Claude Skill

Infisical/agent-vault

Agent Vault is a secure HTTP credential proxy and vault for AI agents like Claude Code, OpenClaw, and Hermes. Manage secrets, prevent leakage, and simplify rotation.

Overview

Stars1,785
Forks100
LanguageGo
Last pushed2026-06-30
Last synced2026-07-03
View on GitHub

Repository

OwnerInfisical
Repositoryagent-vault
Full nameInfisical/agent-vault
Repo ID1,194,056,092

Install this Skill

docker run -it -p 14321:14321 -p 14322:14322 \

Registry

Typemcp_server
Quality score80/100
Verificationreadme_parsed
Last verified2026-06-02
Platforms
ClaudeMCPOpenClawCodex
Capabilities
pdfimagevideoterminalagentsai-agentssecrets-management
Detected files
README.mddocsexamples
Config keys
ANTHROPIC_API_KEYINFISICAL_URLAGENT_VAULT_TOKENYOUR_TOKEN
Install methods
  • docker run -it -p 14321:14321 -p 14322:14322 \
  • npm install @infisical/agent-vault-sdk

Summary

Agent Vault is an HTTP credential proxy and vault designed for AI agents such as Claude Code, OpenClaw, Hermes, and custom agent harnesses. It securely manages and injects secrets into agent workflows, preventing credential leakage and simplifying secret rotation.

Chinese description

一个用于Claude Code、OpenClaw、Hermes、自定义代理及工具等AI代理的HTTP凭证代理与保险库。

Key features

  • HTTP credential proxy for AI agents
  • Secure vault for secrets and API keys
  • Seamless integration with Claude Code, OpenClaw, Hermes
  • Supports custom agents and harnesses
  • Prevents credential leakage in agent outputs
  • Built with Go for performance and reliability

Use cases

  • Inject secrets into Claude Code workflows
  • Securely manage API keys for OpenClaw agents
  • Provide credentials to Hermes agent harnesses
  • Centralize secret management for custom AI agents
  • Rotate credentials without modifying agent code

README excerpt

<p align="center"> <img src="assets/banner.png" alt="Agent Vault" /> </p> <p align="center"><strong>HTTP credential proxy and vault</strong></p> <p align="center"> An open-source credential broker by <a href="https://infisical.com">Infisical</a> that sits between your agents and the APIs they call.<br> Agents should not possess credentials. Agent Vault eliminates credential exfiltration risk with brokered access. </p> <p align="center"> <strong>New here? The <a href="https://infisical.com/blog/agent-vault-the-open-source-credential-proxy-and-vault-for-agents">launch blog post</a> has the full story behind Agent Vault.</strong> </p> <p align="center"> <a href="https://docs.agent-vault.dev">Documentation</a> | <a href="https://docs.agent-vault.dev/installation">Installation</a> | <a href="https://docs.agent-vault.dev/tutorial">Tutorial</a> | <a href="https://youtu.be/6dERVjLk0-Q">Video Demo</a> | <a href="https://infisical.com/slack">Slack</a> </p> <p align="center"> <img src="assets/agent-vault.gif" alt="Agent Vault demo" /> </p> ## Why Agent Vault Traditional secrets management involves returning credentials back to you applications and services. This breaks down with AI agents which can be tricked via [prompt injection](https://en.wikipedia.org/wiki/Prompt_injection) into leaking secrets. This is the problem of **credential exfiltration**. Agent Vault was created to solve credential exfiltration for all AI agents. Instead of giving AI agents credentals directly, you store them in Agent Vault (e.g. `ANTHROPIC_API_KEY`, `GITHUB_PAT`, etc.) and force your agents to route HTTP requests through it. Agent Vault intercepts every request and attaches credentials onto it before forwarding the request to the target outbound API. Features: - **Credential Brokering**

Topics

Explore more

Data from GitHub. Synced on 2026-07-03