How LangChain Protected Agents in LangSmith from Credential Leaks

LangChain updated LangSmith Sandboxes — it added Auth Proxy, an access control system for AI agents. Now credentials are not visible to agents themselves, and outbound connections are controlled at the infrastructure level.

The AI Agent Security Problem

AI agents need to interact with the real world: call APIs, make HTTP requests, connect to databases. To do this, they need API keys, passwords, and credentials. But if an agent is compromised — whether through a code bug or a malicious instruction in a prompt — it can steal this data and use it for unauthorized access. A single leaked admin API key can lead to a complete system breach. Previously, developers had to pass keys to the agent and hope it wouldn't steal them.

How Auth Proxy Works

Auth Proxy becomes an intermediary layer between the agent and external services. All credentials are now stored at the infrastructure level, not in code or agent environment variables. When an agent wants to call an API, the request goes through Auth Proxy. The system checks it, applies access rules, substitutes the necessary credentials, and allows the connection.

Auth Proxy features:

• Hiding API keys from agent code
• Filtering outbound connections by domain and IP address
• Auditing all requests using credentials
• Flexible access rules managed by the team
• Integration with secret management systems (AWS Secrets Manager, Vault)

Infrastructure Control Instead of Code Control

The key difference with Auth Proxy is that control is now in the infrastructure, not in code. Previously, the developer decided which data to pass to the agent. Now the security team can set rules: 'this agent can only call payment APIs', 'all connections through VPN', 'requests require manual approval'. Changing rules doesn't require rewriting code or recompilation — just update the configuration in the LangSmith Dashboard.

Practical Example

Imagine an agent that orders goods through a supplier's API. It needs a supplier key and a payment system key. Previously, both keys were passed to the agent's environment variables — if the agent was compromised, both were exposed. Now Auth Proxy acts as an intermediary: the agent simply says 'order goods'. Auth Proxy checks if it's allowed and inserts the necessary keys into the request itself. If needed, the system logs all operations and requires manual approval.

What This Means

Auth Proxy makes LangSmith safer for commercial and critical applications. Companies will be able to deploy AI agents in production without fear of credential leaks. This is especially important for payment operations, cloud infrastructure management, and access to private customer data.