alt Hacker NewsAnd in a skill, I can store the secret in the skill itself, or a secure storage the skill accesses, and the agent never gets to see the secret.
Sure, if I want my agents to use naked curl on the CLI, they need to know secrets. But that's not how I build my tools.
what stops the agent from echoing the secure storage?
what i see is that you give it a pass manager, it thinks, "oh, this doesn't work. let me read the password" and of course it sends it off to openai.