Hide Secrets from AI Agents and NPM install using Airgap

nnetgusto about 5 hours ago 1 commentsRead Article on sauleau.com

ZH version is available. Content is displayed in original English for accuracy.

⚡ Community Insights

Discussion Sentiment

50% Positive

Analyzed from 79 words in the discussion.

Discussion (1 Comments)Read Original on HackerNews

blcknight•about 1 hour ago

How can an agent use these tokens then? If it sources the file can't it just read the env?

It also sounds like it is missing the important step of keeping the LLM credentials from the agents themselves. For example my GCP creds have access to far more than Vertex. This is solved by OneCLI and OpenShell via MITM proxies which seems more elegant to me. The tools live in containers and can't see anything but can use everything.

It also allows finer grained access controls, rating limiting, and there's talk of scanning for destructive actions.