u/Revolutionary-Bet-58

Spent a few weeks scanning every AI agent repo on GitHub with 20+ stars, LangChain, CrewAI, AutoGen, pydantic-ai, MCP servers, n8n, all of it. 

Expected prompt injection everywhere. Found something more boring: infinite loops. 5,397 of them. Plan → act → observe cycles with no max iterations, no timeout, no kill switch. 

Other top findings: missing audit logging (1,371), missing rate limits (938), unsafe exec/eval (573).

Full data + methodology: inkog.io/report

Honest question to the people actually shipping agents here: do you set a max_iterations when you ship? A timeout? Or is "just let it run and hope" the default?