Matthew Garrett1d ago

You have an agent running on your local system. You want it to have access to a restricted set of things, both locally and remote. What is the technical mechanism you use to ensure that it has a subset of the access that you, as an individual logged into the same system, do?

(I am uninterested in "Don't run an agent" because while yes I see your point that doesn't mean it's not happening and security professionals have to deal with what's happening not what we want to be happening)

Show threadAsh1d ago
@mjg59 https://leash.strongdm.ai/ looks promising
Leash by StrongDM — Security for AI Agents

Security, visibility, and authorization for AI agents. Sandboxed execution, MCP authorization, and policy enforcement from development to production.

Leash
Show threadcoldclimate
@ash @mjg59 StrongDM are doing some bleeding edge stuff. Which isn't normally what I want from a company selling that sort of product, but....
Apr 2 at 8:42amWeb
Show threadMatthew Garrett1d ago
@coldclimate @ash It's very funny that in this case the industry is in the process of rejecting the at least somewhat designed bleeding edge thing so it can return to just having a script execute a random tool that has its own auth token