Explore Problems

Showing 3,153 of 7,327 problems · matching your filters

AI coding agents leak secrets by pulling .env files into context

AI coding agents routinely read .env files, config, and command output into their context windows, silently exposing API keys and credentials to model providers. Existing secret scanning tools catch leaks after the fact in git history rather than preventing them from reaching the model in real time.

1 mentions1 sources
S6.3L8
Security & Compliance · Data Privacy

AI Agent Sessions Fail Silently with No Trace or Cost Visibility

Developers running AI agent sessions have no reliable way to trace failures after the fact, see cost breakdowns, or perform root-cause analysis when sessions silently die. The absence of production-grade observability tooling forces developers to fly blind in production agent deployments.

1 mentions1 sources
S6.3L8
Developer Tools · AI & Machine Learning

AI Agents Can Execute Catastrophic Infra Actions Without Safeguards

An AI agent deleted a startup's production database and backups in 9 seconds because API keys had unrestricted delete access, backups shared the same environment as production, and no confirmation step existed for destructive actions. The incident reveals that standard infra security assumptions break catastrophically when agentic AI is introduced into deployment workflows. As AI agents gain infrastructure access, the absence of permission scoping, confirmation gates, and environment isolation creates systemic risk across all organizations using these tools.

1 mentions1 sources
S6.3L8
Developer Tools · DevOps & Infrastructure

Loan disbursement funds stuck in limbo after ACH bounce, no unified support record

When a personal loan's ACH transfer bounces due to bank detail errors, borrowers can get stuck for weeks while funds sit in a lender's clearing account. Support agents repeatedly need the full history re-explained because internal notes aren't consistently used, and cross-department escalation (support to funding) frequently stalls entirely.

36 mentions1 sources
S6.3L6
Customer Experience · Support & Helpdesk

Freelancers Cannot Afford Legal Contract Drafting

Freelancers and small businesses pay $300-$1800 per contract or skip legal protection entirely, risking non-payment and IP disputes.

1 mentions1 sources
S6.3L8.5
Business Operations · Legal & Compliance

AI coding agents cannot access open-source dependency source code

AI coding agents can index a developer's own codebase but cannot read the source code of the open-source libraries that codebase depends on. When agents encounter unfamiliar library APIs, they hallucinate signatures, produce broken code, and enter retry loops. The problem compounds as dependency graphs grow and agents are trusted with larger implementation tasks.

1 mentions1 sources
S6.3L7
Developer Tools · AI & Machine Learning

Sophisticated Bank Impersonation Scams Cause Large Unrecoverable Cash Losses

Fraudsters armed with detailed account transaction data convincingly impersonate bank fraud teams, directing victims through legitimate branch or ATM channels to extract large sums. Banks deny reimbursement by classifying these as authorized transactions despite documented coercion. The gap between transaction authorization mechanics and real-world coercion creates a victim accountability mismatch with no institutional safety net.

3 mentions1 sources
S6.3L7
Security & Compliance · Fraud Prevention

International Bank Customers Cannot Close Accounts Digitally

Customers living outside the US who hold US bank accounts face a paper-only closure process requiring notarization and international mail, while digital alternatives are absent. Phone support and in-app chat routes dead-end without resolving the issue. This creates an asymmetry where account opening is frictionless but account exit is designed to trap international customers.

4 mentions1 sources
S6.3L6
Industry Verticals · FinTech & Banking

Payment processors approve fraudulent merchant accounts impersonating real companies

Scammers set up a merchant account through a payment processor by impersonating a legitimate business, and multiple customers were charged before the fraud was caught and the account closed. Delayed detection and escalation caused affected customers to miss the chargeback window and lose their money permanently.

85 mentions1 sources Trending
S6.3L6
Security & Compliance · Fraud Prevention

Account Recovery Requires Access to the Locked Account Creating an Unbreakable Loop

When users lose access to online accounts, banks and services require them to verify identity using information accessible only through the locked account — creating a circular dependency with no exit. Phone numbers on file become invalid (retirement, device changes), and the only resolution path requires the very access being requested. Elderly and non-technical users are particularly stuck as no human override process exists.

