Comment by yakkomajuri

I've been thinking a lot about securing autonomous agents recently and the rabbithole goes deep as you might expect.

One of the principles I believe you should follow is: if there's enough access for an action to be taken, then you must assume that action can be taken at any point.

Basically, if it has access to delere prod data, you should assume it might do it and plan accordingly.

I also believe the actions of your agent are entirely your responsibility.

As part of my digging into securing these systems I've baked some of these principles into AgentPort, a gateway for connecting agents to third-party services with granular permissions.

If anyone's interested in this space:

https://github.com/yakkomajuri/agentport