top | item 46933261

(no title)

__alexs | 21 days ago

Why would secrets ever need to be available to the agent directly rather than hidden inside the tool calling framework?

discuss

Creator of Matchlock here. Mostly for performance and usability. For interacting with external APIs like GCP or GitHub that generally have huge surface area, it's much more token-efficient and easier to set up if you just give the agent gcloud and gh CLI tools and the secrets to use them (in our case fake ones), compared to wiring up a full-blown MCP server. Plus, agents tend to perform better with CLI tools since they've been heavily RL'd on them.

__alexs|21 days ago

That doesn't add up to me at all. Agents are RLd on tool usage just as hard and you can provide an "authed API call" tool to whatever you want.

bjt12345|21 days ago

Token efficiency is a good argument actually.

rfoo|21 days ago

Sometimes people are too lazy to write their own agent loop and decided to run off-the-shelf coding agent (e.g. Claude Code, or Pi in case of clawdbot) in environment.

unknown|21 days ago

[deleted]

_pdp_|21 days ago

Exactly.