Explore Problems

Showing 26 of 6,868 problems · matching your filters

AI coding agents leak secrets by pulling .env files into context

AI coding agents routinely read .env files, config, and command output into their context windows, silently exposing API keys and credentials to model providers. Existing secret scanning tools catch leaks after the fact in git history rather than preventing them from reaching the model in real time.

1 mentions1 sources
S6.3L8
Security & Compliance · Data Privacy

B2B Contact Data Decays Too Fast for Timing-Sensitive Outreach

Sales prospecting tools like Apollo and Clay rely on static enrichment databases that quickly become stale, causing outreach to hit outdated emails, wrong job titles, and departed contacts. Teams running timing-sensitive campaigns — hiring triggers, funding announcements, product launches — need live web research at query time to act on signals before they expire. No major tool currently solves real-time enrichment at scale.

1 mentions1 sources
S6.1L8
Business Operations · Sales & CRM

AI-generated vibe-coded apps ship with live security holes

Applications built quickly with AI coding tools like Replit, Lovable, and Cursor often go to production with unaddressed access-control vulnerabilities, and their builders typically lack security expertise. High engagement (532 upvotes) suggests broad resonance, though it surfaces via a solution launch rather than direct user complaints.

1 mentions1 sources
S6.1L8
Security & Compliance · Application Security

AI Agents Execute Sensitive Actions Without Human Approval Checkpoints

Professionals using AI agents for real work find that autonomous systems take irreversible actions — sending emails, modifying files, triggering integrations — without pausing for human review. The lack of approval gates on sensitive operations creates trust and safety barriers that prevent enterprise adoption. Workers need AI that asks before acting on consequential decisions.

1 mentions1 sources
S6.1L8
Productivity · Automation & Workflows

AI systems leak user data through indirect prompt injection

LLM-integrated applications can expose user data to third parties even when users provide no malicious input, due to prompt injection via untrusted content or model memorization. This is a structural vulnerability in how AI is embedded in SaaS products. Every team deploying LLMs without robust output filtering is at risk.

1 mentions1 sources
S6.0L8
Security & Compliance · Data Privacy

OpenTelemetry SaaS Ingestion Costs Are Unsustainable for High-Volume Data

Teams using OpenTelemetry must ship all telemetry to cloud vendors to make it searchable, incurring massive ingestion and storage costs for low-value noise data. There is no practical way to filter or sample data at the source before it leaves the cluster without building custom infrastructure. This forces teams into a choice between paying for useless data or losing observability coverage.

1 mentions1 sources
S6.0L8
Data & Infrastructure · Observability & Monitoring

No Search Console Equivalent for AI Visibility: GEO Lacks Closed-Loop Feedback

Teams optimizing content for LLM citation visibility (GEO) have no reliable way to know which queries to target or whether implemented changes actually improved AI ranking. Unlike Google Search Console for SEO, there is no authoritative feedback mechanism for AI visibility. Marketing and content teams are spending budget on GEO with no measurable signal of what works.

1 mentions1 sources
S5.9L8
Marketing & Growth · Analytics & Attribution

Founders Must Self-Host Persistent AI Agents on Personal Servers or Mac Minis

Builders shipping vertical AI agent products to customers have no managed hosting option for persistent, always-on agents like Claude Code or Hermes. The only options are self-managed VPS instances or literal Mac minis under a desk, which do not scale and require ongoing ops work. This is a clear infrastructure gap in the agent deployment stack.

1 mentions1 sources
S5.9L8
Developer Tools · DevOps & Infrastructure

Developers Cannot Use Cloud AI Coding Assistants Due to Privacy and Cost Constraints

Privacy-conscious developers, regulated-industry engineers, and cost-sensitive teams cannot adopt cloud AI coding assistants because code leaves the machine and API costs accumulate. A local-first CLI that reads actual project files and writes code only with explicit approval fills this gap. The 171-upvote signal confirms strong latent demand for a sovereign, zero-cost AI dev workflow.

1 mentions1 sources
S5.9L8
Developer Tools · Coding Tools & IDEs

AI Assistants Lack Persistent Personal Context Across Sessions and Tools

Developers and knowledge workers must re-explain their personal and professional context to every AI tool and assistant they use, with no shared memory layer. One engineer built an MCP server (mcp-me) as a solution, validating the gap. As AI tool adoption grows, the absence of a persistent identity and context protocol creates compounding friction for power users.

