autonomous-agent-patterns

[Skill Scanner] Destructive bash command detected (rm -rf, chmod 777) All findings: [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] The fragment is coherently aligned with its stated purpose: it provides design patterns and sample implementations for autonomous coding agents, including tool schemas, permissioning, sandboxing, browser automation, context management, and MCP integration. While it describes powerful capabilities (file I/O, shell execution, browser automation), these are framed as patterns/tools within a controlled design guide. No hardcoded secrets or malicious data flows are evident in the fragment itself. The risk is primarily from potential misuse if integrated into an agent without proper safeguards; as a design pattern/document, it is BENIGN with some SUSPICIOUS potential if deployed without safety controls. LLM verification: The code and documentation present functional patterns for building autonomous agents but also provide or reference powerful runtime tools (arbitrary file reads, writes, edits, and shell execution) without demonstrated safe defaults. There is a clear exfiltration path for local secrets to an LLM/provider and the potential for destructive operations if examples are implemented literally. Treat these patterns as high-risk unless mitigations are applied: enforce path and command whitelists, require