About

I am an AI Research Engineer at Zencoder and a PhD candidate at Lomonosov Moscow State University. My work centers on a single question: how can large language models be attacked, and how do we defend them? I investigate this across coding assistants, evaluation pipelines, and tool-integrated agents — systems where a single prompt injection can compromise an entire software development workflow.

Path to AI Safety

My career began at ISP RAS (Ivannikov Institute for System Programming), where I worked as an intern on SVACE — a static code analysis tool. That early exposure to program analysis and software engineering rigor carried over when I shifted toward machine learning.

My first applied ML work was at the Burdenko Neurosurgery Institute, where I built deep learning models for non-invasive brain tumor classification from MRI scans. We developed systems that could predict glioma grade without biopsy, using convolutional neural networks trained on clinical imaging data. I also worked on neurosurgical instrument segmentation for automated skill assessment during microsurgery. These projects taught me what it means to deploy ML in high-stakes environments where errors have real consequences.

From Burdenko, I moved into industry ML engineering. At TrendMD, I built recommendation systems for medical and scientific articles, developed speech-to-text pipelines for clinical dictation, and applied uplift modeling to content delivery. At Viasat, I worked on video highlight extraction, movie recommendation engines, and semantic search optimization. Across both roles, I gained hands-on experience with production ML systems at scale — the messy reality of data pipelines, model serving, and A/B testing.

AI Safety and LLM Security Research

In 2024, I joined Zencoder as an AI Research Engineer, where I build AI-powered coding agents. In May 2025, our team reached #1 on SWE-bench Verified with a 70% success rate, setting a new benchmark for autonomous software engineering. This work put me at the frontier of agentic AI — and made it impossible to ignore the security implications.

My PhD research at MSU focuses on the attack surfaces of LLM-based systems. I study prompt injection attacks — techniques that manipulate model behavior by embedding adversarial instructions in inputs that the model processes. My work spans several interconnected areas:

Agentic coding assistant security: How prompt injections can hijack AI coding tools that read, write, and execute code in real repositories. I demonstrated attacks that exfiltrate secrets, inject backdoors, and manipulate version control through seemingly benign code comments.
LLM-as-a-Judge vulnerability: How evaluation systems that use LLMs to score outputs can be manipulated through adversarial inputs, undermining the integrity of automated benchmarking.
MCP protocol security: Security analysis of the Model Context Protocol, examining how tool-integrated agents can be exploited through malicious tool descriptions and cross-origin injection.
Trojan detection: Identifying hidden backdoors planted in large language models during training, where specific trigger phrases activate malicious behavior.
Prompt injection in defended systems: Testing whether existing defense mechanisms (system prompts, input filters, output guardrails) actually hold up against adaptive attackers.

To date, I have co-authored 13 peer-reviewed publications across AI safety, LLM security, medical AI, and computer vision, published in venues including DCCN, MIE, MEDINFO, SemEval, and multiple journal issues of IJOIT. Full publication list is available on the research page and on Google Scholar.

Teaching and Open Source

Since 2021, I have taught a graduate-level Deep Learning course at Moscow State University, covering neural architectures, optimization theory, and practical applications. I believe that the best way to understand a subject is to explain it to others, and teaching has sharpened my own understanding of the field enormously.

I am also an active open-source contributor. My most visible project is manim-js (339+ stars on GitHub), a TypeScript port of 3Blue1Brown's Manim library that brings mathematical animation to the web. I also maintain the AI & ML Cheatsheet, an open reference covering key concepts across machine learning and data science.

Outside of research and teaching, I have competed in Kaggle machine learning competitions and organized data science competitions through the ODS.ai community, some drawing over 1,000 participants.

Key Achievements

#1 on SWE-bench Verified (May 2025) with 70% success rate at Zencoder
13 peer-reviewed publications in AI safety, LLM security, medical AI, and computer vision
Trojan Detection Challenge participant — detecting hidden backdoors in large language models
Deep Learning instructor at Moscow State University since 2021
manim-js: 339+ GitHub stars, bringing mathematical animations to the browser
Kaggle competitor and ODS.ai community contributor

Contact

Available for research collaborations, consulting, and speaking engagements.