# Why most AI fails at IDOR (and how AMAS fixes it with causal reasoning)

> Source: <https://dev.to/miou/why-most-ai-fails-at-idor-and-how-amas-fixes-it-with-causal-reasoning-517k>
> Published: 2026-05-25 15:42:49+00:00

Large language models are great at pattern matching.

Show them enough “vulnerable” examples, and they learn the *words* – not the *reason*.

That’s why they struggle with **logical vulnerabilities** like IDOR, privilege escalation, and workflow bypasses.

These attacks depend on *who* the actor is, *who* owns the resource, and *where* the trust boundary sits – not just on the presence of keywords like “authorization”.

**AMAS** (AI Multi‑Agent Security Analysis System) is a security reasoning substrate.

It doesn’t teach the model to memorise patterns.

It teaches it to understand **causality**.

Instead of “this is an IDOR”, AMAS models:

`train.jsonl`

ready for fine‑tuning, plus detailed manifests.Everything is **deterministic** (same seed → same dataset) and **scalable** (handles 200k+ CVEs).

After fine‑tuning a Mistral‑7B model on AMAS‑generated data:

Duplication dropped from **52% to <10%**, and domain corruption was **eliminated** in the latest pipeline.

Because the industry keeps building pattern‑matching scanners.

We need **reasoning engines**.

If you’re into AI security, causal ML, or synthetic data – let’s connect.

I’ll drop the repo link here as soon as it’s public.

*Comments and questions are very welcome. Let’s make AI actually understand security.*