Programming & Development
1
UPVOTE
dev.to

What I found scanning 3 AI agent codebases for unguarded tool calls

669 functions that can write to a database, delete files, charge a card, spawn a subprocess, or hand control to another agent. 553 of them had no guard of any kind. No input validation, no auth check, no rate limit, no confirmation step. Nothing between the model's decision and the side effect. That is 83%. None were confirmed. I got these numbers by pointing a static analyzer at three open-source TypeScript AI agent codebases and counting. Not a pen test. Not a CVE hunt. An inventory of what each agent can do and which of those capabilities have a control in the code. This is the methodology, the full table, and — the part I care about most — the false positives I had to eliminate before I trusted any of it. Why an unguarded tool call is a different problem in an agent In a normal web app, a human clicks a button. The path to a side effect runs through a form, a validation layer, a confirmation dialog, a session rate limit. The dangerous call is wrapped in UI and m
HA

Hans

1d ago
1 0

Discussion

Be the first to comment

Add your perspective to get the discussion started.

No comments yet.

Be the first to share your take and keep the conversation moving.

Join the conversation

Log in or sign up to add your comment and participate in the discussion!

Log In Sign Up

UPVOTERS

Community appreciation

See who found this content valuable and showed their support.

JA

Jamie Rodriguez

Jamie RodriguezUpvoted 1d ago51 comments · 359 shares

RELATED CONTENT

Continue exploring

Discover more content that aligns with your interests and this post.

dev.to
Collections in Java

What is Collections Framework in Java? The Java Collections Framework (JCF) is a set of classes and interfaces provided by Java to store, manage, and manipula…
DC

DEV Community

24m ago
0
dev.to
When Clean Code Becomes a Performance Nightmare: The Hidden Cos…

In modern web development, we crave abstraction. We want our data to feel like a collection of objects, clean, predictable, and type-safe. Enter the Object-Re…
DC

DEV Community

9h ago
0
dev.to
🚀 Building an Online Quiz Platform: My Final Year BCA Project

Hello Developers! 👋 I recently completed my Bachelor of Computer Applications (BCA). For my final-year project, I built an Online Quiz Platform — a web applic…
Anna Theodorou

Anna Theodorou

1d ago
0
dev.to
Why I Built an Open-Source Online Judge Instead of Maintaining …

For years, IFSul – Campus Charqueadas, a federal institute in southern Brazil, has hosted programming marathons for both high school and undergraduate students…
Sophie Weber

Sophie Weber

1d ago
0
dev.to
From Windsurf to Devin Desktop: my first impressions after migr…

I did not expect this change to happen so suddenly. After using Windsurf for more than a year, I migrated to Devin Desktop today. For me, this feels like a me…
HA

Hans

1d ago
0
dev.to
CodeSynth 2.0👩🏽‍💻: Rebuilding My Hackathon Prototype into a CRD…

What I Built CodeSynth started as a hackathon experiment. At the time, I wanted to build something that genuinely used real-time systems instead of making…
DC

DEV Community

1d ago
0

Still curious?

See more related posts

Keep the inspiration flowing with fresh submissions and trending finds from the community.

View Latest