Explore Problems
Showing 138 of 6,868 problems · matching your filters
AI-generated vibe-coded apps ship with live security holes
Applications built quickly with AI coding tools like Replit, Lovable, and Cursor often go to production with unaddressed access-control vulnerabilities, and their builders typically lack security expertise. High engagement (532 upvotes) suggests broad resonance, though it surfaces via a solution launch rather than direct user complaints.
AI Agents Execute Sensitive Actions Without Human Approval Checkpoints
Professionals using AI agents for real work find that autonomous systems take irreversible actions — sending emails, modifying files, triggering integrations — without pausing for human review. The lack of approval gates on sensitive operations creates trust and safety barriers that prevent enterprise adoption. Workers need AI that asks before acting on consequential decisions.
Multi-Platform Ad Integration Requires Six Separate OAuth Flows and Data Models
Building advertising integrations across Meta, Google, TikTok, LinkedIn, Pinterest, and X forces engineering teams to maintain six separate developer apps, OAuth flows, and incompatible campaign object models. This represents months of duplicated engineering effort for any product that needs to touch multiple ad platforms. A unified normalized API layer would eliminate this fragmentation and is already being validated by builders in the space.
Angi/HomeAdvisor sells low-quality leads with predatory cancellation fees to contractors
Contractors on Angi/HomeAdvisor receive leads where the majority are unresponsive or irrelevant to their services, yet cancellation requires paying large fees regardless of lead quality. The platform systematically profits from contractor frustration without accountability.
Bank automated fraud systems freeze accounts with no human override capability
Chase's Zelle fraud detection flagged routine family transfers, froze the customer's online access, and provided no mechanism for human agents to override the automated decision. Agents gave conflicting explanations and two hung up. The automated system operates outside human accountability — once flagged, customers have no escalation path that can actually unfreeze the account.
Bank Impersonation Scams Exploit Zelle for Irreversible Fund Theft
Fraudsters impersonating bank fraud departments instruct consumers to make Zelle transfers to recover allegedly stolen funds, causing the actual theft. Banks refuse to reverse these payments despite clear evidence of social engineering. The combination of real-time payment finality and inadequate bank fraud detection creates an unaddressed consumer protection gap.
AI systems leak user data through indirect prompt injection
LLM-integrated applications can expose user data to third parties even when users provide no malicious input, due to prompt injection via untrusted content or model memorization. This is a structural vulnerability in how AI is embedded in SaaS products. Every team deploying LLMs without robust output filtering is at risk.
SaaS In-App Chatbots Answer Questions But Cannot Complete Workflows
Users get lost in complex SaaS products and existing chatbot support can only explain what to do, not do it for them. Navigating settings, completing integrations, and resuming interrupted workflows requires the user to still act — the bot just narrates. An agent that directly operates the application interface would eliminate the last-mile gap between instruction and execution.
PII Leaks to External LLM APIs in Production Apps
Developers building LLM-powered products inadvertently send personally identifiable information to third-party model APIs, creating GDPR, HIPAA, and SOC 2 compliance exposure. There is no lightweight, easy-to-integrate layer that masks PII before requests leave the application boundary. The gap affects every team using LLM APIs with real user data.
Lenders Continuing Unauthorized ACH Withdrawals After Cancellation
Predatory lenders continue debiting consumer bank accounts via ACH after customers have explicitly revoked authorization and cancelled subscriptions. Banks lack consumer-accessible controls to block specific payees from initiating ACH debits. The asymmetry between how easily merchants can initiate ACH and how difficult it is for consumers to stop unauthorized withdrawals is a structural exploitation vector.
Safety-Critical Professionals Cannot Search Large Technical Manuals Under Time Pressure
Pilots, engineers, and technicians must locate precise data buried in 600-page PDFs during time-sensitive workflows, but manual searching is slow and cloud AI tools require uploading sensitive or classified documents. The need for fast, accurate, offline document querying is unmet by current tools.
OpenTelemetry SaaS Ingestion Costs Are Unsustainable for High-Volume Data
Teams using OpenTelemetry must ship all telemetry to cloud vendors to make it searchable, incurring massive ingestion and storage costs for low-value noise data. There is no practical way to filter or sample data at the source before it leaves the cluster without building custom infrastructure. This forces teams into a choice between paying for useless data or losing observability coverage.
Coding Agents Have No Dedicated Persistent VM Infrastructure for Remote Execution
AI coding agents like Claude Code currently run on developers' local machines, consuming resources, lacking remote monitoring, and resetting state between sessions. There is no purpose-built cloud VM infrastructure that keeps a coding agent environment always-ready and accessible from any device. This is a structural gap that limits the practical usability of coding agents for long-running autonomous tasks.
Database Migration Index Locks Cause Production Outages Without CI Safeguards
Adding an index to a large production table without CONCURRENTLY locks the table and can take down an entire application for 20+ minutes. Neither code review nor CI pipelines reliably catch dangerous migration patterns before they ship. Teams lack automated tooling to flag unsafe SQL migration operations in their deployment pipeline.
AI Coding Assistants Cannot Debug Production Issues Without Runtime Data
AI coding assistants generate plausible-looking fixes for production bugs but lack access to runtime telemetry, request/response data, and cross-service trace correlation. This gap means AI-generated PRs regularly fail in production because the underlying data they reason over is sampled, aggregated, and incomplete. Engineering teams lose confidence in AI assistance for the highest-value debugging work.
Founders Manually Completing Enterprise Security Questionnaires and Subprocessor Requests
Early-stage founders selling into enterprise accounts face repetitive, time-consuming security questionnaires and subprocessor documentation requests. No streamlined tooling automates responses across vendors. Delays deals and diverts founder time from product work.
Stainless SDK Generator Shutdown Leaves Production OpenAPI SDKs Without Maintainer
Anthropic's acquisition of Stainless has shut down the SDK generation service, orphaning production SDKs built from OpenAPI specs with no replacement tooling announced. Development teams must urgently find, migrate to, or build an alternative before September or absorb full SDK maintenance burden internally.
Phone Impersonation Scams Trick Customers Into Moving Funds
Fraudsters posing as bank security representatives convinced a customer to transfer funds to a "secure account" after a fake fraud alert text. The bank lacks sufficient real-time intervention to stop social engineering attacks. This growing fraud vector requires better customer verification and real-time scam detection.
AI Sales Agents Lose Customer Context Between Conversations With No Persistent Memory
AI sales agents start each customer interaction from scratch, unable to reference previous conversations, expressed preferences, or relationship history. This forces customers to repeat context and prevents the kind of personalized engagement that drives conversion. As AI agents take on more customer-facing roles, the absence of persistent memory is a fundamental capability gap that undermines their value proposition.
Brands Have No Visibility Into How AI Platforms Describe and Recommend Them
As millions of users shift purchase and decision queries to AI systems like ChatGPT, Perplexity, and Claude, brands have no mechanism to monitor, understand, or influence how these platforms describe them. Unlike traditional search where rankings are visible and measurable, AI platform brand representation is opaque. This is a growing blind spot with direct revenue and reputation implications for businesses.