Comment by hunterpayne
2 months ago
"which tracks for a non-expert"
So all agents then...because if you are an expert at a specific system, using a LLM probably slows you down, not speeds you up.
PS The article seems to imply that the token the LLM was given was a role based token. It then found ANOTHER token and used that instead.
Agree. My point is that other secret should have been inaccessible without an escalation. The fact that it was available to the agent implies a lack of basic security controls; in fact I would expect that an agentic workload would have even more robust compensating controls.