This is cool! How, if at all, are you thinking about sequences of permissions in a given session? Like, ratcheting down the permissions, e.g., after reading a secret?
Everyone here firing shots at this guy should try holding their tongues.
You/we are all susceptible to this sort of thing, and I call BS on anyone who says they check every little thing their agent does with the same level of scrutiny as they would if they were doing it manually.
There's a set of common needs across these gateways, and everyone is building their own proxies and reinventing the wheel, which just feels unnecessary.
~All of our customers at Oso (the launch partner in the article) have been asking us how to get a handle on this stuff...bc their CEO/board/whatever is asking them. So to us it was a no-brainer. (We're also Tailscale customers.)