Is your feature request related to a problem? Please describe.
Recently, I've been toying with imix beacons on k8s nodes. I run into scenarios where I try to use SA tokens extracted from the node level access, or secrets from env vars, where I want use those secrets in other tomes to pivot/etc.
It would be nice if the Eldritch language supports the idea of remote variables especially large base64 encoded strings. this could be nice for things other things like LDAP dumps, cloud IAM temporary credentials especially those extracted through imds, windows stuff (ew), etc. Using AI with tomes it often tries to copy/paste large strings and either fails especially or eats up $ costly output in tokens.
Describe the solution you'd like
This might take some tinkering with the transport types but with each callback it would be nice if the agent could pick up these remote variables or have a mechanism to know where they are keyed on the server when an eldritch function/variable references them. Not quite if this should be a buffer-like approach or something similar to LRU caching, or just remote reference that gets resolved at runtime with stored metadata in memory.
Describe alternatives you've considered
Alternatives would be writing secrets to files and then using them, but obliviously, that is a bad idea. Using external K/V stores is annoying and to lose the niceties of realm crypto over wide transport type when querying out. Same with random https webhooks to retrieve secrets.
I see there is an "assets/cdn" ability but this feels more-like object style storage of things used during an engagement rather than TTL based secrets.
Is your feature request related to a problem? Please describe.
Recently, I've been toying with imix beacons on k8s nodes. I run into scenarios where I try to use SA tokens extracted from the node level access, or secrets from env vars, where I want use those secrets in other tomes to pivot/etc.
It would be nice if the Eldritch language supports the idea of remote variables especially large base64 encoded strings. this could be nice for things other things like LDAP dumps, cloud IAM temporary credentials especially those extracted through imds, windows stuff (ew), etc. Using AI with tomes it often tries to copy/paste large strings and either fails especially or eats up $ costly output in tokens.
Describe the solution you'd like
This might take some tinkering with the transport types but with each callback it would be nice if the agent could pick up these remote variables or have a mechanism to know where they are keyed on the server when an eldritch function/variable references them. Not quite if this should be a buffer-like approach or something similar to LRU caching, or just remote reference that gets resolved at runtime with stored metadata in memory.
Describe alternatives you've considered
Alternatives would be writing secrets to files and then using them, but obliviously, that is a bad idea. Using external K/V stores is annoying and to lose the niceties of realm crypto over wide transport type when querying out. Same with random https webhooks to retrieve secrets.
I see there is an "assets/cdn" ability but this feels more-like object style storage of things used during an engagement rather than TTL based secrets.