[dangtony98]

It prevents a compromised agent from seeing the secret. There are two different but related problems here: credential exfiltration and data exfiltration.

The problem that Agent Vault (AV) solves is the former while the latter requires more guardrails beyond the scope of AV.

In the event that an agent is compromised, are you are at least able to revoke its access since request/data flow runs through AV; the malicious actor does not get any credentials.

Now if the attacker was to obtain credentials in the first place, you'd be stuck chasing down hundreds, if not thousands, of secrets especially if the agent was part of a multi-tenant system doing things on behalf of users.