Does this prevent a compromised agent from using the secret, or just seeing it? I’m thinking, if an agent gets hit with a prompt injection, could it still tell the vault to proxy a request that wipes a database for example, even if it never sees the actual API key?
Does this prevent a compromised agent from using the secret, or just seeing it? I’m thinking, if an agent gets hit with a prompt injection, could it still tell the vault to proxy a request that wipes a database for example, even if it never sees the actual API key?