We Built a Claude Agent That Doesn't Know Its Own API Keys
listenlabs.aiI wonder how many applications have exactly the vulnerability… But I’m sure Anthropic is going to deprecate the SDK in 2 months and change it.
Yeah, this is exactly what I was thinking.
Maybe they’ll add the ability to sandbox the env variables from the agent’s bash execution via the Agent SDK settings at some point.