Show HN: Tired of duct-taping access control into agent prompts. Here's the fix

I just gave my agents a keychain tool that expands prefixed environment variables automatically into their shell. Can work locally or against a cloud key vault. Done.

Hi HN, Yao here. Most frameworks are built for one developer, one agent. The moment a team shares infrastructure, people end up duct-taping row-level access into the prompt and hoping the model doesn't argue past it. I got tired of that.

Cast is a harness for multi-user, multi-agent systems: one server, a handful of people with their own identities, a fleet of agents handling different things and talking to each other when they need to. Agents are skills and CLAUDE.md, not Python classes, so you can focus on launching quick and refining the agent based on real usage. MIT, self-hosted, runs on a Mac Mini.

Cast puts access control in the routing layer, not the prompt. Each agent runs in its own container with actual filesystem boundaries. Identity verified before the agent sees the conversation (Slack, telegram, etc). Credentials never mounted in.

Developer alpha. Looking for teams that have hit the multi-user Claude Code wall and want to try this out. github.com/yaodub/cast. MIT. BYO Claude key.

The repo is showing initial commit of the entire codebase "6 minutes ago", and this was posted an hour ago? Are we time travelling now?

Cool — multi-user, multi-agent, virtual envs, single machine, is probably where most agentic DIY systems need to be going!

this looks very cool, it’s genuinely hard to manage all my claudes sometimes and i’ve tried to build something like this as well, though with much less success

[dead]