Smell #5: No Boundaries

Severity: Critical

No Boundaries: Allowing an AI agent to read and modify any file in your repository without explicit spatial, operational, or decision-making constraints.

Symptoms

How to recognize this smell:

[ ] An agent modifies a database schema file when you only asked for a UI fix.
[ ] An agent updates your package.json or .env files without asking.
[ ] You use prompts like "Explore the codebase and improve it."
[ ] You have no .cursorrules or configuration file limiting the agent's scope.

Self-Assessment

If you checked 2+ items, your agents are working without boundaries.

Example

The "Unbounded Agent" Disaster

Task: "Fix the layout of the TaskCard component." What the agent did:

Modified TaskCard.tsx.
Changed the global Tailwind config to add a new color.
Updated the database.sql to change a column name it thought was "inconsistent."
Deleted LegacyButton.tsx because it "seemed unused."

The Result: The UI looks great, but the production database is now broken and the admin dashboard (which used LegacyButton) is dead.

The Three Essential Boundaries

1. Spatial Boundaries (Scope)

Explicitly defining which directories the agent can touch. Example: "Allowed: /src/components/, Forbidden: /server/, .env"

2. Operational Boundaries (Permissions)

Defining which actions the agent can perform. Example: "Can create files, cannot delete files, cannot run scripts."

3. Decision Boundaries (Authority)

Defining which types of architectural choices the agent can make. Example: "Can implement logic but must stop at a checkpoint for state management changes."

Debt Impact

This smell contributes to:

| Debt Category | Impact | |---------------|--------| | 🏗️ ARCH | Random structural changes across the whole system. | | 🔐 SEC | Agents touching environment variables or security configs. | | ⚙️ OPS | Unpredictable breaking changes in distant modules. |

How to Fix

Inventory the Scope Creep: Find all files modified by the agent outside of the original task.
Implement .cursorrules: Create a configuration file that enforces team-wide boundaries (Chapter 14).
Rollback Destructive Changes: Revert any deletions or schema changes made by the agent.

How to Prevent

Use "Safe Zones": Only grant access to the specific folder needed for the task.
The "Forbid" Clause: Explicitly mention forbidden files in your prompts.
Mandatory Checkpoints: Use a tool that requires a "Human Signature" before any file write.

Related Smells

Smell #4: Over-Delegation — Boundaries are the cure for over-delegation.
Smell #7: Hidden Dependencies — Unbounded agents create more hidden threads.

Book Reference

Chapter 5: Agents Unleashed — the dangers of unbounded autonomy.
Chapter 14: Clean Agents — how to build and enforce boundaries.

Build safely with autonomous agents

Get Clean Vibe Code