OpenClaw - The tweet argues that OAuth is the wrong
The tweet argues that OAuth is the wrong primitive for AI agents, as it was designed for user-to-app access, not the thousands of ephemeral agents in the AI tool ecosystem, and a compromised OAuth app can expose all its held tokens.
Description
In agentic era OAuth is the wrong primitive for AI agents. It was designed for "user grants app access to account", but AI tools aren't one user, they're thousands of ephemeral agents operating at machine speed. When an OAuth app gets compromised, every token it ever held is now https://t.co/wT2d1bl47a
Impact
The tweet argues that OAuth is the wrong primitive for AI agents, as it was designed for user-to-app access, not the thousands of ephemeral agents in the AI tool ecosystem, and a compromised OAuth app can expose all its held tokens.
Attack Vectors
- plugins
- MCP servers
- integrations