Store skills, encrypt API keys, and grant AI agents timed access to your credentials — all from a Chrome sidepanel. No copy-pasting. No leaking.
AgentVault is the Chrome extension that keeps your AI development workflow clean and secure.
Import SKILLS.md files from GitHub, local disk, or paste. Search, copy-inject, and manage your agent skill prompts in one place.
Encrypt API keys, tokens, and passwords with a master password. Secrets are AES-256-GCM encrypted with PBKDF2 key derivation — your vault never leaves your device.
Click once to generate a timed token (15 min). Your AI agent can then request secrets by name via the Chrome extension messaging API — no more copy-pasting keys into prompts.
Pro FeatureAll data lives in chrome.storage.local. Nothing is transmitted to any server. Ever. Not even us can access your secrets.
Copy any skill or secret value to clipboard in one click. Values are decrypted in-memory only — the plaintext is never written to disk or storage.
Agent sessions auto-expire after 15 minutes. Revoke manually any time. Session secrets are stored in chrome.storage.session — cleared when the browser closes.
Install from the Chrome Web Store. Set a master password to create your encrypted vault — it never leaves your machine.
Store API keys, tokens, and credentials. Each one is encrypted individually — copy to clipboard with one click, decrypted in-memory only.
Hit 🤖, hand the token to your AI agent, and let it pull what it needs by name. Revokes automatically after 15 minutes.
The future of agentic workflows isn't copy-pasting keys into prompts. It's your AI agent requesting credentials directly — authenticated, scoped, and auto-expiring.
Click 🤖 in the vault. A 15-minute session token is generated and shown to you.
Pass it at agent startup — via terminal, environment variable, or prompt.
One sendMessage call returns the plaintext value. Expired or revoked? Returns an error immediately.
// "Wire my ESP. Use the Resend key in AgentVault." const getSecret = (token, name) => new Promise((resolve, reject) => { chrome.runtime.sendMessage( AGENTVAULT_EXT_ID, { type: 'av_getSecret', token, name }, (res) => res?.success ? resolve(res.value) : reject(res?.error) ); }); // Fetch the key, wire up Resend — no paste, no leak const apiKey = await getSecret(token, 'RESEND_API_KEY'); const resend = new Resend(apiKey);
Start free. Upgrade when you're ready for unlimited everything and Agent Session access.
No subscription required for free tier · Cancel anytime · Payments via Paddle (global VAT/GST handled)
Install AgentVault free. Your secrets stay yours — local, encrypted, and agent-accessible on your terms.