← All Checks high LLM06

Excessive Agency

AI agents with too much access — unrestricted file system, shell execution, or network permissions — can make destructive changes to your system. VibSec detects patterns where AI agents are given more power than they need.

What it catches

  • Wildcard CORS configurations (Access-Control-Allow-Origin: *)
  • Permissive file access patterns (reading/writing outside project directory)
  • Unrestricted shell execution capabilities
  • Admin endpoints without authentication
  • API routes with no rate limiting or access control
  • Docker containers running as root with host mounts

Why vibe coders should care

When you give your AI agent full access to your system, it can (and will) do things you didn’t expect. rm -rf a directory, overwrite your config files, or expose admin endpoints without auth. The principle of least privilege exists because every extra permission is an attack surface.

Real impact: An AI agent that writes Access-Control-Allow-Origin: * on your API means any website on the internet can make authenticated requests to your backend. Combined with cookie-based auth, this is a full account takeover.

Example

// ❌ VibSec flags this — AI agents love wildcard CORS
app.use(cors({ origin: '*', credentials: true }));

// ✅ Specify allowed origins
app.use(cors({
  origin: ['https://myapp.com', 'https://staging.myapp.com'],
  credentials: true,
}));

// ❌ Docker running as root with host mount
// volumes: ['/:/host']

// ✅ Mount only what you need, don't run as root
// volumes: ['./data:/app/data']
// user: '1000:1000'

How to fix

VibSec identifies the exact line and pattern. Let your AI agent fix it with vibsec scan --fix — it will tighten CORS, restrict permissions, and add proper access controls.

Related checks: Exposed Ports · Browser & Cookie Security · All Checks

Feedback