Whenever the AI agent generates tests for user flows on your page, or when the test runner executes those tests, requests are sent to your application. Depending on the volume of requests and your app’s configuration, this activity might be mistaken for an attack and potentially cause issues.
The AI agent generates test cases based on user flows on your site, much like a human would interact with your application. However, the agent typically operates faster than a human and may run multiple test generations in parallel. As a result, this behavior can sometimes trigger CAPTCHAs or be flagged as suspicious activity.
When you “run all” tests or a scheduled run occurs on a given test target, all active test cases are run at once and with up to 20 parallel browser sessions.
This can lead to either an overload of your application or a rate limiter getting active, if you have one in place.
If your application requires a login, the configured test user is used for the AI test case auto-generation as well as for the test runs. This could also lead to hitting a limit of allowed logins, depending on your login system.
If you are using a 3rd party login service, there are most likely security configurations in place that prevent users from logging in too frequently.