Agents without secrets

Your agents never hold a real secret.

Production credentials live in Clawvisor's vault. Agents only ever receive opaque, scoped, short-lived handles. When a call goes out, the gateway swaps the handle for the real credential at the edge, so the secret is used without the agent, the logs, or the model context ever seeing it.
Handle, not a secret

Push the release tag to the billing-api repository.

release-agentexpires when task completes
Tools requested1
  • github.write

    autovault_github_…

    write
medium risk

The problem with secrets in context

The moment an API key or OAuth token reaches an agent, it lives in the model's context window, in tool transcripts, and often in logs. From there it can be exfiltrated by a prompt injection, leaked in an error message, or simply over-retained. And because those credentials are usually broad and long-lived, a single leak can mean rotating secrets across your whole stack under pressure.

How credential vaulting works

01

Secrets stay in the vault

Real credentials are stored encrypted in Clawvisor and never leave it. The agent is issued a handle like autovault_github_… instead.

02

Swapped at call time

When the agent makes a call, the gateway exchanges the handle for the real secret as the request leaves, so the agent never holds it.

03

Scoped & short-lived

Each handle works only for the tool and task it was issued to, and expires with the task. A stolen handle is useless out of context.

04

Rotate without redeploys

Rotate the underlying secret in the vault and every handle keeps working, with no agent code or config to touch.

Let your agents fly. Safely.

Free to start for solo developers. Sign up and put a gateway in front of your agents in minutes. No credit card required.