pub fn read_agent_key_envelope_from_env() -> Option<String>Expand description
Read the agent-key envelope from the AGENT_KEY_ENV env var, if set.
Plugin-side helper. Returns None if the variable is not set or is empty
— back-compat with hosts and plugins built before phase 1c.
This helper deliberately does no decoding or verification: the value
is an opaque base64 string here. Plugins that link newt-mesh (or
roll their own agent-mesh import) consume that string with
newt_mesh::plugin_envelope::caveats_from_envelope, which decodes,
signature-checks the chain, and extracts the attenuated [Caveats].
Keeping verification out of plugins-protocol is intentional: this
crate is the workspace crate, and the workspace forbids depending on
agent-mesh-protocol (see the workspace exclude list and
docs/decisions/mesh_integration.md). Plugins that don’t need
cryptographic verification can still call this helper and treat the
returned string as opaque.