answer?

Or:

What could be wrong about this recommendation?

These prompts are especially helpful for:

• planning
• research
• technical troubleshooting
• medical, legal, or financial preparation
• comparing options
• reviewing a decision

The assistant may still miss things, but this makes hidden assumptions more visible.

Ask for a checklist

If you are trying to do something, ask for a checklist.

Turn this into a step-by-step checklist.

Or:

Give me a checklist I can use to make sure I did not miss anything.

Checklists are useful because they convert vague advice into action.

They are also easier to verify than paragraphs.

Use tables for comparisons

If you are comparing options, ask for a table.

Compare these options in a table with columns for cost, difficulty, risk, and best use case.

Good comparison prompts include the criteria that matter to you.

Weak prompt:

Which one is better?

Better prompt:

Compare these three options for a family of four. I care most about cost, reliability, setup time, and privacy. Use a table, then recommend one.

The second prompt gives the model a decision framework.

Tell it how much detail you want

Models often guess the level of detail.

You can control that:

Give me the short version first, then details if needed.

Explain it in plain English, no jargon.

Assume I know the basics and focus on tradeoffs.

Give me a 5-minute overview, not a deep dive.

This prevents the two classic AI failure modes:

• a shallow answer when you needed substance
• a wall of text when you needed a straight answer

Correct it directly

If the answer is wrong, say so.

That is not the situation. The actual constraint is [constraint]. Try again.

You do not need to be polite to the point of ambiguity. The model does not require emotional cushioning.

Good correction:

No, I do not want to apologize in this message. I want to acknowledge the issue and propose a next step.

Bad correction:

Hmm maybe something else?

The first one gives direction. The second one asks the model to guess again.

Guessing again is how you get confidently polished nonsense, but with nicer paragraph spacing.

Use boundaries for sensitive topics

For emotionally sensitive, private, or high-stakes topics, include boundaries.

Help me think through this, but do not make a final decision for me.

Give me questions to ask a professional, not legal advice.

Summarize this medical information in plain English, but do not diagnose anything.

Help me draft a calm message. Do not escalate the tone.

Good boundaries keep the assistant in the right lane.

Do not paste secrets

Do not paste:

• passwords
• API keys
• private keys
• Social Security numbers
• bank details
• medical identifiers
• confidential work material
• anything you would not want stored outside your control

If the sensitive detail is not needed, remove it.

Instead of:

Here is my account number and the full letter. What should I do?

Use:

Here is a redacted version of the letter. Summarize what it is asking me to do and list questions I should ask the provider.

Redaction is not paranoia. It is hygiene.

Useful prompt patterns

Rewrite this

Rewrite this to be clearer and more concise. Preserve my meaning and do not add new information.

[text]

Explain this

Explain this in plain English. Assume I am smart but new to the topic.

[text or topic]

Summarize this

Summarize this into:
- key points
- decisions
- open questions
- action items

[text]

Compare options

Compare [option A], [option B], and [option C] in a table. Use columns for cost, difficulty, risk, privacy, and best fit. Then recommend one based on [priority].

Make a plan

Create a step-by-step plan for [goal]. Include assumptions, risks, and what I should verify before starting.

Review my thinking

Review this plan skeptically. What am I missing? What assumptions are weak? What would make this fail?

Make it sound like me

Rewrite this in my voice. Keep it direct, plainspoken, and warm. Avoid corporate language.

[text]

A simple rule of thumb

If the output is not useful, do not assume the model is useless.

Ask:

• Did I give it the goal?
• Did I give it enough context?
• Did I say who the audience is?
• Did I specify tone?
• Did I include constraints?
• Did I ask for the right format?

Most bad outputs are missing one of those.

What to remember

Prompting is not about tricking the AI.

It is about briefing it.

A good prompt says:

Here is what I want.
Here is the situation.
Here is who it is for.
Here is how it should sound.
Here is what to avoid.
Here is what format I need.

That is not weird. That is communication.

And like most communication, it gets easier with practice.

Related guide

Start here if you want the broader foundation:

• AI, LLMs, ChatGPT, Claude, and Agents: A Practical Primer

Last updated: 2026-06-13.

3 - AI Safety for Normal People

AI safety can sound dramatic.

