permissions

The author explores how software design might need to evolve when AI agents become regular users, discussing needs like durable state, collaboration rules, permissions, and audit trails.

The article discusses a shift in focus from AI agent capabilities to agent governance, highlighting recent product announcements from Microsoft, Noma, Netskope, Immuta, and Outreach that establish control layers for agent identity, permissions, and audit trails.

The article argues that the primary bottleneck for enterprise AI agents is not model performance but permissioning and governance, highlighting Workday's Sana system integrated with Google Gemini to ensure secure, authorized actions in regulated environments.

The article argues that the key issue with AI agents is not their capability but their scope of action, suggesting a graduated permission system based on risk rather than full autonomy from the start.

Datasette 1.0a31 introduces the ability to execute write queries and save stored queries (renamed from canned queries) for users with appropriate permissions, enhancing data editing capabilities.

Anthropic published an engineering writeup on sandboxing AI agents to limit blast radius, discussing permission scoping techniques.

Anthropic's engineering blog details how they contain Claude agents across products using sandboxing and access controls to cap the blast radius, sharing lessons from deploying Claude Code, Claude Cowork, and claude.ai.

IamAgent is an authorization layer for AI agents that pauses sensitive actions and sends push notifications to your phone for approval. It integrates with multiple agent frameworks and is free for personal use.

DCP is a product that provides encrypted permissions and keys for AI agents.

A tweet expressing concern that developers are granting AI agents overly permissive access to production environments, internal tools, and APIs without proper security understanding, highlighting a growing risk as these systems become more autonomous.

Supercut is a permission-aware AI tool that provides AI agents with access to recordings and metadata, aiming to streamline agentic workflows.

A developer built an SDK that adds identity, permissions, and audit capabilities to AI agent frameworks like LangChain and CrewAI, seeking feedback on its approach.

Discusses the control room concept behind Hermes Agent, arguing that a single agent addresses execution issues while an agent fleet tackles organizational problems, emphasizing that memory, permissions, routing, etc. are the true challenges.

After 8 months of deploying AI agents on real operational tasks, the author shares five unexpected engineering challenges: per-capability permissions, credential isolation via a connector proxy, durable approval gates, hard budget caps, and out-of-process audit logs.

The article asks about cross-server authorization challenges when multiple MCP servers (e.g., Gmail, Github, Slack) are used together in an AI agent session, and whether a dedicated authz layer is needed beyond per-server OAuth.

The article explores the emerging need for identity verification and permission management for AI agents, as agent-to-agent workflows and autonomous systems become more common, proposing concepts like signed tool manifests and agent certificates.

The article explores the idea of an open-source layer to orchestrate CLI usage by AI agents, addressing challenges like permissions, sandboxing, and audit trails when agents interact with multiple CLIs.

Claude Cowork now allows users to skip all permissions, a frequently requested feature.