1 mentions1 sources
S5.9L8
Developer Tools · AI & Machine Learning

Git Version Control Designed for Humans Breaks Down for AI Agent Workflows

AI coding agents need to run many parallel tasks simultaneously, but Git requires full repository clones and struggles with concurrent agent branches. Virtual mounts, lightweight context, and agent-native branching are missing from existing VCS tools. The structural mismatch between human-oriented VCS and agent workflows creates significant overhead and limits agent parallelism.

1 mentions1 sources
S5.8L8
Developer Tools · DevOps & Infrastructure

AI Agents Cannot Natively Initiate or Receive Payments

AI agents that need to transact on behalf of users or autonomously have no native payment infrastructure designed for them. Existing gateways require human KYB/KYC signup flows that agents cannot complete. Developers must build complex workarounds or tie agent spending to human-controlled accounts with no programmatic controls.

1 mentions1 sources
S5.8L8
Developer Tools · AI & Machine Learning

AI Code Agents Cannot Reliably Translate Figma Designs Into Pixel-Perfect Frontend

LLM-based coding agents like Cursor and Claude Code struggle to interpret Figma design files accurately, producing layouts with broken spacing, misaligned components, and incorrect hierarchy that requires substantial manual correction. The structural gap between Figma's design intent encoding and what AI agents can parse means design-to-code workflows still require significant human cleanup. Teams using both tools end up with a fragmented workflow rather than the end-to-end automation they expected.

1 mentions1 sources
S5.8L8
Developer Tools · Coding Tools & IDEs

LLM prompts hardcoded in source require full redeployment to update

Teams building AI products embed prompts directly in codebases, making every prompt tweak require an engineering deployment cycle. Non-technical stakeholders cannot iterate on prompts without developer involvement, and there is no versioning, approval workflow, audit trail, or rollback capability. This is a growing operational friction point as LLM-powered products scale and prompt tuning becomes a continuous activity.

1 mentions1 sources
S5.8L8
Developer Tools · AI & Machine Learning

AI Agent Loops Are Opaque: Silent Failures Hidden Behind 200 OK Responses

AI agents running in production can silently loop, replay the same tool call for minutes, or stall — while HTTP logs show clean 200 OK responses. Standard observability tools have no concept of multi-turn agent behavior, leaving engineers blind to the actual agent execution path. Diagnosing these failures requires deep network-level inspection of LLM traffic that no mainstream APM tool provides.

2 mentions1 sources
S5.8L8
Developer Tools · AI & Machine Learning

LLM Reports Look Authoritative But Embed Undetectable Factual Errors

Professionals using LLMs to generate recurring reports face a verification paradox: the output is fluent enough to appear credible but embeds hallucinated numbers, dates, and citations that require expert review to catch. The more polished the LLM output, the harder it is for human reviewers to apply appropriate skepticism. Compliance-bound use cases (regulatory filings, investor briefings) cannot tolerate this silent error rate, yet no systematic verification layer exists between generation and publication.

1 mentions1 sources
S5.7L8
Developer Tools · AI & Machine Learning

No Unified Platform for Running and Governing Multi-Agent AI Fleets

As organizations deploy multiple self-improving AI agents across tools, memory systems, and workflows, managing them as a coordinated fleet lacks dedicated tooling. Existing solutions handle individual agent observability but not fleet-level governance, policy enforcement, and cross-agent coordination. The gap widens as agent adoption accelerates.

1 mentions1 sources
S5.6L8
Developer Tools · AI & Machine Learning

AI Support Agents Lack Data Governance Transparency Required by Regulated Industries

Companies in regulated sectors (finance, healthcare, legal) cannot adopt AI customer support agents like Intercom Fin because the vendor cannot clearly articulate what customer data is accessed, how it is processed, and what security controls apply. Without audit-grade data governance documentation, compliance teams block AI support adoption regardless of the productivity value. This is a structural gap between AI platform commercial ambitions and the contractual due diligence requirements of enterprise regulated buyers.

1 mentions1 sources
S5.5L8
Security & Compliance · Data Privacy

AI security evaluation corrupted by using AI to grade AI outputs

Security practitioners evaluating AI systems face a methodological trap: using AI judges to assess AI behavior introduces circular bias and unreliable verdicts. Human review at scale is impractical, and automated benchmarks do not capture adversarial edge cases. This gap leaves AI deployments with false confidence in their security posture.

1 mentions1 sources
S5.5L8
Security & Compliance · Application Security

AI Agents Lack Real-World Identity Primitives

Autonomous AI agents cannot complete real-world tasks without access to phone numbers, email addresses, payment instruments, and bank accounts. As agent workloads expand to booking, scheduling, and financial operations, the absence of purpose-built identity infrastructure blocks fully autonomous workflows.

1 mentions1 sources
S5.4L8
Developer Tools · AI & Machine Learning
1/2Next