---
id: "claim-generic-agents-are-liabilities"
type: "claim"
source_timestamps: ["00:05:43", "00:05:50"]
tags: ["security", "risk-management"]
related: ["concept-agentic-separation-of-concerns"]
speakers: ["Nate B. Jones"]
confidence: "high"
testable: true
validation_status: "strongly-supported"
sources: ["s08-real-problem-agents"]
sourceVaultSlug: "s08-real-problem-agents"
originDay: 8
---
# Generic agents with access are liabilities

## Claim

A generic agent (one without specific markdown configuration files defining identity and boundaries) that is given write access to your email or systems is **'actually worse than no agent at all, it's a liability with a chat interface.'** See [[quote-generic-agent-liability]].

## Substance

Without strict constraints — the kind enforced by [[concept-markdown-as-agent-os|a markdown OS]] and [[concept-agentic-separation-of-concerns|separated concerns]] — the agent is prone to:
- Hallucinations
- Incorrect actions based on misinterpretations
- Unauthorized writes (email sends, calendar invites, file deletions)

## External validation

**Strongly supported.** Enterprise implementations (e.g., [[entity-nemoclaw]]) stress guardrails like sandboxing precisely because unconfigured agents in claims processing could approve invalid payouts. This is why the [[concept-the-enterprise-gap|Enterprise Gap]] gets the security half right.

## Confidence
**High.** Testable: red-team a generic vs. configured agent on identical write-access scenarios.

## Related
- [[claim-magic-box-agents-fail]]