Comment by silon42
6 days ago
Not just AI agents... basically, if you cd Projects/foo, that should be it's own user (for running npm, etc) that should not have access to parent user data (probably including github tokens, etc).
6 days ago
Not just AI agents... basically, if you cd Projects/foo, that should be it's own user (for running npm, etc) that should not have access to parent user data (probably including github tokens, etc).
> basically, if you cd Projects/foo, that should be it's own user
Agreed. I went further and turned that into its own isolated virtual machine. The credentials problem is really annoying though. AI agents need the access in order to be useful.
Why not both?