|
|
|
|
|
|
by aleks2
100 days ago
|
|
|
Right now the module handles secrets at the infrastructure layer (Secrets Manager + KMS, IAM least-privilege for the EC2 instance), but you're right - agent-level credential scoping is a genuinely different problem that it doesn't address yet. Great feedback, adding it to the roadmap. On the CVE count - yeah, it really is a baseline hygiene problem, not a hardening problem. The hardening conversation can't even begin until you have a clean image. The fact that this is the default recommended deployment for a tool with 300K users is pretty telling about where the industry is right now. Everyone's shipping "deploy your AI agent in 5 minutes" experiences where minute six is when someone else's agent is running on your infrastructure too. |
|
|