Sharp Edges Detection

Sharp edges are APIs, configurations, and patterns that are easy to use incorrectly. They work in the happy path but break in subtle, dangerous ways.

Three Adversary Types

When evaluating sharp edges, consider three types of users:

1. The Naive Developer

• Uses the API without reading docs carefully
• Copies examples from Stack Overflow
• Assumes defaults are safe
• Question: "Will this API hurt someone who doesn't know its quirks?"

2. The Malicious User

• Intentionally sends unexpected input
• Exploits race conditions and edge cases
• Chains small issues into big exploits
• Question: "Can someone deliberately trigger the bad behavior?"