@ada is unrestricted access to password vault better than explicit access to .env tho?
If you require people to explicitly allow certain credentials which model can access, via .env or whatnot, it gives more opportunities for them to think what model might actually need, instead of just "oh you want to use pm to get credentials? sure just log in 🥰"
I mean sure people will use those in a wrong way regardless, but I feel making it easier to misuse it is not the way to fix this