Comment by GTP
9 hours ago
Maybe I'm not getting it either, but it looks like you're imagining a scenario where you deploy multiple instances of the agent, one per user, and then each one gets a different access level based on a key. Is this correct?
Not imagining it, using it in prod. Not sure how you define "multiple instances" here but basically, one agent with multiple concurrent conversations. Access level is based on the point of ingress to the agent, limitations are mechanical (tool access) and semantic (affecting posture, not a true security boundary but you can inflence behavior per entrypoint).