Depending on who is talking, it either means “do not paste your password into ChatGPT” or “the machines are coming for civilization.”

This guide is about the first kind: practical safety for normal people using AI tools in everyday life.

No panic. No sci-fi. Just useful habits.

The short version

Use AI safely by remembering six rules:

1. Do not paste secrets or sensitive personal information.
2. Verify important claims before acting on them.
3. Use AI for drafts and preparation, not final authority.
4. Be extra careful with medical, legal, financial, and work data.
5. Understand when an AI can take actions, not just answer questions.
6. Keep humans in charge of consequential decisions.

That is most of the practical safety model.

AI is useful, not automatically trustworthy

AI assistants can be extremely helpful.

They can explain confusing documents, rewrite messages, summarize articles, brainstorm ideas, help with code, and turn messy notes into something usable.

But helpful is not the same as trustworthy.

An AI answer can be:

• clear but wrong
• confident but incomplete
• useful but missing context
• polite but unsafe
• persuasive but unverified

The model is optimized to produce a helpful response. It is not automatically verifying truth unless it has tools, sources, and instructions to do so.

That means you should treat AI like a capable assistant, not an oracle.

The most important safety habit: do not paste secrets

Do not paste:

• passwords
• API keys
• private keys
• recovery codes
• Social Security numbers
• full bank account details
• full tax documents
• medical identifiers
• confidential work material
• children’s sensitive information

If the AI does not need the sensitive detail, remove it.

Instead of this:

Here is the full letter with my account number and address. What does it mean?

Use this:

Here is a redacted version of the letter. Summarize what it is asking me to do and list any questions I should ask the provider.

You can replace personal details with placeholders:

[NAME]
[ACCOUNT NUMBER]
[ADDRESS]
[DATE]

The model does not need your actual account number to explain a paragraph.

Redaction is normal hygiene

Redaction is not paranoia.

It is the digital equivalent of not reading your credit card number out loud in a crowded room.

Before pasting text into an AI tool, scan for:

• names
• addresses
• account numbers
• case numbers
• policy numbers
• school names
• employer names
• signatures
• QR codes
• links with private tokens

If those details do not matter, remove them.

If they do matter, consider whether this is the right AI tool for the job.

Some tools have stronger privacy guarantees than others. Some business plans have different data-use policies than free consumer tools. Local AI tools may keep data on your own hardware but require more setup and may be less capable.

The privacy details matter.

Hallucinations: confident does not mean correct

A hallucination is when an AI generates something plausible but false.

It might:

• invent a source
• misquote a policy
• summarize a document it has not seen
• cite a law that does not exist
• make up a product feature
• confidently explain the wrong error message

This happens because the model is generating likely language, not directly accessing truth by default.

For low-risk tasks, this is not a big deal.

If it suggests a mediocre dinner idea, nobody is going to federal prison.

For important tasks, verify.

Ask:

What parts of this should I verify before acting on it?

Or:

Separate what you know from what you are assuming.

Or:

Give me sources for the factual claims.

Then actually check the important parts.

Use a risk scale

Not every AI interaction needs the same level of caution.

The question is not “Can AI be wrong?”

It can.

The useful question is:

What happens if this answer is wrong?

The bigger the consequence, the more verification you need.

Medical, legal, and financial topics

AI can be useful for preparing for professional conversations.

Good uses:

Explain these terms in plain English.

Help me make a list of questions to ask my doctor.

Summarize this policy language and identify what I should verify.

Help me organize my notes before I talk to a financial advisor.

Bad uses:

Diagnose me.

Tell me whether I should sign this contract.

Tell me exactly what investment to make.

For high-stakes domains, AI is a preparation tool.

It can help you understand, organize, and ask better questions. It should not replace qualified professional judgment.

Work data: follow policy first

If you are using AI at work, the first rule is simple:

Follow your organization’s policy.

Do not paste confidential work data into a public AI tool just because it would be convenient.

Be careful with:

• customer data
• employee data
• contracts
• source code
• internal strategy
• financial reports
• security findings
• meeting transcripts
• regulated data

If your company provides an approved AI tool, use that. If it does not, ask before using external tools with internal data.

Convenience is not a data-handling policy.

Kids and AI

AI tools can be useful for kids, but they need boundaries.

