Night Mode LabsBlue Book
AI and Data Platforms

LLM Application Patterns

LLM applications need normal software engineering controls plus specific controls for prompts, retrieval, evaluation, cost, privacy, and model behavior. Treat the model as a dependency with probabilistic output, not as deterministic business logic.

Common patterns

  • Chat or assistant interfaces.
  • Retrieval-augmented generation.
  • Document summarization and extraction.
  • Classification and routing.
  • Code, query, or configuration generation.
  • Agentic workflows with tool access.

Architecture baseline

Required controls

Every production LLM application should define:

  • Data allowed in prompts and responses.
  • Prompt and model versioning.
  • Retrieval source ownership and freshness.
  • Evaluation suite for important behaviors.
  • Human review requirements for high-impact actions.
  • Cost limits and usage monitoring.
  • Abuse, prompt injection, and data exfiltration controls.
  • Logging policy that avoids sensitive data leakage.

Tool use

When models can call tools, define:

  • Which tools are available.
  • Authorization model for each tool.
  • Input validation and output filtering.
  • Dry-run support for risky actions.
  • Approval steps for irreversible changes.
  • Kill switch or disablement path.

Watchouts

  • Prompt changes are production changes.
  • Retrieval quality determines answer quality.
  • Model confidence is not evidence.
  • Sensitive data can leak through logs, traces, prompts, and eval sets.
  • Agentic workflows need strict permissions and observability.

AI-Assisted Engineering

Previous Page

Retrieval and Vector Search

Next Page

On this page

Common patternsArchitecture baselineRequired controlsTool useWatchouts