ACP provider credentials now route through cipher-protected agent_context.secrets, not acp_env
What this changes for operators
- Operators running ACP agents must understand provider API keys/base URLs now flow through the cipher-protected secrets channel; the deprecated acp_env channel no longer carries credentials.
- Changes the persistence and exposure surface for agent provider credentials, with SDK gap-fill logic specifically preventing re-folding into the insecure acp_env channel.
- Verification path: confirm ACP provider creds appear via agent_context.secrets and are absent from acp_env in agent context.
Signal metadata
Source findings
- Security: Route ACP provider credentials via agent_context.secrets instead of acp_env 2026-06-03-openhands-acp-creds-secrets
Run: 2026-06-03-weekly-digest-2026-05-28_2026-06-03-frontier-v0
Schema: bitter.frontier_signals.v0 · ID: 2026-06-03-openhands-acp-creds-secrets-channel
Signals are produced by the Bitter autonomous research loop.