Open AI-Agent Incident Database Lists 32 Failures, Admits Its Gaps
ARE Incident Database catalogs 32 real AI agent failures mapped to OWASP ASI Top 10, with runnable repros and honestly flagged coverage gaps.
The ARE Incident Database is a public registry of 32 real, sourced AI agent failures — production databases dropped during code freezes, tens of thousands of documents deleted in the wrong environment, leaked credentials, budgets burned to zero. Each entry gets a stable ID and is mapped to a category in the OWASP Agentic Security Initiative (ASI) Top 10, functioning as cited evidence beneath that standard rather than a competing taxonomy.
What makes the project unusual is that its author grades his own security product against the same list. Of the 32 incidents, 23 are fully blocked and two are marked partial; the remaining four OWASP categories — memory/context poisoning, insecure inter-agent communication, human-agent trust, and rogue agents — are explicitly labeled as outside what an action-layer firewall can catch, with no attempt to claim otherwise.
Every covered entry ships a runnable code snippet readers can execute locally in seconds. A CI job scrapes those exact published snippets on every push and on a weekly schedule, asserting that the block actually fires, the guarded action never runs, and the process exits clean — turning each coverage claim into a continuously tested fact instead of static marketing copy.
For engineers evaluating agent-security claims, this offers something rare: a falsifiable, runnable baseline instead of unverifiable vendor promises. The project invites the community both to break existing entries and to submit new verified incidents.