I found a critical CVE in a top AI agent framework. Here's what it taught me about how we're all building agents wrong.

Nobody told me the scariest part of building AI agents isn't the hallucinations. It's the attack surface you're quietly shipping to production while obsessing over your prompt. I found out the hard way. The vulnerability that should not have existed While contributing to OpenHands (one of the top open-source AI agent frameworks), I discovered a path traversal vulnerability now officially CVE-2025-68146 sitting quietly in production. The kind of bug that makes you go silent for a second before typing into Slack.