Replicante Core will interact with some secret manager tool (like Vault) to access secrets needed to interact with other services. The aim of this is to never have a secret in the configuration file!
Agents may support direct access to secret managers through code sharing or maybe even access secrets through some form of Replicante Core proxying approach. Whatever that will look like, it would be nice to avoid secrets in configuration files.