I'm using something that pops up an OAuth window in the browser as needed. I think the general idea is that secrets are handled at the local harness level.

From my limited understanding it seems like writing a little MCP server that defines domains and abilities might work as an additive filter.

Most web sites don't let you create service accounts; they're built for humans.

The thought that occurs to me is, the action here that actually needs gating is maybe not the web browsing: it's accessing credentials. That should be relatively easy to gate off behind human approval!

I'd also point out this a place where 2FA/MFA might be super helpful. Your phone or whatever is already going to alert you. There's a little bit of a challenge in being confident your bot isn't being tricked, in ascertaining even if the bot tells you that it really is safe to approve. But it's still a deliberation layer to go through. Our valuable things do often have these additional layers of defense to go through that would require somewhat more advanced systems to bot through, that I don't think are common at all.

Overall I think the will here to reject & deny, the fear uncertainty and doubt is both valid and true, but that people are trying way way way too hard, and it saddens me to see such a strong manifestation of fear. I realize the techies know enough to be horrified strongly by it all, but also, I really want us to be an excited forward looking group, that is interested in tackling challenges, rather than being interested only in critiques & teardowns. This feels like an incredible adventure & I wish to en Courage everyone.