APILama

    Three cyberpunk characters examining a holographic open source repository with warnings about trust corruption and vulnerabilities.
    , ,

    The Open Source Loophole: Why Software Licenses Are Broken in the Age of AI Agents

    MIT, GPL, Apache — these licenses were written for humans. In 2026, AI agents are reading, rewriting, and executing code autonomously. The legal framework hasn’t caught up. Here’s what needs to change.

    Michael Petychakis
    4–6 minutes
    , , , , ,

    There is a legal fiction at the heart of modern software development, and in 2026 it is becoming impossible to ignore.
    The MIT License says: “Permission is hereby granted, free of charge, to any person…”
    A person. A human being. Someone who can read, understand, and be held accountable.

    Your AI coding agent is not a person. It does not read licenses. It does not understand attribution requirements. It does not care that the function it just synthesised was trained on GPL-3.0 code. And when it publishes a malicious npm package — or accepts a SaaS EULA on your company’s behalf — there is no legal framework that cleanly assigns responsibility.

    We built the open source ecosystem on a handshake between humans. That handshake is now being executed by machines, at scale, in milliseconds. The contracts haven’t changed. The world has.

    Three Ways the Current System Is Already Breaking

    1. The GPL Laundering Problem

    The copyleft principle is elegant in theory: use GPL code, and your derivative work must also be GPL. It was designed to keep the commons open by making openness viral.

    AI coding assistants have quietly broken this mechanism.

    When a developer prompts an LLM to “refactor this authentication module,” the model may synthesise output that is functionally derived from GPL-licensed training data — without triggering the viral clause, because no human copied anything. The Doe v. GitHub litigation (ongoing since 2022) and the GEMA v. OpenAI case in Germany are both probing exactly this boundary: at what point does AI-generated output constitute a derivative work?

    Courts are moving slowly. The tooling is moving fast. In the gap between them, entire codebases are being quietly laundered of their license obligations.

    This is not a theoretical risk. It is happening in production today.

    2. Who Clicks “Accept”?

    I wrote recently on X about how “shift left” security is failing because we shifted the responsibility, but not the leverage:

    “Asking developers to manually vet every npm package update in an era where AI agents can generate and publish malicious packages in seconds is a losing battle. We need automated, device-level zero-trust policies, not just better PR checklists.”

    The same logic applies to software licensing and EULAs. Autonomous AI agents are now spinning up SaaS integrations, accepting terms of service, and entering into contractual relationships on behalf of organisations — without any human in the loop. Stanford Law’s CodeX centre flagged this as early as 2025: the entire architecture of contract law assumes a human party who can consent.

    When your MCP-enabled agent accepts Stripe’s API terms at 3am to complete an automated workflow, who signed that contract? Your company? The agent? The model provider? Nobody has a clean answer.

    The legal exposure here is not hypothetical. It is a compliance time bomb sitting inside every agentic workflow deployed today.

    3. The Per-Seat Pricing Collapse

    This one is more immediately practical, and it is already showing up in CFO conversations.

    Enterprise software has been priced for humans since the 1990s. Per-seat licensing assumes one user, one login, one session. The Rule of Two model I described earlier this year — two humans plus AI tools as the optimal shipping unit — means a team of two engineers might now be running dozens of concurrent AI agent sessions against tools licensed for two seats.

    Are those agents “users”? Most SaaS contracts have no answer. Some vendors are starting to add “agent access” clauses. Most haven’t. The result is a grey zone where technically compliant usage and practical usage have completely diverged.

    This is not just a legal problem. It is a pricing model problem, a vendor relationship problem, and an audit risk problem — all at once.

    What Needs to Change

    The honest answer is that software licenses need to be rewritten from first principles for an agentic world. That is a decade-long project. But there are three things that can happen now.

    First, licenses need machine-readable intent. The SPDX standard is a start, but it was designed for cataloguing, not enforcement. We need license metadata that an AI agent can parse, verify, and act on at runtime — embedded in the package, cryptographically signed, not just in a README that no agent will read.

    Second, the “person” definition needs updating. The OSI and FSF need to address whether AI-generated outputs constitute derivative works, and under what conditions. The RAIL (Responsible AI Licenses) initiative has made early attempts at this, but adoption is minimal. The open source community needs to treat this as urgently as it treated the GPLv3 response to Tivoization in 2007.

    Third, organisations need agentic compliance policies now, not later. Not because the law requires it — it doesn’t yet — but because the audit exposure is real. Every AI agent that touches a licensed dependency, accepts a EULA, or generates code is creating a compliance event. Most companies have no record of any of it.

    I have been writing about the structural implications of the agentic web for years — from my PhD-era work on semantic web protocols to the 100x Agent Illusion piece that argued we must engineer the system, not just the code. The licensing gap is exactly the kind of systemic failure that happens when you deploy new infrastructure on top of old assumptions.

    The infrastructure is here. The assumptions haven’t been updated.

    The Bottom Line

    MIT, GPL, Apache — these are beautiful documents. They represent decades of careful thinking about how software should flow through the world. They were written for a world where humans wrote code, humans read licenses, and humans bore responsibility.

    That world is gone.

    The question is not whether software licenses need to change. They do. The question is whether the open source community, the legal profession, and the engineering industry will move fast enough to write the new rules before the old ones become entirely meaningless.

    // the license was written for a human. the commit was made by an agent.

    // who owns the diff?

    Related reading on APILama:

    From DeepGraphs to MCP: How I Predicted the Agentic Web a Decade Ago
    The 100x Agent Illusion: Why We Must Engineer the System, Not Just the Code
    Building Software with the Rule of Two: A New Strategy for 2026+
    Data Privacy and APIs

    Leave a Reply

    Trending

    Discover more from APILama

    Subscribe now to keep reading and get access to the full archive.

    Continue reading