Back to feed
Dev.to
Dev.to
5/9/2026
Politeness vs Enforcement: Why "Set HTTPS_PROXY" Isn't a Security Control

Politeness vs Enforcement: Why "Set HTTPS_PROXY" Isn't a Security Control

Short summary

Distinguish policy from enforcement: HTTPS_PROXY is asking nicely—agents can bypass via subprocess or prompt injection. Kernel-enforced controls (Linux UID separation, Kubernetes NetworkPolicy, nftables) actually prevent unauthorized egress. Evaluate vendors by whether they provide kernel-level guarantees or rely on voluntary compliance.

  • Policy controls (HTTPS_PROXY, system prompts, config allowlists) are voluntary—agents can bypass
  • Enforcement controls (kernel UID separation, NetworkPolicy, nftables) prevent agent circumvention
  • Real case: OAuth subprocess bypassed proxy by not inheriting environment variable

Generated with AI, which can make mistakes.

#ai-agents#ai-tools
Read full article at Dev.to

Is this a good recommendation for you?

Explore more

The Missing Layer in Agent Security
Dev.to
Have you ever told an AI 'never do this' and watched it do it anyway?
Dev.to
Pipelock Agent Egress Control: the missing CI primitive for AI agents
Dev.to
What the Pocket OS Incident Tells Us About Agentic Security
Dev.to