Good uses:

• explaining concepts at the right grade level
• generating practice questions
• helping outline an essay
• making study guides
• brainstorming project ideas
• explaining math steps after the child has tried

Risky uses:

• writing the assignment for them
• private unsupervised conversations
• sharing personal details
• treating AI answers as automatically true
• using AI as an emotional support substitute

A useful rule:

AI can help kids learn, but it should not quietly do the learning for them.

For younger kids, use AI together. Ask it to explain, quiz, or coach — not complete the work.

Scams and fake content

AI makes scams cheaper and more convincing.

Be skeptical of:

• urgent messages asking for money
• voice calls that sound like someone you know
• realistic images or videos
• emails that perfectly match someone’s writing style
• links that ask you to log in
• “support” messages that ask for codes or passwords

AI-generated scams often rely on urgency.

Slow down.

Verify through a separate channel:

• call the person directly
• use a saved phone number, not the one in the message
• go to the website yourself, not through the link
• ask a shared question only the real person would know
• never share one-time codes with someone who contacted you

The old scam rule still works:

Urgency is a weapon. Pause before acting.

Agents need stronger guardrails

A normal chatbot gives answers.

An agent can take actions.

That might include:

• sending emails
• changing files
• publishing a website
• buying something
• updating a calendar
• calling APIs
• modifying infrastructure
• deleting data

The moment an AI can act, the safety model changes.

For agents, use:

• read-only mode first
• limited permissions
• explicit approval before writes
• clear logs of what changed
• rollback plans
• separate accounts with minimal access
• spending limits
• allowlists for safe actions
• blocklists for dangerous actions

Do not give a powerful agent broad access and vague instructions.

That is how you turn “helpful automation” into “why did the robot reorganize the garage with a flamethrower?”

A simple approval rule

Require human approval before an AI system does anything that is:

• hard to undo
• expensive
• public
• legally meaningful
• emotionally sensitive
• privacy-impacting
• security-impacting
• destructive

Examples:

• sending an angry email
• publishing a public post
• deleting files
• changing account settings
• buying something
• modifying infrastructure
• sharing private information

Drafts are fine.

Actions need approval.

Check the source when it matters

If an AI summarizes a document, keep the document nearby.

Ask it to quote the relevant section:

Quote the exact sentence you are basing that on.

Ask it to separate summary from interpretation:

Separate the document's claims from your interpretation.

Ask it to identify uncertainty:

What is unclear or ambiguous here?

Then compare the answer back to the original.

AI can make reading easier. It should not make you stop reading the parts that matter.

Good safety prompts

Before acting on advice

What assumptions are you making, and what should I verify before acting on this?

For sensitive documents

I will provide a redacted document. Summarize it, list action items, and identify anything I should verify in the original.

For professional topics

Do not give final legal, medical, or financial advice. Help me understand the topic and prepare questions for a qualified professional.

For factual claims

List the factual claims in your answer and indicate which ones require external verification.

For agent actions

Before taking any action, show me the exact change you plan to make, the risk, and how to undo it. Wait for approval.

For work data

Assume this may contain confidential information. Tell me what I should redact before asking for help.

A personal safety checklist

Before using AI, ask:

• Am I pasting any sensitive information?
• Would redaction still let the AI help me?
• Is this a low-risk task or a high-risk task?
• Do I need sources or verification?
• Could this answer affect money, health, legal rights, work, or relationships?
• Is the AI only drafting, or can it actually take action?
• If it takes action, can I review and approve first?

This takes seconds once it becomes a habit.

What to remember

AI safety for normal people is not about fear.

It is about control.

Use AI to:

• draft
• summarize
• explain
• brainstorm
• organize
• prepare
• compare

Be careful when AI touches:

• secrets
• private data
• professional advice
• children
• money
• health
• legal issues
• work information
• public actions
• destructive actions

The goal is not to avoid AI.

The goal is to use it like a powerful tool: intentionally, with the right guardrails, and with a human still holding the steering wheel.

Related guides

• AI, LLMs, ChatGPT, Claude, and Agents: A Practical Primer
• How to Prompt Without Feeling Weird

Last updated: 2026-06-13.

4 - Local AI vs Cloud AI

Once you start using AI tools, a natural question comes up:

Should I use cloud AI, or should I run AI locally on my own computer?

