Appreciate the love :)

For AI Agents we have added token derivation to Ory Talos which allows you to exchange a static API key for a ephemeral, short lived, and restricted token. It can be both a JWT and a Macaroon (super interesting for caveats)!

However this would require GitHub to use Ory Talos and it‘s not a solution for third party credentials really.

So your project solves that need quite nicely, and I‘ll check it out in more detail today :)