Show HN: Agent Vault – A HTTP credential proxy and vault for AI agents(github.com)

9 pointsby dangtony986 hours ago2 comments

hanyiwang6 hours ago
This doesn't change the fact that you'd still be able to exfiltrate data like sure they don't get credentials but if they get the proxy auth key then they would also be able to make requests through it no?
- dangtony986 hours ago
  Yeah so Agent Vault (AV) solves the credential exfiltration problem which is related to but different from data exfiltration.
  You're right that if an attacker can access the proxy vault then by definition they'd similarly be able to proxy requests through it to get data back but at least AV prevents them from gaining direct access to begin with (the key to access the proxy vault itself can also be made ephemeral, scoped to a particular agent run). I'd also note that you'd want to lockdown the networking around AV so it isn't just exposed to the public internet.
  The general idea is that we're converging as an industry on credential brokering as one type of layered defense mechanism for agents: https://infisical.com/blog/agent-vault-the-open-source-crede...
Remi_Etien6 hours ago
[dead]