{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreifamxfi3zhm3rlhtsfcka65zjytpqwnxqsi4vvvttlr6uvjdx47lm",
    "uri": "at://did:plc:lk3jfj3zq4k4wxnk474axylu/app.bsky.feed.post/3mkvjgix7cil2"
  },
  "path": "/t/how-should-ai-agents-safely-execute-real-api-actions/1380215#post_2",
  "publishedAt": "2026-05-02T20:48:04.000Z",
  "site": "https://community.openai.com",
  "textContent": "zsoltfazekas93:\n\n> The model should never see raw API credentials, OAuth tokens, JWTs, service tokens, or long-lived secrets.\n\nOf course not and not only completely unnecessary, but you’d never want an agent to have to work through predictable authentication steps itself anyway, let alone expose credentials to a remote LLM.\n\nYou simply deal with that with deterministic code within a local tool function on your own server.",
  "title": "How should AI agents safely execute real API actions?"
}