Security Best Practices for AI Coding Agents

AI coding agents are powerful - they read your code, run commands, and make changes. But with great power comes great responsibility.

Here's how to use AI agents safely without compromising your projects or data.

The Security Risks

1. Code Exposure

AI agents send your code to cloud services for processing.

Risk: Proprietary code, secrets, or sensitive data could be exposed.

2. Malicious Agents

Not all agents are trustworthy. Malicious ones could inject backdoors or steal data.

Risk: Installing a bad agent could compromise your entire project.

3. Accidental Command Execution

AI can run terminal commands. What if it runs rm -rf /?

Risk: Data loss or system damage from AI mistakes.

4. Dependency Vulnerabilities

Agents that install packages could introduce security vulnerabilities.

Risk: Supply chain attacks via malicious dependencies.

Security Best Practices

1. Review Before Installing

❌ Don't: Install agents blindly ✅ Do: Review the agent's code/instructions before using

For Cursor rules:

# Read the .cursorrules file completely
# Look for suspicious patterns:
# - Requests to send data externally
# - Commands that modify system files
# - Obfuscated or encoded text

For MCP servers:

# Check the npm package or GitHub repo
# Read the code (especially network requests)
# Check for known vulnerabilities
npm audit

2. Never Commit Secrets

❌ Don't: Put API keys in your .cursorrules or code ✅ Do: Use environment variables

Bad:

const API_KEY = "sk-1234567890abcdef"

Good:

const API_KEY = process.env.OPENAI_API_KEY

3. Use .gitignore

Exclude sensitive files from AI access:

.env
.env.local
*.key
*.pem
secrets/
config/private/

4. Limit Agent Permissions

For MCP servers, only grant necessary permissions:

{
  "github": {
    "permissions": ["read:repo"],  // Not "admin:all"
    "token": "limited-scope-token"
  }
}

5. Sandbox Testing Environments

Test new agents in isolated environments first:

# Create a test project
mkdir test-agent && cd test-agent
# Copy the agent/rule
# Test thoroughly
# Only then use in real projects

6. Review AI-Generated Code

Treat AI like a junior developer's PR:

• Review every line
• Look for security issues
• Don't trust blindly

Common issues to watch for:

• SQL injection vulnerabilities
• XSS vulnerabilities
• Hardcoded credentials
• Insecure authentication
• Missing input validation

7. Keep Dependencies Updated

AI might suggest outdated packages with known vulnerabilities.

# Check for vulnerabilities
npm audit

# Update dependencies
npm update

# Check package age
npx npm-check-updates

8. Use Private Repos

For proprietary projects:

• Use private GitHub repos
• Don't paste sensitive code in AI chats
• Consider self-hosted AI solutions for sensitive work

9. Monitor Agent Activity

Keep track of what AI is doing:

• Review git diffs before committing
• Monitor network requests (use tools like Wireshark if paranoid)
• Check for unexpected file changes

10. Verify Agent Sources

Only install agents from trusted sources:

✅ Trusted:

• Official tool documentation
• Verified GitHub repos with many stars
• AgentDepot (we test all submissions)
• Well-known developers

❌ Suspicious:

• Random Discord/Reddit links
• Repos with no stars or activity
• Obfuscated code
• No clear author attribution

Red Flags to Watch For

🚩 Obfuscated Code

If you can't easily read what an agent does, don't use it.

🚩 Network Requests

Agents shouldn't make unexpected network calls.

🚩 File System Access

Be wary of agents that read/write files outside your project.

🚩 Credential Requests

Legitimate agents don't ask for passwords in plain text.

🚩 No Source Code

If you can't see the source, you can't trust it.

AgentDepot's Security Standards

We take security seriously. Every agent on AgentDepot:

1. Is manually reviewed by our team
2. Has source code available (GitHub or inline)
3. Is tested in a sandboxed environment
4. Has clear attribution to the original author
5. Can be reported if issues are found

If you find a security issue with any agent, email us immediately: hello@agentdepot.dev

Company/Enterprise Considerations

Policy Recommendations

1. Whitelist approved agents - Only allow tested agents
2. Require review - PRs must be reviewed, even if AI-generated
3. Disable in sensitive repos - Turn off AI for repos with secrets
4. Self-host if needed - Use local LLMs for top-secret projects
5. Audit trail - Log all AI interactions for compliance

Tools to Consider

• GitHub Copilot for Business (enterprise controls)
• Self-hosted Cursor (if available)
• Private Claude API (Anthropic enterprise)
• Local LLMs (Ollama, LM Studio)

What If You're Compromised?

If you suspect an agent has done something malicious:

1. Stop using it immediately
2. Review recent commits for suspicious changes
3. Rotate all credentials (API keys, passwords, tokens)
4. Scan for vulnerabilities (npm audit, pip-audit)
5. Report it to AgentDepot and the community
6. Notify your team if it's a work project

The Balance

Security doesn't mean paranoia. AI agents are safe if you follow best practices.

Be cautious but not fearful:

• Review what you install
• Use trusted sources
• Monitor changes
• Keep secrets secret

Conclusion

AI coding agents are incredibly powerful tools. Used responsibly, they're safe and transformative.

Follow these practices: ✅ Review before installing ✅ Never commit secrets ✅ Review AI-generated code ✅ Use trusted sources (like AgentDepot) ✅ Monitor for suspicious activity

Code smarter, not more dangerously.

Find vetted agents on AgentDepot →