| ▲ | simonw 4 hours ago | |
Right. If you're running a CLI tool that is authenticated there's effectively no way to prevent the coding agent from accessing those credentials itself - they're visible to the process, which means they're visible to the agent. With MCP you can at least set things up such that the agent can't access the raw credentials directly. | ||
| ▲ | zbentley 4 hours ago | parent [-] | |
This is right. It’s not about scoping auth, it’s about preventing secret misuse/exfil. (Moved from wrong sub) | ||