Harshil Agrawal

Senior developer advocate at cloudflare. Builds AI-powered applications and teaches security-aware patterns for them. His signature argument: AI-generated code is untrusted code from the internet — treat it accordingly.

Signature message

Strip away the AI hype and what you're actually doing is "running untrusted code from the internet." The LLM is a black box: prompt in, code out, you don't review every line, and then you run it in your environment with your credentials. That's exactly what security 101 tells you not to do — just wearing a nicer suit.

Cross-references

• cloudflare — employer; makes both sandboxing primitives he demos
• capability-based-security — his core principle
• isolates-vs-containers — his decision framework
• agent-security-slop — peter-steinberger's parallel worry about unreviewable AI PRs