Problem 1: Agents generate code. Sometimes that code contains secrets — API keys from the system prompt, database passwords from memory files, tokens from environment variables. If this code gets committed, the secrets are exposed.
Problem 2: Your agents have too many permissions. The PM agent doesn't need file system access. The reviewer doesn't need deploy permissions. Every excess permission is an attack surface.
Rex — Secrets Detection and Permission Auditing
Problem 1: Agents generate code. Sometimes that code contains secrets — API keys from the system prompt, database passwords from memory files, tokens from environment variables. If this code gets committed, the secrets are exposed.
Problem 2: Your agents have too many permissions. The PM agent doesn't need file system access. The reviewer doesn't need deploy permissions. Every excess permission is an attack surface.