API keys
Keep keys on the server side and never expose production credentials in browser code, prompts or public MCP configuration. Use separate keys for sandbox, staging and production.
Rotate keys regularly.
Use least-privilege scopes for tools.
Log key identifiers, not secret values.
Agent runtime guidance
When an AI agent calls tools, the model should never see raw credentials. Your runtime should inject credentials at execution time and redact them from traces.