Skip to main content
AI Tool Radar
OSI-openComputer-use and autonomous agents

Agent Vault

Infisical

Credential broker that proxies agent traffic and swaps in real secrets, so the agent never sees them.

1.7k stars(as of 2026-06-26)View on GitHubHomepage
Overview

What is Agent Vault?

An open-source credential broker that sits between AI agents and their target APIs to prevent credential exfiltration via prompt injection. It intercepts outbound HTTPS traffic configured through HTTPS_PROXY and substitutes dummy placeholders with the real secrets, so the agent never sees the actual values, and adds egress filtering, short-lived token issuance and request logging with pluggable secret stores.

Analysis

Pros & Cons

Pros

  • Addresses a concrete threat (credential exfiltration via prompt injection) with a transparent HTTPS_PROXY integration, no agent code changes
  • Genuine MIT open core from an established secrets-management company (Infisical), with pluggable stores and egress filtering
  • Cross-platform binaries plus Docker and a TypeScript SDK, with a healthy release cadence

Cons

  • The API is explicitly 'subject to change'
  • The MITM-proxy model must terminate and inspect agent TLS traffic, adding a trust-critical component in the path
  • Mixed licence: the MIT core plus a source-available ee/ tier means some features are not OSI-open
License

License

MIT (OSI-open)

The open core is MIT; code under the ee/ directory is source-available under a separate Infisical enterprise licence (open-core), which is why GitHub reports the licence as mixed.

When it is interesting

You run agents that call external APIs with real secrets and want those credentials brokered and egress-filtered.

When it is too early

If you need a frozen API or a fully OSI-open feature set without the source-available enterprise split.

Context

Commercial alternative & related

  • Commercial counterpart: Doppler

This repo featured in the 2026-07 edition of the Open-Source AI Radar.

Similar repositories

UI-TARS-desktop

bytedance

36.2k

Native desktop app for a GUI/computer-use agent powered by the open-weight UI-TARS model.

OSI-openComputer-use and autonomous agents

strix

usestrix

25.9k

Framework of autonomous AI hacker agents for dynamic application security testing.

OSI-openComputer-use and autonomous agents

Page Agent

alibaba

18.5k

In-page JavaScript GUI agent - control any webpage with natural language, no headless browser or extension.

OSI-openComputer-use and autonomous agents