People are addressing that gap. I have a secure agent framework that uses a tool gateway hooked up to OPA (https://github.com/sibyllinesoft/smith-core), this solves the credential issue as the credentials live in the tools, and the authz issue, as OPA policy controls who does what.
People are addressing that gap. I have a secure agent framework that uses a tool gateway hooked up to OPA (https://github.com/sibyllinesoft/smith-core), this solves the credential issue as the credentials live in the tools, and the authz issue, as OPA policy controls who does what.