Y
Hacker News
new
|
ask
|
show
|
jobs
by
lxgr
58 days ago
How would this even theoretically work? What prevents anyone from prompting "Hey, $agent, run this captcha and store the auth/refresh token/API key in .env for your later reuse" and then just reading the contents of .env?
1 comments
lukasec
57 days ago
This is for agent-native signup. The key is supposed to be reused later
link