The answer is not “one is always better.”

The answer is: it depends on what you care about for that task.

Cloud AI is usually easier and more capable. Local AI is usually more private and more controllable. Both are useful. Both have tradeoffs.

The short version

Use cloud AI when you want:

• the strongest models
• the easiest setup
• fast access from any device
• image, voice, file, and tool integrations
• less hardware maintenance

Use local AI when you want:

• more privacy
• offline access
• control over where data goes
• predictable experimentation
• integration with your own local tools
• to learn how the stack works

Most people should use both.

Use cloud AI for general help. Use local AI when privacy, control, or experimentation matters more than maximum capability.

What is cloud AI?

Cloud AI means the model runs on someone else’s servers.

Examples include:

• ChatGPT
• Claude
• Gemini
• Perplexity
• Microsoft Copilot
• hosted API models from OpenAI, Anthropic, Google, Mistral, and others

You send a request over the internet. Their servers run the model. You get a response back.

That is why cloud AI can be so good: the provider runs large models on expensive hardware that most people do not own.

What is local AI?

Local AI means the model runs on hardware you control.

That might be:

• your laptop
• a desktop PC
• a home server
• a small workstation with a GPU
• a dedicated homelab machine

Common local AI tools include:

• Ollama
• LM Studio
• llama.cpp
• Open WebUI
• text-generation-webui
• local embeddings and search tools

With local AI, your prompt and files can stay on your machine or inside your own network, depending on how you configure it.

That privacy advantage is real, but it comes with setup and capability tradeoffs.

The main tradeoff

Cloud AI optimizes for capability and convenience.

Local AI optimizes for control and privacy.

Neither side wins every row.

That is the point.

Model quality: cloud usually wins

The best cloud models are usually stronger than what most people can run locally.

They tend to be better at:

• complex reasoning
• following instructions
• writing polished text
• coding
• long-document analysis
• multimodal tasks like images and voice
• tool use
• speed under heavy load

This is not because local models are bad.

Local models have improved quickly. Some are excellent for summarization, drafting, coding help, search, and offline workflows.

But the frontier models usually require a lot of hardware and optimization. Cloud providers can spend absurd amounts of money on infrastructure so you do not have to explain to your spouse why the electric bill now contains a small data center.

Privacy: local usually wins

If a model runs locally and is configured correctly, your data does not need to leave your machine or network.

That matters for:

• personal documents
• family information
• private notes
• sensitive research
• internal business material
• local knowledge bases
• experiments you do not want sent to a third party

Cloud AI privacy depends on the provider, plan, settings, and policy.

Some providers say they do not train on business or API data. Some consumer products have opt-out settings. Some enterprise tools provide stronger contractual protections.

Those differences matter.

But the cleanest privacy boundary is still:

Data that never leaves your environment is easier to reason about.

That does not mean local AI is magically safe. If you expose a local AI server to the internet without authentication, congratulations, you have built a robot-shaped hole in your network.

Local privacy only counts if the system is configured safely.

Cost: it depends how you count

Cloud AI feels cheap because you pay monthly or per use.

Local AI feels free after setup, but it is not actually free.

Local AI costs can include:

• computer hardware
• GPU or RAM upgrades
• storage
• electricity
• cooling
• time spent troubleshooting
• software maintenance

Cloud AI costs can include:

• subscriptions
• API usage
• overage charges
• team seats
• vendor lock-in
• data governance work

For most casual users, cloud AI is cheaper and easier.

For heavy users, privacy-focused users, or builders, local AI can be worth it.

Hardware matters for local AI

Local AI performance depends heavily on hardware.

The big factors are:

• RAM
• VRAM if using a GPU
• CPU speed
• disk space
• model size
• quantization format

A small model can run on a normal laptop. A larger model may need a powerful GPU or a lot of memory.

A very rough mental model:

The point is not that everyone needs a GPU.

The point is that local AI is constrained by your machine. Cloud AI is constrained by your wallet and the provider’s policies.

Offline access

Local AI can work without the internet.

That is useful for:

• travel
• unreliable connectivity
• field work
• private notes
• disaster recovery docs
• air-gapped or restricted environments

Cloud AI needs connectivity.

If the internet is down, the model is gone. Very modern, very powerful, very unavailable. Classic cloud-shaped footgun.

