AI Agents Quiz — AI Interview Prep

expert AI Agents

The Agent Security Sandbox Trap

Your code execution agent runs user-generated Python code via exec(). A user submits: import os; os.system('rm -rf /'). Your agent executes it. How do you prevent this without disabling code execution?

sandboxing capability-based security static analysis defense in depth

The Trap

LLM agents with unrestricted tool access are effectively RCE vulnerabilities. System prompts saying 'don't run dangerous code' are trivially bypassed.

Correct Approach

Defense in depth: (1) Sandboxed container (gVisor, Firecracker) with no network, read-only filesystem, resource limits. (2) Static analysis: AST-parse code, block dangerous imports (os, subprocess, socket). (3) Capability-based permissions: agent declares needed resources, sandbox grants only those. (4) Audit logging of all executed code.

Follow-up Questions

How does gVisor differ from Docker for security isolation?
What's the performance overhead of sandboxed execution?

Back to Categories

hard AI Agents

The Multi-Agent Communication Trap

You have a 'researcher' agent and a 'writer' agent. The researcher finds 20 relevant facts but the writer only uses 3, producing a shallow report. Passing all 20 facts fills the writer's context. How do you fix this?

multi-agent systems structured handoff information prioritization critic pattern

The Trap

Direct inter-agent communication with unstructured text loses information. The writer can't distinguish 'critical fact' from 'background context' when everything arrives as a wall of text.

Correct Approach

Use structured handoff protocols: researcher outputs a typed schema with priority-ranked facts, source citations, and relevance scores. The writer receives top-K facts sorted by relevance + full list as appendix. Consider a 'critic' agent that reviews writer output against researcher findings and requests revisions if coverage is low.

Follow-up Questions

How do you evaluate multi-agent system quality end-to-end?
What's the overhead of adding a critic/verifier agent?

hard AI Agents

The Agent Cost Runaway Trap

Your autonomous research agent is given a budget of $5 per task but routinely spends $50+ by making excessive API calls in loops. How do you implement cost governance without crippling the agent?

cost governance budget-aware planning tool cost estimation observability

The Trap

Token counters and API call limits are too coarse -- they kill the agent mid-task. The agent needs cost awareness built into its planning, not just hard cutoffs.

Correct Approach

Cost-aware planning loop: (1) Before each tool call, estimate cost and check remaining budget. (2) Cheaper tools first (cache lookup before API, small model before large). (3) Per-step budgets with warnings. (4) Budget checkpoint where agent justifies remaining spend. (5) Log cost per tool call for observability.

Follow-up Questions

How do you handle tasks that genuinely need more than the budget?
What's the UX for surfacing cost to end users?

hard AI Agents

The Stateless Agent Trap

Your customer support agent handles each message independently. Users complain it 'forgets' context mid-conversation. Simply passing chat history fills the context window after 5 turns. Fix this.

agent memory context compression entity extraction stateful agents

The Trap

Naive approaches either lose context (stateless) or explode context length (pass everything). The agent needs structured memory management, not raw conversation history.

Correct Approach

Implement tiered memory: (1) Working memory -- current turn + extracted key facts (name, order_id, issue). (2) Short-term memory -- compressed summary of last N turns. (3) Long-term memory -- persistent store (Redis/DB) keyed by user_id with structured facts. Extract entities each turn, update structured state, reconstruct context from state + last 2 raw turns.

Follow-up Questions

How do you handle memory conflicts (user corrects earlier info)?
What's the privacy implication of persistent agent memory?

expert AI Agents

The Tool Orchestration Deadlock Trap

Your multi-tool agent calls a search API, then a database API, then tries to call search again. The second search returns stale results because the DB write hasn't propagated. The agent loops infinitely. How do you fix this?

tool dependencies circuit breakers loop detection eventual consistency

The Trap

Agents that chain tools without understanding data dependencies create race conditions and infinite loops. The LLM doesn't inherently understand distributed system consistency guarantees.

Correct Approach

Add tool dependency metadata: declare which tools read/write which data. Implement a tool execution planner that respects data flow ordering. Add circuit breakers: max 3 retries per tool, exponential backoff. Detect loops by tracking (tool_name, input_hash) pairs -- if seen twice, break and summarize.

Follow-up Questions

How does a DAG-based tool planner differ from ReAct?
What monitoring would you add for production tool-use agents?

AI Agents

The Trap

Correct Approach

Follow-up Questions

The Trap

Correct Approach

Follow-up Questions

The Trap

Correct Approach

Follow-up Questions

The Trap

Correct Approach

Follow-up Questions

The Trap

Correct Approach

Follow-up Questions

Quiz Complete!