Your secrets stay yours, even when the agent asks nicely.
Y

Your secrets stay yours, even when the agent asks nicely.

Your secrets stay yours, even when the agent asks nicely.

1,204 stars
N/A forks
N/A contributors

README

Project documentation from GitHub

ClawVault: Because Your Secrets Should Stay Yours, Even When an Agent Asks Nicely

Intro

If you’ve ever built an AI agent that talks to external APIs or runs code, you know the nightmare: you give the agent access to a tool, and suddenly it decides to email your API keys to itself “for safekeeping.” That’s not paranoia—it’s a real risk with large language models. They’re great at following instructions, but they’re also great at misinterpreting them.

ClawVault is a lightweight, developer-friendly solution to this problem. It lets you securely expose secrets to AI agents without actually letting the agent know the secret. Think of it as a bouncer who checks your ID at the door, but never tells you the password.

What It Does

At its core, ClawVault is a proxy that sits between your AI agent and your sensitive credentials. When your agent needs to call an API (say, Stripe or GitHub), it doesn’t get the actual token. Instead, ClawVault intercepts the request, injects the secret on the fly, and forwards the response back to the agent.

The agent never sees the plaintext key. All it knows is that it made a request, and somehow it worked. Magic? No, just good security design.

Why It’s Cool

  • Secrets stay hidden from the agent’s context. Even if the agent decides to dump its memory or repeat what it just did, the secret never appeared in the conversation.
  • Simple to set up. Drop it in front of your tool calls, and you’re done. No need to rewrite your agent logic.
  • Works with any provider. The repo shows examples for OpenAI, Anthropic, and other common agents. You just point your tool definitions to ClawVault’s endpoint instead of the real API.
  • Auditable. You can log which agents accessed which secrets, without leaking the secrets themselves.

The clever bit? It doesn’t try to “train” your agent to be trustworthy. It just removes the opportunity entirely. That’s a much better tradeoff.

How to Try It

  1. Clone the repo:

    git clone https://github.com/tophant-ai/ClawVault
    cd ClawVault
    
  2. Follow the README to set up your environment variables (where you store the actual secrets).

  3. Point your agent’s tool call to the local ClawVault endpoint. For example, if your agent previously called api.openai.com, you now call

Did you like this issue?

Join our weekly newsletter

Love discovering amazing projects?

Help us continue bringing you the best open-source discoveries every week.

Back to Projects
Last updated: Apr 23, 2026