Constraining LLMs Just Like Users (aeracode.org) AI

The post argues that LLM outputs should be treated like untrusted inputs and therefore controlled using techniques similar to human interface constraints—especially by constraining allowed output formats (e.g., fixed choices, JSON schemas, or grammars) and validating tool-call behavior to prevent overreach, while emphasizing transparency, user feedback, and limiting LLM tool access to what the user is allowed to do.