Not just AI agents... basically, if you cd Projects/foo, that should be it's own user (for running npm, etc) that should not have access to parent user data
(probably including github tokens, etc).
reply> basically, if you cd Projects/foo, that should be it's own user
replyAgreed. I went further and turned that into its own isolated virtual machine. The credentials problem is really annoying though. AI agents need the access in order to be useful.
Why not both?
replyThis is what I'm advocating for.
replyGive each dev's AI agent its own identity with its own access controls and tokens and everything.
It helps solve both the access control and attribution issues
As long as there’s a way to deterministically tie a model call to a human user. I think a loss of culpability is something some companies are afraid of to some extent.
replyLoss of liability is what company are built for, see the meaning of LLC as an exemple.
replyOf course, it is only their employees that are impacted instead of their bottom line, they might be more tolerant?