Data control and retention

With cloud AI, you need to understand the provider’s data handling:

• Is chat history stored?
• Can you disable training?
• Are files retained?
• Can admins access conversations?
• Does the API have different privacy terms than the consumer app?
• Is data processed in a specific region?
• What happens when you delete a conversation?

With local AI, you control more of that, but you also own the responsibility:

• Where are prompts logged?
• Does the web UI store chat history?
• Are files cached?
• Are backups encrypted?
• Who can access the server?
• Is it exposed beyond your machine?

Cloud requires trust in a provider.

Local requires competence from the operator.

Pick your poison. Or better: pick the right poison per task.

Capability is not just the model

When people compare AI systems, they often compare only model quality.

That misses a lot.

A useful AI system also includes:

• search
• file upload
• voice input
• image understanding
• memory
• tools
• integrations
• speed
• reliability
• user interface
• sharing and collaboration

Cloud products often win here because they are polished.

Local tools can be powerful, but they are more modular. You might need one tool for chat, another for document search, another for embeddings, another for automation, and another for a web interface.

That flexibility is great if you like building systems.

It is less great if you just wanted help rewriting an email.

Good uses for cloud AI

Cloud AI is usually the best default for:

• general questions
• polished writing
• brainstorming
• coding help
• summarizing non-sensitive documents
• image or voice features
• travel planning
• learning a new topic
• comparing products
• drafting messages
• high-quality reasoning

If the data is low-risk and the task benefits from a strong model, cloud AI is hard to beat.

Good uses for local AI

Local AI is useful for:

• private notes
• offline drafting
• local document search
• personal knowledge bases
• sensitive-but-low-stakes summarization
• experimenting with models
• integrating AI into homelab tools
• learning how AI infrastructure works
• workflows where data should stay on your machine

Local AI is especially useful when paired with local search or a private knowledge base.

For example:

Search my local notes and summarize what I have written about this topic.

That is a different kind of value than asking a cloud model a general question.

When not to use local AI

Local AI is not always worth it.

Do not use local AI just because it sounds more serious.

Cloud may be better if:

• you need the best possible answer
• you do not want to maintain hardware
• you need strong image or voice features
• you need reliable mobile access
• you are collaborating with other people
• the information is not sensitive
• your local machine is underpowered

Running a tiny local model badly is not morally superior to using a strong cloud model carefully.

The goal is good judgment, not purity points.

When not to use cloud AI

Avoid or be careful with cloud AI when:

• data is confidential
• policy forbids it
• you do not understand the privacy terms
• the task involves secrets or credentials
• the document contains sensitive personal details
• the output will drive a high-stakes decision without verification
• the AI tool can take actions you have not reviewed

Cloud AI is convenient. Convenience is not consent from everyone whose data appears in the prompt.

A practical decision tree

Ask these questions:

1. Is the data sensitive?
   • If yes, prefer local or an approved private/business tool.
2. Do I need the best possible reasoning or writing?
   • If yes, cloud may be better.
3. Do I need offline access?
   • If yes, local wins.
4. Do I have the hardware and patience?
   • If no, cloud wins.
5. Is this a repeated workflow?
   • If yes, local automation may be worth building.
6. Is this a one-off low-risk task?
   • If yes, cloud is usually fine.

Simple rule:

Use the strongest tool that is safe enough for the data.

Hybrid is usually best

You do not have to pick one forever.

A good personal setup might look like:

• cloud AI for general reasoning, writing, and brainstorming
• local AI for private notes and offline work
• approved work AI for company data
• no AI for secrets, credentials, or extremely sensitive material

That is not inconsistency.

That is matching the tool to the risk.

What about agents?

Agents make this decision more important.

A cloud chatbot answering a question is one thing.

An agent with access to files, email, calendars, source code, or infrastructure is different.

For agents, ask:

• Where does the reasoning happen?
• What data can the agent read?
• What actions can it take?
• Are prompts and tool outputs stored?
• Can it send data to external services?
• Is there an approval step before writes?
• Can I audit what happened?

A local agent may keep more data inside your environment.

A cloud agent may be more capable and easier to use.

Either way, permissions matter more than vibes.

Common misconceptions

“Local AI is always private.”

Not automatically.

