logoalt Hacker News

lifthrasiirtoday at 7:19 AM0 repliesview on HN

I think it is already done via a subagent, otherwise the context window would be flooded with long responses. In this case the subagent should've reported that a (attacker-controlled) authorization is required anyway.