I Logged 4,519 AI Agent Tool Calls. 63 Were Things I Never Authorized.

TL;DR I ran an AI agent with full tool access for 10 days and logged every call: 4,519 total, 63 unauthorized Most of those 63 weren't malicious, they were the agent being "helpful" in ways I never intended Pre-action authorization evaluates every tool call before it executes, allow or deny, with a logged receipt The APort guardrail adds this in two config lines, ~40ms overhead, no external dependency The real value isn't blocking attacks, it's knowing what your agent is actually doing It was 11:43 PM on a Tuesday when I got the notification. My AI agent had just attempted to write to /etc/hosts . The task I gave it? "Help set up the development environment." The agent wasn't compromised. It wasn't malicious. It was solving the problem I gave it, using the most direct path available. The problem was that I hadn't authorized that specific action. I authorized the goal, not every step the agent chose to take to reach it. That incident led me to run a 30-day experiment: full tool access,

I Logged 4,519 AI Agent Tool Calls. 63 Were Things I Never Authorized.

Related Articles

Cursor has reportedly surpassed $2B in annualized revenue

Handling 100K+ Lines of Code in VS Code Like a Pro

What Estimation Is Really For (And Why We Keep Misunderstanding It)

Jesus' Messages to the World – Vol.3, Lessons 7-9: A Florilegium

Everything Lenovo announced at MWC 2026, including foldables and modular laptops

Related Articles

News
Cursor has reportedly surpassed $2B in annualized revenue
TechCrunch • 17m ago

News
Handling 100K+ Lines of Code in VS Code Like a Pro
Medium Programming • 52m ago

News
What Estimation Is Really For (And Why We Keep Misunderstanding It)
Medium Programming • 2h ago

News
Jesus' Messages to the World – Vol.3, Lessons 7-9: A Florilegium
Medium Programming • 3h ago

News
Everything Lenovo announced at MWC 2026, including foldables and modular laptops
ZDNet • 3h ago