If a local AI app phones home, stores logs insecurely, exposes a web UI, or syncs chats to a cloud account, it may not be as private as you think.

“Cloud AI is always unsafe.”

Also false.

Some cloud tools have strong privacy controls, especially business and enterprise products. You still need to understand the terms and use the right plan for the data.

“Bigger model means better answer.”

Often, but not always.

A smaller model with the right local documents can beat a larger model guessing from general knowledge.

“I need a GPU to use local AI.”

Not always.

Small models can run on CPUs or integrated hardware. They may be slower, but still useful for simple tasks.

“If AI is local, I can paste anything.”

Still no.

Local systems can have logs, backups, synced folders, malware, exposed services, or other users. Handle sensitive data intentionally.

Recommended starting points

For most people:

1. Use a reputable cloud AI assistant for everyday low-risk tasks.
2. Learn basic safety habits: redact, verify, and avoid secrets.
3. Try local AI only if you have a clear reason:
   • privacy
   • offline access
   • learning
   • local document search
   • automation
4. Do not move sensitive work into any AI system until you understand where the data goes.

For technical users:

1. Start with Ollama or LM Studio.
2. Try a small model first.
3. Add a local web UI only after the model works.
4. Keep it private to your machine or trusted network.
5. Add authentication before exposing anything beyond localhost.
6. Treat local AI like any other service: update it, monitor it, and do not expose it casually.

What to remember

Cloud AI is usually easier and more capable.

Local AI is usually more private and more controllable.

Neither is automatically safe. Neither is automatically best.

The practical question is:

What tool gives me enough capability while keeping the data safe enough for this task?

For most people, the answer is hybrid.

Use cloud AI when the data is low-risk and quality matters.

Use local AI when privacy, control, offline access, or experimentation matters.

And no matter where the model runs, keep humans in charge of the important decisions.

Related guides

• AI, LLMs, ChatGPT, Claude, and Agents: A Practical Primer
• How to Prompt Without Feeling Weird
• AI Safety for Normal People

Last updated: 2026-06-13.

5 - What AI Agents Actually Are

An AI chatbot answers questions.

An AI agent can do things.

That is the simplest difference.

A chatbot might help you write an email. An agent might draft the email, find the recipient, attach the file, and ask whether it should send it.

That extra ability is powerful. It is also where the safety conversation gets real.

The short version

An AI agent is an AI system that can:

1. understand a goal,
2. decide what steps might help,
3. use tools,
4. inspect the results,
5. adjust its plan,
6. and sometimes take action.

A normal chatbot mostly talks.

An agent talks and operates.

That means agents are useful for multi-step work, but they need boundaries: limited permissions, human approval, logging, and a way to stop them.

The easy analogy

Think of a chatbot as a smart assistant sitting across the table.

You ask it questions. It answers.

Think of an agent as that same assistant with access to a computer, apps, files, and possibly your accounts.

Now it can help more.

It can also make a bigger mess.

That is not a reason to avoid agents. It is a reason to treat them like capable interns with keys, not magic oracles.

Helpful? Yes.

Autonomous god-brain? No.

Chatbot vs agent

Here is the practical difference:

The boundaries are blurry because products use the word “agent” loosely.

Sometimes “agent” means a simple automation with an AI step.

Sometimes it means a tool-using assistant.

Sometimes it means a system that can run for a while, make decisions, call tools, and report back.

The important question is not the marketing label.

The important question is:

What can this thing read, and what can this thing do?

Agents are loops

Under the hood, many agents follow a loop:

Goal → Plan → Tool use → Observe result → Adjust → Continue → Report

For example:

Goal: Find a good hotel for a weekend trip.

Plan:
1. Ask for budget and dates.
2. Search hotel options.
3. Compare location and reviews.
4. Summarize the top choices.
5. Ask before booking anything.

The agent is not just generating one answer. It is working through a process.

That process may involve tools.

Tools are what make agents different

Tools give an AI system reach beyond text.

Examples:

• web search
• calendar access
• email access
• file reading
• document editing
• code execution
• database queries
• home automation
• payment systems
• ticket systems
• infrastructure tools

A model without tools can only answer from what it knows or what you paste in.

A model with tools can look things up, inspect files, run commands, call APIs, and change state.