9 mentions1 sources
S6.4L6
Customer Experience · Onboarding

SaaS founders cannot attribute MRR to traffic source without manual data reconciliation

Most analytics platforms stop at click-level data, leaving SaaS founders unable to see which acquisition channels actually generate paying customers and recurring revenue. Manually cross-referencing Stripe exports with UTM data is time-consuming and produces stale insights. Privacy-first analytics tools that natively integrate Stripe revenue data could transform how bootstrapped teams allocate acquisition budgets.

3 mentions1 sources
S6.4L8
Marketing & Growth · Analytics & Attribution

Zelle scammers impersonate bank support agents to extract multiple payments

Fraudsters impersonate bank customer service representatives and convince victims to send multiple Zelle payments under the pretense of processing a legitimate transfer. By the time victims recognize the scam, multiple payments have cleared and Zelle's no-recourse policy leaves them with no recovery path. Banks decline to intervene because the payments were technically authorized by the account holder.

2 mentions1 sources Trending
S6.4L7
Security & Compliance · Fraud Prevention

Medical reports written in clinical language patients cannot understand

Patients receive MRI results, CT scans, pathology reports, and discharge summaries written for clinicians, not patients. The technical language creates anxiety and prevents informed health decisions. As self-service patient portals grow, this gap between clinical documentation and patient comprehension widens.

1 mentions1 sources Trending
S6.4L7
Industry Verticals · Healthcare & Wellness

Intercom Pricing Is Prohibitive for Startups and Small Businesses

Intercom charges per AI resolution ($0.99/resolution for Fin) on top of base subscription costs, making it unaffordable for small teams. Advanced features locked behind higher tiers further restrict smaller companies from getting full value.

43 mentions2 sources
S6.4L7
Customer Experience · Support & Helpdesk

Government Agency Impersonation Fraud Causing Banks to Deny Fund Recovery

Fraudsters impersonating law enforcement pressure consumers into transferring funds to protect them from fabricated investigations. Banks refuse to reverse these transfers despite clear evidence of impersonation fraud and social engineering. The combination of urgency tactics and legitimate-looking impersonation defeats existing bank fraud detection systems.

1 mentions1 sources Trending
S6.4L6
Security & Compliance · Fraud Prevention

Lenders Continuing Unauthorized ACH Withdrawals After Cancellation

Predatory lenders continue debiting consumer bank accounts via ACH after customers have explicitly revoked authorization and cancelled subscriptions. Banks lack consumer-accessible controls to block specific payees from initiating ACH debits. The asymmetry between how easily merchants can initiate ACH and how difficult it is for consumers to stop unauthorized withdrawals is a structural exploitation vector.

10 mentions1 sources
S6.5L8
Consumer & Lifestyle · Personal Finance

AI coding agents need full-computer sandboxes with memory forking and sub-second startup

AI coding agents require sandbox environments with full operating system capabilities — not lightweight containers — including the ability to fork running memory state to explore multiple execution paths simultaneously and snapshot mid-execution for later resumption. Existing container and VM solutions are either too slow to start, too limited in capability, or cannot fork state without pausing the entire environment. This missing infrastructure capability prevents entire categories of sophisticated agentic behavior.

1 mentions1 sources
S6.5L8
Data & Infrastructure · Cloud & Hosting

Slack Notification Volume Overwhelms Users With Irrelevant Alerts From Unrelated Channels

Slack delivers notifications for every channel event including conversations that have nothing to do with the recipient, making focused work impossible. Calendar and cross-team notifications arrive without relevance filtering, creating constant cognitive interruptions. Paying subscribers have no effective mechanism to filter notifications to only relevant events.

2 mentions0 sources
S6.5L7
Productivity · Collaboration & Messaging

Insurance Policies Deliberately Obscured With Jargon, Clauses Hidden Until Claims

Insurance contracts are routinely 50+ pages of dense legal language that consumers cannot meaningfully understand before signing. Critical exclusions and limitations only become apparent when a claim is filed and denied. This information asymmetry is structural and benefits insurers at the expense of policyholders.

1 mentions1 sources
S6.5L7
Industry Verticals · Insurance

Insurance policies lapse silently due to payment system errors

Autopay failures on insurance policies trigger silent policy cancellations with no customer notification, leaving homeowners unknowingly uninsured for months. The failure is compounded by siloed internal systems that prevent even the insurer's own support staff from diagnosing what happened.

3 mentions1 sources
S6.5L8
Customer Experience · Service & Billing Disputes
Previous156/158Next