Keychains.dev is a secure credential proxy for AI agents. Use "keychains curl" as a drop-in for curl — just replace hard-coded credentials with template variables like {{GITHUB_TOKEN}}. Keychains injects real credentials server-side. Your agent never sees raw secrets — immune to prompt injection by design. Users approve each permission with one click and can revoke access anytime. Full audit trail. Works with 11,000+ API providers (OAuth, API keys, basic auth).
Hey Product Hunt! Happy to be hunting Keychains.dev today.
**Clawbot** and **OpenClaw** are incredible tools for giving AI agents real-world capabilities. But they both share the same concern: **"Wait, the agent has my raw API keys?"**
Prompt injection, leaked context windows, malicious plugins — once your credentials are in an agent's memory, you've lost control. A lot of people hold back from adopting agentic workflows because of this.
**Keychains.dev** solves exactly this problem with an elegant approach:
Your agent uses `keychains curl` instead of `curl`. Instead of hard-coding secrets, you use template variables like `{{GITHUB_TOKEN}}`. Keychains injects the real credentials **server-side** — the agent never sees them.
If you've been building with AI agents but felt uneasy about the security side, this is the missing piece. It's the kind of trust layer that makes the whole agentic ecosystem viable.
Give it a try — would love to hear what you think!
Congrats on launching, @severin__. The secure approach to managing credentials is impressive. How do you plan to drive initial ?
How do you think about trust and privacy tradeoffs in the proxy layer—what data must you see to inject auth and provide an audit trail, and what design choices let teams keep request/response bodies out of your infrastructure?
This is a great idea. Have you thought about expanding it to also support traditional website passwords, so agents couldn’t access those either? Curious whether you see this eventually replacing tools like 1Password, or staying focused purely on developer/API secrets.
Huge congrats on launch! Love the secure proxy model and zero‑secret agent design.
I've made keychains.dev to be able to use the limitless power of AI agents like OpenClaw, without having afterthoughts about if it's properly keeping my passwords and credentials safe.
Feels more safer now. @community I'd love your feedback on it. Let's make agents safe!
