Skip to content
Thrivbe
← All experiments
ConcludedStarted July 5, 2026Updated July 9, 2026

What did we find when we security-audited an AI sales agent?

Security Audit of an Open-Source AI Sales Agent

  • Code review agents
  • Responsible disclosure

Relevant services: AI Digital Teammates · Thrivbe AI

Hypothesis

Before running any open-source AI agent that touches your contacts and sends email on your behalf, audit it like an attacker would. We wanted an AI sales-development agent for our own pipeline — the experiment was whether an agent-assisted security review could make a third-party agent safe to self-host.

What we built

A security-patched fork of an open-source AI SDR, reviewed end-to-end with our code-review agents before deployment: authentication surface, data handling, and outbound-sending paths. Issues we found were fixed in our fork and responsibly disclosed to the upstream maintainers. The patched instance now runs on our own server, sealed behind our private network.

Learnings

  • Treat every self-hosted AI tool as untrusted until reviewed — agents that can read your CRM and send email are exactly the wrong place to skip an audit.
  • AI-assisted review changes the economics: a depth of audit that used to be a consulting engagement now fits in an afternoon, which means there's no longer an excuse for not doing it.
  • Disclose upstream, always. Security findings you keep private make the ecosystem worse; ours were filed with the maintainers before we wrote a word publicly.

Log

  • 2026-07-09 — Findings disclosed upstream; patched fork sealed behind the private network.
  • 2026-07-05 — Audit run; fork patched and deployed internally.