Narek Maloyan

AI Research Engineer & PhD Candidate

GitHub · LinkedIn · Kaggle · Google Scholar · Email · X/Twitter · Resume PDF

I build coding agents at Zencoder. In May 2025 our team hit #1 on SWE-bench Verified at 70%. Most days I'm working on the gap between "demo works" and "you'd actually let it touch your repo."

On the side, a PhD at MSU on prompt injection — how LLM agents get manipulated and how to defend them. So far that's LLM-as-a-Judge, MCP, and trojans. Thirteen papers across that, medical imaging, and CV.

Earlier: video highlights and recommendations at Viasat, medical NLP at TrendMD, brain-MRI classification at Burdenko. Teaching grad-level Deep Learning at MSU since 2021. The side project people actually use is manim-js — 3Blue1Brown's animation engine in TypeScript.

Experience

Zencoder — AI Research Engineer (2024–present) Coding agents that resolve real SWE tasks. On the team that reached #1 on SWE-bench Verified in May 2025 (70%) with a multi-agent ensemble and a critic for solution selection. Day-to-day: orchestration, evals, and shaving the long tail of failures.

Viasat — ML Engineer (2021–2024) Video highlights extraction, movie recommendations, and semantic search for a streaming platform. The highlights pipeline pulled key moments out of sports and shows so editors didn't have to. Python, PyTorch, Elasticsearch.

TrendMD — ML Engineer (2019–2021) Article recommendations and speech-to-text for a medical content network. Transformer NLP tuned for clinical vocabulary, plus uplift modeling on engagement.

Burdenko NSI — ML Engineer (2020–2022) Deep learning at Russia's main neurosurgery center: glioma grading from MRI without biopsy, stroke risk from imaging. Peer-reviewed work co-authored with neurosurgeons.

ODS.ai — Community Contributor (2020–2022) Organized ML competitions with 1000+ participants.

Projects

imast.ai

AI HR agent for sourcing, screening, and engaging talent across 800M+ profiles. Launch announcement →

AI & ML Cheatsheet

Open-source reference guide covering key concepts across ML and data science.

manim-js (339+ stars)

TypeScript port of 3Blue1Brown's Manim for creating math animations on the web.

amnezia-cloak

Minimal macOS menubar client for AmneziaWG tunnels — Swift, zero deps, ~350 lines.

polymarket-speech

Rust experiment exploring a speech-driven interface for Polymarket.

arutunyan.doctor

Practice site I built for my lovely wife, Dr. Maria Arutunyan (OB-GYN), with 26 clinical calculators and reference tools for obstetricians and gynecologists.

Teaching

Deep Learning — Moscow State University (since 2021)

Graduate-level course covering neural architectures, optimization, and practical applications.

Watch on YouTube

Selected Publications

Sleeper Channels and Provenance Gates: Persistent Prompt Injection in Always-on Autonomous AI Agents. arXiv:2605.13471, 2026. [paper]
Prompt Injection Attacks on Agentic Coding Assistants. IJOIT 14(2), 2026. [paper]
Breaking the Protocol: MCP Security Analysis. Modern IT and IT-education 21(3), 2026. [paper]
Investigating LLM-as-a-Judge Vulnerability to Prompt Injection. IJOIT 13(9), 2025. [paper]
Adversarial Attacks on LLM-as-a-Judge Systems. arXiv:2504.18333, 2025. [paper]
Prompt Injection Attacks in Defended Systems. DCCN, 2024. [paper]

→ Full list on Google Scholar

Blog

BeeLlama.cpp on a Mac Mini M4 16GB: DFlash and TurboQuant for Local LLMs May 2026

DFlash and DDTree: 8x Faster LLM Inference via Block Diffusion and Draft Trees Apr 2026

Running Qwen 3.6 Locally on a Mac Mini M4 with 16GB RAM Apr 2026

The $20K Bug That Changed How We Think About Evals Mar 2026

Prompt Injection Attacks on Agentic Coding Assistants Jan 2026

Contact

Open to research collaborations, consulting, and the occasional talk. Email is fastest.