Those of you running AI agents in prod — how are you actually managing their permissions?
Summary
The article asks how engineers manage permissions for AI agents in production, highlighting common problems with broad access and lack of audit trails.
Similar Articles
People running agents in production: how do you control what they're actually allowed to do?
A developer seeks advice on how to control and bound AI agents' actions in production environments, particularly when they interact with real systems like databases and customer data, asking about current practices and whether this is a known headache.
How are you handling authority/permissions for AI agents that can take real actions?
A discussion thread seeking input on how to handle authority and permissions for AI agents that take real actions, including audit trails and scope of permissions.
Broad tool permissions are the wrong abstraction for production agents
The article argues that granting broad tool permissions to AI agents is an inadequate abstraction for production environments, suggesting more granular control is needed.
How to prevent AI agents from taking unintended or harmful actions in production
A developer discusses challenges in deploying AI agents to production without causing unintended harm, seeking advice on control mechanisms like least privilege, shadow mode, rate limits, and approval workflows.
How much do you actually let an AI agent touch in production?
Discussion about scoping permissions for AI agents in production to avoid dangerous database actions, suggesting read-only mirrors, approval steps, or hard walls between suggestion and execution.