Interlace ESLint
ESLint Interlace
Secure CodingRules

detect-llm-unrestricted-tool-access

Detect LLM agents with access to all tools without restrictions.

Detect LLM agents with access to all tools without restrictions.

OWASP LLM Top 10 2025: LLM06 - Excessive Agency
CWE: CWE-732
Severity: 🔴 High

Rule Details

Identifies LLM agents configured with unlimited tool access.

❌ Incorrect

const agent = {
  tools: allTools,
};

const executor = {
  tools: globalTools,
};

✅ Correct

const agent = {
  tools: [readUsers, searchDocs],
};

Options

{
  "secure-coding/detect-llm-unrestricted-tool-access": ["error"]
}

Best Practices

Define specific tool allowlists per agent role. Implement tool namespacing.

Version

Introduced in v2.3.0

Known False Negatives

The following patterns are not detected due to static analysis limitations:

Prompt from Variable

Why: Prompt content from variables not traced.

// ❌ NOT DETECTED - Prompt from variable
const prompt = buildPrompt(userInput);
await generateText({ prompt });

Mitigation: Validate all prompt components.

Nested Context

Why: Deep nesting obscures injection.

// ❌ NOT DETECTED - Nested
const messages = [{ role: 'user', content: userInput }];
await chat({ messages });

Mitigation: Validate at all levels.

Custom AI Wrappers

Why: Custom AI clients not recognized.

// ❌ NOT DETECTED - Custom wrapper
myAI.complete(userPrompt);

Mitigation: Apply rule to wrapper implementations.

detect-llm-infinite-loops

Detect potential infinite reasoning loops in LLM agents.

detect-mixed-content

Detects HTTP URLs in code that should use HTTPS, preventing mixed content vulnerabilities.

On this page

Rule Details❌ Incorrect✅ CorrectOptionsBest PracticesVersionKnown False NegativesPrompt from VariableNested ContextCustom AI Wrappers