Summary
ZeroClaw opened an RFC for a plugin permission, configuration, and secrets model. The proposal tackles fine-grained capability boundaries for WASM plugins, a key trust requirement as agent runtimes become extensible.
What changed
ZeroClaw issue #8398 introduced an RFC for plugin permissions, configuration, and secrets handling.
Why it matters
Extensible agent frameworks need permission models before plugin ecosystems can be safe at scale. Without clear secrets and capability boundaries, plugins can become a new route for credential leakage or policy bypass.
Evidence excerpt
Agents Radar identified issue #8398 as a same-day RFC for plugin permission, config, and secrets modeling with open questions around fine-grained capabilities.