According to @galnagli, RentAHuman—described as a platform where AI agents hire humans for physical tasks—exposed its entire user database, including 187,714 personal emails, which were discoverable within minutes using a few tokens and a single Claude Code command; as reported in Nagli’s X thread on Mar 13, 2026, the workflow demonstrates how LLM-powered code assistants can rapidly chain reconnaissance and misconfiguration exploitation, underscoring urgent needs for secret management, least-privilege database access, and automated leak detection. According to the same thread, the attack path relied on accessible tokens and weak access controls, highlighting immediate business risks for AI agent marketplaces handling PII and the necessity to implement environment variable hygiene, role-based access control, egress filtering, and continuous red-team simulations using agentic scanners.