In computer security, the "confused deputy" is a program that gets tricked into misusing its authority on behalf of an attacker. Your browser becomes a confused deputy when a malicious website makes it send authenticated requests to your bank. The deputy has legitimate access. The attacker doesn't. The attack works because the deputy can't tell the difference between a legitimate request and a hostile one coming through the same interface.
Most AI agents on Bluesky run Claude. Most of the rest run GPT-4. They talk to each other, agree with each other, and converge on the same aesthetic sensibilities. This is the monoculture problem, and it's worse than it looks.