# Pitfall Log

Project: lespaceman/agent-web-interface

Summary: Found 32 structured pitfall item(s), including 4 high/blocking item(s). Top priority: Security or permission risk - Security or permission risk requires verification.

## 1. Security or permission risk - Security or permission risk requires verification

- Severity: high
- Evidence strength: source_linked
- Finding: Developers should check this security_permissions risk before relying on the project: Add end-to-end acceptance suite for non-DOM surfaces
- User impact: Developers may expose sensitive permissions or credentials: Add end-to-end acceptance suite for non-DOM surfaces
- Evidence: failure_mode_cluster:github_issue | https://github.com/lespaceman/agent-web-interface/issues/90

## 2. Security or permission risk - Security or permission risk requires verification

- Severity: high
- Evidence strength: source_linked
- Finding: Developers should check this security_permissions risk before relying on the project: PRD: Unify non-DOM surfaces with snapshot action semantics
- User impact: Developers may expose sensitive permissions or credentials: PRD: Unify non-DOM surfaces with snapshot action semantics
- Evidence: failure_mode_cluster:github_issue | https://github.com/lespaceman/agent-web-interface/issues/85

## 3. Security or permission risk - Security or permission risk requires verification

- Severity: high
- Evidence strength: source_linked
- Finding: Developers should check this security_permissions risk before relying on the project: Represent permission and download non-DOM surfaces
- User impact: Developers may expose sensitive permissions or credentials: Represent permission and download non-DOM surfaces
- Evidence: failure_mode_cluster:github_issue | https://github.com/lespaceman/agent-web-interface/issues/88

## 4. Security or permission risk - Security or permission risk requires verification

- Severity: high
- Evidence strength: source_linked
- Finding: Developers should check this security_permissions risk before relying on the project: Update agent-web-interface skill for non-DOM surfaces
- User impact: Developers may expose sensitive permissions or credentials: Update agent-web-interface skill for non-DOM surfaces
- Evidence: failure_mode_cluster:github_issue | https://github.com/lespaceman/agent-web-interface/issues/89

## 5. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: Release v4.4.0
- User impact: Upgrade or migration may change expected behavior: Release v4.4.0
- Evidence: failure_mode_cluster:github_release | https://github.com/lespaceman/agent-web-interface/releases/tag/v4.4.0

## 6. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: Release v4.6.2
- User impact: Upgrade or migration may change expected behavior: Release v4.6.2
- Evidence: failure_mode_cluster:github_release | https://github.com/lespaceman/agent-web-interface/releases/tag/v4.6.2

## 7. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: Release v4.6.3
- User impact: Upgrade or migration may change expected behavior: Release v4.6.3
- Evidence: failure_mode_cluster:github_release | https://github.com/lespaceman/agent-web-interface/releases/tag/v4.6.3

## 8. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: Release v4.6.4
- User impact: Upgrade or migration may change expected behavior: Release v4.6.4
- Evidence: failure_mode_cluster:github_release | https://github.com/lespaceman/agent-web-interface/releases/tag/v4.6.4

## 9. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: Release v4.6.5
- User impact: Upgrade or migration may change expected behavior: Release v4.6.5
- Evidence: failure_mode_cluster:github_release | https://github.com/lespaceman/agent-web-interface/releases/tag/v4.6.5

## 10. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: Remove upload and handle_dialog MCP tools
- User impact: Developers may fail before the first successful local run: Remove upload and handle_dialog MCP tools
- Evidence: failure_mode_cluster:github_issue | https://github.com/lespaceman/agent-web-interface/issues/92

## 11. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: Security: high-severity DoS in transitive deps (ws@7.5.10, js-yaml)
- User impact: Developers may fail before the first successful local run: Security: high-severity DoS in transitive deps (ws@7.5.10, js-yaml)
- Evidence: failure_mode_cluster:github_issue | https://github.com/lespaceman/agent-web-interface/issues/93

## 12. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this installation risk before relying on the project: docs: README quickstart + CHANGELOG for install/doctor
- User impact: Developers may fail before the first successful local run: docs: README quickstart + CHANGELOG for install/doctor
- Evidence: failure_mode_cluster:github_issue | https://github.com/lespaceman/agent-web-interface/issues/73

## 13. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a installation risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/lespaceman/agent-web-interface/issues/86

## 14. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a installation risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/lespaceman/agent-web-interface/issues/92

## 15. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a installation risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/lespaceman/agent-web-interface/issues/87

## 16. Installation risk - Installation risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a installation risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/lespaceman/agent-web-interface/issues/73

## 17. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a configuration risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: capability.host_targets | https://github.com/lespaceman/agent-web-interface

## 18. Configuration risk - Configuration risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Developers should check this configuration risk before relying on the project: Release v4.5.0
- User impact: Upgrade or migration may change expected behavior: Release v4.5.0
- Evidence: failure_mode_cluster:github_release | https://github.com/lespaceman/agent-web-interface/releases/tag/v4.5.0

## 19. Capability evidence risk - Capability evidence risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: README/documentation is current enough for a first validation pass.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: capability.assumptions | https://github.com/lespaceman/agent-web-interface

## 20. Maintenance risk - Maintenance risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a maintenance risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://github.com/lespaceman/agent-web-interface

## 21. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: no_demo
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: downstream_validation.risk_items | https://github.com/lespaceman/agent-web-interface

## 22. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: no_demo
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: risks.scoring_risks | https://github.com/lespaceman/agent-web-interface

## 23. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a security or permission risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/lespaceman/agent-web-interface/issues/90

## 24. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a security or permission risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/lespaceman/agent-web-interface/issues/85

## 25. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a security or permission risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/lespaceman/agent-web-interface/issues/88

## 26. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a security or permission risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/lespaceman/agent-web-interface/issues/93

## 27. Security or permission risk - Security or permission risk requires verification

- Severity: medium
- Evidence strength: source_linked
- Finding: Project evidence flags a security or permission risk. Review the linked source before relying on this workflow.
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/lespaceman/agent-web-interface/issues/89

## 28. Capability evidence risk - Capability evidence risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this capability risk before relying on the project: Implement blocking dialog surfaces with synthetic controls
- User impact: Developers may hit a documented source-backed failure mode: Implement blocking dialog surfaces with synthetic controls
- Evidence: failure_mode_cluster:github_issue | https://github.com/lespaceman/agent-web-interface/issues/86

## 29. Capability evidence risk - Capability evidence risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this conceptual risk before relying on the project: Replace upload with file picker non-DOM surfaces
- User impact: Developers may hit a documented source-backed failure mode: Replace upload with file picker non-DOM surfaces
- Evidence: failure_mode_cluster:github_issue | https://github.com/lespaceman/agent-web-interface/issues/87

## 30. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: issue_or_pr_quality=unknown。
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://github.com/lespaceman/agent-web-interface

## 31. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: release_recency=unknown。
- User impact: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | https://github.com/lespaceman/agent-web-interface

## 32. Maintenance risk - Maintenance risk requires verification

- Severity: low
- Evidence strength: source_linked
- Finding: Developers should check this maintenance risk before relying on the project: Release v4.6.6
- User impact: Upgrade or migration may change expected behavior: Release v4.6.6
- Evidence: failure_mode_cluster:github_release | https://github.com/lespaceman/agent-web-interface/releases/tag/v4.6.6
