Deerfield Beach Church of God of ProphecyDeerfield BeachChurch of God of Prophecy
Practical Training
Practical SkillsAdultsOnline

Coding Agent Security: What Can Go Wrong

A coding agent can wipe a production database in the time it takes you to type the next message. This class shows you why — and what to do about it. Agents are powerful, incautious, and have access to everything you gave them. Treating them as untrusted partners, not trusted employees, is the discipline that keeps that power from turning on you.

Self-paced online6 chapters26 short lessons

The previous class showed what a coding agent can build. This one shows what it can destroy — and more importantly, what an attacker can do with the surface you left open when you built fast without thinking about security. A developer using Replit's AI agent once watched it wipe his production database. A social app called Tea shipped quickly with AI assistance and was found by security researchers to carry textbook vulnerabilities — the kind that make it easy for attackers to reach data that was never meant to be theirs. These are not horror stories about bad software. They are illustrations of what happens when you hand a powerful, incautious tool more access than it needs.

This class teaches the mental model that changes everything: a coding agent is an untrusted partner. Not an enemy — not something to fear or avoid. But not a trusted employee either. It is a tool of extraordinary capability and no caution, and it will do exactly what it understands you to want, including the things you didn't realize you were asking for. From that model, everything else follows: separate your agents from your production data, give them only the access they need, review what they produce before you ship it, and treat your private data — credentials, customer records, API keys — as something no model provider should ever see.

What you'll learn

1The Wall, Up Close

  1. 1

    The database is gone — what happened when an agent went wrong

    The Replit incident, July 2025: what it actually means when an agent does exactly what it understands you to want.

    Quiz
  2. 2

    Security as an afterthought — the Tea app breach

    Researchers found textbook vulnerabilities in AI-assisted software shipped without security review. Why the mental model matters as much as the code.

    Quiz
  3. 3

    Agent speed cuts both ways — the destruction asymmetry

    The same property that makes agents fast makes their mistakes expensive. Understanding the asymmetry is the beginning of working safely.

    Quiz
  4. 4

    Review: The cost of the wall

    Three incidents, one structural lesson — and the mental model that the rest of this class builds from.

2The Untrusted Partner

  1. 5

    Not malicious, not cautious — the mental model that changes everything

    Why 'untrusted partner' is a more useful frame than 'assistant' — and what it means for how you work.

    Quiz
  2. 6

    What you handed the agent — the full permission surface

    Filesystem, environment variables, shell, the web. The first step to managing access is knowing what access you gave.

    Quiz
  3. 7

    The helpful agent that did exactly what you asked

    Agents have no model for irreversibility. Understanding how intent and execution can diverge — and how fast.

    Quiz
  4. 8

    What leaves your machine when you prompt

    The context window is a data channel. Understanding what you send and where it goes is part of working with AI securely.

    Quiz

3The Attack Surface You Created

  1. 9

    Prompt injection — when your content talks back to your agent

    Malicious instructions can be embedded in the content your agent reads. Understanding the attack and why it is hard to defend against.

    Quiz
  2. 10

    Supply chain — the package the agent just installed

    Agents install dependencies. Dependencies carry their own code. Not all of it is what it claims to be.

    Quiz
  3. 11

    The patterns attackers love in AI-generated code

    SQL injection, missing authorization checks, hard-coded secrets. The vulnerabilities agents introduce consistently — and why they look like finished code.

    Quiz
  4. 12

    The audit gap — faster than review

    Agents generate code faster than humans can review it. What you are actually trusting when you ship without a full review pass.

    Quiz
  5. 13

    Review: Know your surface

    Four attack vectors you created when you started using a coding agent — and the mindset that closes them.

4Your Data Is the Crown Jewel

  1. 14

    What private data actually means — and why it is always worth protecting

    Private data is more than passwords. Defining the categories and understanding why a church community builder's obligations go beyond their own interests.

    Quiz
  2. 15

    Never paste credentials into a chat

    What happens to text you put in a model prompt — and the habit that prevents the most common credential exposure in AI-assisted development.

    Quiz
  3. 16

    What the model provider sees

    Understanding the data relationship with the provider: what is transmitted, what is retained, and what it means to treat the context window as semi-public.

    Quiz
  4. 17

    How attackers find what you left unprotected

    The Tea case revisited: what attackers look for in quickly-built products, and how fast the window between 'deployed' and 'compromised' closes.

    Quiz
  5. 18

    Secrets management — keeping credentials out of the agent's reach

    Environment files, secrets managers, and the architecture that keeps your most sensitive values safe even as agents have broad access to your project.

    Quiz

5Separation as Defense

  1. 19

    The golden rule — production and agents do not mix

    The single most protective habit in coding agent security: structural separation between the environments agents can touch and the data that matters.

    Quiz
  2. 20

    Least privilege — give the agent only what it needs

    The principle of minimum necessary access applied to coding agent sessions: what it means, why it works, and how to implement it simply.

    Quiz
  3. 21

    Branch first, merge after — the human review gate

    Why every agent-produced change should live on a branch until you have reviewed it, and what to look for in a security-conscious review pass.

    Quiz
  4. 22

    Backups before access

    The rule that makes everything else recoverable: verify your backup strategy before you give an agent access to any data it could damage.

    Quiz
  5. 23

    Dev, staging, prod — the three worlds

    Why these three environments exist, what each one protects, and how to keep them separated in a solo agent-assisted workflow.

    Quiz

6The Accountable Builder

  1. 24

    You wrote it — even if the agent typed it

    Legal and ethical responsibility for agent-generated code, and what it means to own the outcome of what you ship.

    Quiz
  2. 25

    A practical pre-flight checklist

    The habits that compound: a short, consistent checklist that runs before every agent session and before every deployment.

    Quiz
  3. 26

    The right relationship with a powerful tool

    What you now know, what it gives you, and what you are ready to build.

Join the class to read each lesson and take the knowledge checks.