Skip to content

CONCEPT Cited by 1 source

Ephemeral credential injection

Definition

A security pattern for multi-user agent sandboxes where user credentials are injected into the sandbox environment only for the duration of a single command execution, then immediately removed. The credential is never written to disk and never persists at rest in the sandbox.

Properties

  • No credential at rest: if the sandbox is later inspected, snapshotted, or compromised, there is no token to steal — because there never was one stored.
  • Per-command scope: each authenticated command receives the token transiently in its process environment; subsequent commands require fresh injection.
  • Invisible to user: the user authenticates once; the harness handles injection transparently per-command.
  • Multi-user safe: in shared-server architectures (multiple user sessions on one agent process), each user's commands run with their own credentials in their own isolated sandbox.

Distinction from credentialed proxy

The patterns/credentialed-proxy-sandbox routes all calls through a proxy that injects credentials server-side. Ephemeral credential injection is simpler: the credential lives in the sandbox's process environment for one command's lifetime, but never on disk. Both achieve "sandbox holds no long-lived secret"; they differ in where the credential exists transiently (proxy vs. command environment).

Seen in

Last updated · 542 distilled / 1,571 read