How not to manage agent permissions

0 views
Skip to first unread message

Alan Karp

unread,
Dec 4, 2025, 5:38:33 PM (9 days ago) Dec 4
to <friam@googlegroups.com>
and what I'm up against.


There's a demo around 19:30 that implements something he earlier said was untenable.

--------------
Alan Karp

William ML Leslie

unread,
Dec 4, 2025, 9:25:40 PM (9 days ago) Dec 4
to fr...@googlegroups.com
What's the plan?

Offhand: iwbni all this talk finally gets the airline booking websites to remove page after page of upselling. it sounds like the use case people are talking about for Agentic Spicy Autocomplete is dealing with adversarial UX.

--
You received this message because you are subscribed to the Google Groups "friam" group.
To unsubscribe from this group and stop receiving emails from it, send an email to friam+un...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/friam/CANpA1Z2kK9pYhHrg3mg-gsdJ1CWQpmmK9fR2sSJjx8yt0kbfow%40mail.gmail.com.


--
William ML Leslie

Alan Karp

unread,
Dec 4, 2025, 10:59:51 PM (9 days ago) Dec 4
to fr...@googlegroups.com
On Thu, Dec 4, 2025 at 6:25 PM William ML Leslie <william.l...@gmail.com> wrote:
What's the plan?

I'm currently participating in a working group that is defining an access control model for AI agents.  The leading candidate is zcaps.  That would let you control which MCP tools your agent can use by giving it the right zcap.  

The competition is OAuth 2.1, which is running into all kinds of trouble as people find out all the ways it's not the right solution for this problem.

--------------
Alan Karp


Reply all
Reply to author
Forward
0 new messages