Keycard

The full conversation covers execution-time access control, agent identity as a new category, and the shadow IT signals that indicate agents are already operating without governance. Watch here ↓ tfir.io/ai-agent-ident…

One point that doesn't get enough attention: consent fatigue is a real production risk. When agents prompt humans to approve every tool call, users say yes to everything. That creates the conditions for accidental privilege escalation.

AI agents inherit full user privileges by default. There's no native mechanism in current IAM systems to scope agent access below the level of the delegating human. Keycard CEO @ianlivingstone sat down with @tfir_io to talk about why the identity model needs to change ↓

@KimMaida built the Lockbox raffle agent and wrote up the full architecture ↓ keycard.ai/blog/i-built-a…

Every tool call independently obtained a scoped credential, used it once, and discarded it. Write actions required human approval. Reading PII required separate approval. Policy was evaluated before any token was issued. The prizes were real. The data was real. After dozens of live runs at RSA, we never had to recover deleted data.

Most expo booths run raffles with badge scans. For @OneRSAC, we built an agent that runs the raffle, so entering it was the demo. Then we offered to rig it in the visitor's favor 🧵

This is how we integrated with @openclaw ↓ keycard.ai/blog/securing-…

Change a policy rule and the next tool call sees it. No restarts. Every credential exchange is logged: who requested what from which resource, when, and whether it was allowed. Keycard shows what actually happened at every step.

@openclaw manages calendars, pushes code, queries CRMs, monitors infrastructure, and delegates to sub-agents. It holds every key, all the time. Persistent agents that run 24/7 with access to production services are different than coding agents 🧵

Forbes dug into why the trust model wasn't built for agents, and what we're doing about it with @smallsteplabs ↓ forbes.com/sites/tonybrad…

Full details on the partnership are here ↓ keycard.ai/blog/bringing-…

Agents find credentials on disk, pull them into context, and send them through tool calls. 29 million secrets leaked on @github last year alone. The problem isn't the leak. It's that nothing verifies where they're replayed from. 🧵

April 2, 6:30 PM, 180 Townsend St, SF. Food and drinks provided. Space is limited and registration requires approval, so RSVP early ↓ luma.com/lu4qcfd4

Taking agents from demo to production is where most teams get stuck. MCP, auth, tool orchestration, governance: the pieces exist, but wiring them together is the hard part. On April 2 in SF, we're co-hosting AX Night with @StainlessAPI for an evening of demos and Q&A with speakers from @OpenAI, @googlecloud, @vercel, Keycard, and Stainless.