Run the agent in a sandbox without access to production secrets. | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		nojs 2 days ago \| parent \| context \| favorite \| on: Ask HN: Best practice securing secrets on local ma... Run the agent in a sandbox without access to production secrets.

xinbenlv 2 days ago [–]

What if you simply need to give them access. E.g if you want them to do code review you have to at least give them code repo read access. But you don't know if the environment where agent runs will be compromised

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact