It would be great to have a credential manager that allows the agent to securely use credentials (like usernames and passwords) without having to expose them in prompts or code.
Motivation
Right now, if the agent needs to log into an app or website, credentials must be passed manually or embedded in the prompt — which is insecure and breaks separation of concerns.
Proposal
Introduce a CredentialManager that can:
- Load credentials from environment variables or secret files
- Expose them to the agent via tool calls or context (e.g.,
{{USER_NAME}}, {{PASSWORD}})
- Keep actual credential values out of the prompt and reasoning steps
Example tool interaction:
{
"tool": "fill_credentials",
"params": {
"username": "{{USER_NAME}}",
"password": "{{PASSWORD}}"
}
}The agent only sees placeholders, but during tool execution the credentials are securely resolved.
Benefits
- Keeps credentials out of prompts and logs
- Makes automation workflows safer and more modular
- Enables dynamic credential switching per run or per user
It would be great to have a credential manager that allows the agent to securely use credentials (like usernames and passwords) without having to expose them in prompts or code.
Motivation
Right now, if the agent needs to log into an app or website, credentials must be passed manually or embedded in the prompt — which is insecure and breaks separation of concerns.
Proposal
Introduce a
CredentialManagerthat can:{{USER_NAME}},{{PASSWORD}})Example tool interaction:
{ "tool": "fill_credentials", "params": { "username": "{{USER_NAME}}", "password": "{{PASSWORD}}" } }The agent only sees placeholders, but during tool execution the credentials are securely resolved.
Benefits