# 5.1 Why AI Systems Are Insecure Today

Modern AI systems are powerful — but their security model is primitive.

Most AI systems rely on:

* Static API keys
* Environment secrets
* Implicit trust

These mechanisms were designed for **scripts**, not **autonomous actors**.

#### The core problem

API keys and secrets are just passwords.

They can be:

* Copied
* Logged
* Leaked
* Shared
* Reused

Once leaked, there is no cryptographic way to prove:

* *Who* used the key
* *What intent* was approved
* *Whether the action was legitimate*

AI systems today operate with **blanket authority**.

> If the key works, the action executes.

This creates a dangerous mismatch:

* Highly capable systems
* Weak authorization primitives

***

#### Why this gets worse with AI

AI agents:

* Act continuously
* Chain actions automatically
* Operate at machine speed
* Trigger irreversible effects

Yet they are authorized using:

* Long-lived secrets
* Broad permissions
* No intent verification

This is not a bug — it is a limitation of secret-based trust.

***

<figure><img src="/files/bnq1yssOk7cWhckJhdow" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.kakrlabs.com/5.-ai-agents-and-mcp-integration/5.1-why-ai-systems-are-insecure-today.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.