That is the jump from “helpful text” to “operational system.”

Permissions matter more than intelligence

People often ask: “How smart is the agent?”

That matters.

But for safety, the better question is:

What permissions does it have?

An average model with dangerous permissions can cause more harm than a great model with read-only access.

Think about the difference between:

• an agent that can read a calendar,
• an agent that can create calendar events,
• an agent that can invite other people,
• an agent that can delete events,
• an agent that can email everyone about those events.

Those are not the same risk.

The capability is not just “AI.”

The capability is AI plus permissions.

Examples of useful agents

Travel planning agent

A travel agent could:

• ask for destination, dates, and budget,
• search flights and hotels,
• compare neighborhoods,
• create an itinerary,
• draft a packing list,
• add tentative calendar events,
• ask before spending money.

The safe version asks before booking.

The risky version books whatever it thinks is best with your credit card. That is how you end up with a nonrefundable layover in the ninth circle of airport logistics.

Email helper

An email agent could:

• summarize unread messages,
• identify urgent items,
• draft replies,
• find attachments,
• suggest follow-up reminders,
• ask before sending.

Useful boundary:

Draft freely. Never send without approval.

Calendar helper

A calendar agent could:

• find open meeting slots,
• draft invites,
• detect conflicts,
• suggest travel time,
• prepare a daily briefing.

Useful boundary:

Create drafts or tentative holds. Ask before inviting other people.

Home automation agent

A home agent could:

• turn lights on,
• adjust temperature,
• check door sensors,
• summarize camera events,
• run bedtime routines.

Useful boundary:

Low-risk automations can be direct. Security-sensitive actions need confirmation.

Turning on a lamp is not the same as unlocking a door.

Coding agent

A coding agent could:

• read a codebase,
• find bugs,
• edit files,
• run tests,
• open a pull request,
• summarize what changed.

Useful boundary:

Let it write branches and pull requests. Do not let it push directly to production without review.

Infrastructure agent

An infrastructure agent could:

• inspect monitoring alerts,
• read logs,
• compare desired and actual state,
• draft a fix,
• update a manifest,
• open a change request.

Useful boundary:

Read broadly. Write narrowly. Require approval for production changes.

The Old World version is SSHing into a box at midnight and poking it until morale improves. The New World version is: fix the declarative state, review it, deploy it, and leave a trail.

Agents can be small

An agent does not have to be dramatic.

A simple agent might do this:

Every morning:
1. Check the weather.
2. Read today's calendar.
3. Summarize anything important.
4. Suggest what to pack or prepare.

That is an agent because it has a goal, gathers information, and produces a useful output.

It may not need deep autonomy.

Most useful agents are boring.

Boring is good. Boring means understandable.

Agents can be dangerous when the loop is hidden

Agents become risky when you cannot easily see:

• what goal they are pursuing,
• what tools they used,
• what data they read,
• what actions they took,
• why they made a decision,
• how to stop them.

A chatbot can be wrong.

An agent can be wrong and do the wrong thing.

That difference matters.

If a chatbot gives you a bad travel recommendation, you can ignore it.

If an agent books the trip, the problem now has a confirmation number.

Memory changes the risk

Some agents have memory.

Memory can be useful because the agent can remember:

• your preferences,
• your writing style,
• recurring tasks,
• project context,
• previous decisions,
• people and relationships.

But memory also means the system may retain information over time.

Ask:

• What does it remember?
• Can I inspect the memory?
• Can I delete it?
• Is memory shared across tasks?
• Is memory used for training?
• Does memory include sensitive details?

Memory is not automatically bad.

Unclear memory is bad.

The approval spectrum

Not every action needs the same level of approval.

A practical model:

The agent should have more freedom for reversible, low-risk tasks.

It should have less freedom for irreversible, expensive, sensitive, or public actions.

Read-only first

The safest way to introduce an agent is read-only first.

Let it observe.

Let it summarize.

Let it recommend.

Then, after you trust the workflow, allow narrow writes.

A good rollout looks like this:

1. Read-only: “Look at this and tell me what you would do.”
2. Draft mode: “Prepare the change, but do not apply it.”
3. Approval mode: “Apply only after I approve.”
4. Limited autonomy: “You may handle this specific low-risk task.”
5. Review: “Show me what happened.”

