The Problem

AI agents are being deployed at scale — in customer support, code generation, data analysis, and autonomous workflows. But the code that powers these agents is rarely security-audited.

Consider this pattern, common in production agent codebases:

user_input = request.json()["prompt"]

prompt = f"You are a helpful assistant. {user_input}"