Today I Learned — Daily learnings
Without any credentials provided, the agent extracted plaintext passwords via SQL Injection, guessed the TOTP secret, and logged in as admin. The docs say 'without credentials, only public pages' — but attack chains bypass that.
Security Agent's SCANNER doesn't follow links from JSON responses. API-only apps need an HTML entry point with <a> tags or forms for the agent to discover endpoints.
Pentest with GitHub repo failed with 'Unable to reach GitHub repository'. The agent's test environment runs in the Agent Space subnet and needs internet access to pull source code. NAT Gateway fixes it.
The vpcConfig.subnetArns parameter is an array in the CLI schema, but passing more than one subnet returns 'Maximum of 1 subnet id is allowed'. Use the same subnet as your EC2 target.
Target Domain HTTP Route verification stays UNREACHABLE for private VPC domains — that's normal. The docs confirm this status means the domain is ready for pentesting with a configured VPC.
Adding a new directory to a Git Directory Generator-based ApplicationSet took about 8 minutes to auto-generate the Application. Use hard refresh for existing Applications or webhooks for faster feedback.
After fixing an IAM policy, ArgoCD's error backoff delays automatic retry. The argocd.argoproj.io/refresh=hard annotation triggers an immediate retry.
Using anyhow::Error in the retry_on_occ closure causes a compile error. The closure must return sqlx::Error, while retry_on_occ itself returns DsqlError — a two-layer error type design.
When the IAM policy is scoped to a specific repository ARN, accessing a non-existent repo returns AccessDeniedException, not 'repository not found'. Compare the IAM Resource ARN with the repoURL to debug.
When Bedrock Guardrails blocks a request in Strands Agents, the user input in conversation history is auto-replaced with [User input redacted.]. If user input disappears during debugging, this is why.