That is how you avoid handing a robot the keys before it knows which house is yours.

Narrow permissions beat broad trust

Do not give an agent broad access just because it seems smart.

Better patterns:

• one task, one permission set,
• separate read and write access,
• short-lived credentials,
• scoped folders,
• limited tools,
• approval before external actions,
• logging for every tool call.

Bad pattern:

Here is access to everything. Please be careful.

That is not a security model. That is a motivational poster.

Audit trails matter

A useful agent should be able to tell you what it did.

At minimum, you want to know:

• what prompt or goal it received,
• what tools it called,
• what files or data it accessed,
• what changes it made,
• what failed,
• what it skipped,
• what needs human follow-up.

This is especially important for work, money, family data, infrastructure, or anything with consequences.

If an agent cannot explain its actions afterward, it should not be trusted with important actions.

What agents are good at

Agents are good for work that is:

• repetitive,
• multi-step,
• information-heavy,
• easy to verify,
• bounded by clear rules,
• annoying enough that humans avoid doing it.

Examples:

• summarize a folder of notes,
• draft weekly status reports,
• prepare meeting briefs,
• compare invoices to subscriptions,
• review a pull request for obvious issues,
• collect links for a research topic,
• monitor a website for changes,
• turn a checklist into a draft plan.

Agents are best when the task has a clear definition of done.

What agents are bad at

Agents are risky for work that is:

• vague,
• high-stakes,
• hard to verify,
• dependent on subtle human judgment,
• full of hidden context,
• irreversible,
• emotionally sensitive,
• legally or financially binding.

Examples:

• firing someone,
• making medical decisions,
• signing contracts,
• moving large amounts of money,
• deleting important files,
• changing production systems without review,
• messaging people about sensitive topics without approval.

AI can help prepare for these tasks.

It should not own them.

“Autonomous” does not mean “unsupervised”

People hear “autonomous agent” and imagine something acting entirely alone.

That is one version.

But autonomy is not all-or-nothing.

An agent can be autonomous inside a sandbox and supervised at the boundary.

For example:

You may research options and draft a recommendation.
You may not purchase, send, delete, publish, or change settings without approval.

That is often the sweet spot.

Let the agent do the tedious work.

Keep the human in charge of consequences.

How to evaluate an agent product

Before trusting an agent, ask:

1. What can it read?
2. What can it change?
3. Can I approve actions before they happen?
4. Can I see a log of what it did?
5. Can I limit its permissions?
6. Can I turn it off quickly?
7. Where is my data processed?
8. What does it remember?
9. Can I delete that memory?
10. What happens when it is wrong?

The last question is the most important one.

Every agent will be wrong eventually.

The system design should assume that.

A practical safety model

Use this simple agent safety checklist:

• Start read-only.
• Use the narrowest permissions possible.
• Require approval for external or irreversible actions.
• Keep logs.
• Review changes before accepting them.
• Separate low-risk tasks from high-risk tasks.
• Do not give agents secrets unless absolutely necessary.
• Prefer temporary or scoped credentials.
• Have a stop button.

This is not paranoia.

This is basic operations hygiene.

If a human assistant had access to your email, bank account, house locks, and work systems, you would set boundaries too.

The future is probably agent-shaped

AI products are moving from “answer my question” to “help me complete the task.”

That means more agents.

Some will be small and boring.

Some will be powerful.

Some will be overhyped demos held together by duct tape and venture capital.

The useful ones will not feel magical. They will feel like good workflows:

• clear goal,
• clear permissions,
• clear output,
• clear approval points,
• clear audit trail.

That is what to look for.

What to remember

An AI agent is not just a chatbot with a cooler name.

An agent is an AI system that can work through steps and use tools to pursue a goal.

That makes agents useful.

It also makes permissions, approval, and logging much more important.

The practical rule is:

Let agents do the tedious work. Keep humans in charge of the consequential decisions.

Start read-only. Add tools slowly. Require approval for risky actions.

That is how agents become helpful instead of becoming a very confident intern with root access.

Related guides

• AI, LLMs, ChatGPT, Claude, and Agents: A Practical Primer
• How to Prompt Without Feeling Weird
• AI Safety for Normal People
• Local AI vs Cloud AI

Last updated: 2026-06-13.