April 23, 2026
Keep secrets or keep dreaming?
Show HN: Agent Vault – Open-source credential proxy and vault for agents
AI gets no passwords: Agent Vault drops, fans hype while skeptics yell “proxy leak”
TLDR: Infisical launched Agent Vault, an open-source proxy that hides API keys from AI agents and injects them at request time. The crowd is split: fans cheer, skeptics warn the proxy token could leak, the team says it’s experimental, and others ask about identity and cloud-vault integration.
Infisical just dropped Agent Vault, an open‑source “credential proxy” that sits between your AI helpers and the websites they call—so the bots never see the passwords. The pitch is simple: stop secrets from leaking when chatty agents get tricked. Instead of handing over keys, Agent Vault quietly injects them during each request, with logs, encryption, and a slick UI. But the comments? Oh, they’re spicy. The top concern: what if attackers grab the proxy pass instead of the password? As one skeptic pressed, “if they get the proxy auth key… can’t they still make requests?” Meanwhile, fans are popping confetti—“so excited to see this”—and asking if it plugs into Infisical’s existing cloud vaults for a one‑stop secrets shop. Then the plot twist: a team member jumps in to say it’s a research preview and “experimental,” which dials expectations down and debate up. Another thread goes big‑brain on identity: if the proxy knows who’s calling, where does the callee’s identity live? “Feels like the two pieces want to fit together.” Jokes sprinkled in too, calling this “baby‑proofing for AI” and “HTTPS_PROXY is the new VPN.” Bottom line: bold idea, messy realities, premium drama—and everyone’s watching
Key Points
- •Agent Vault is an open-source HTTP credential proxy and vault by Infisical that brokers API access for AI agents without exposing credentials.
- •It injects credentials at the network layer via a local HTTPS proxy and scoped sessions, preventing agents from handling raw secrets.
- •Credentials are encrypted at rest using AES-256-GCM; a master password can wrap the DEK with Argon2id, and a passwordless mode supports PaaS.
- •Request logs record method, host, path, status, latency, and credential key names, excluding bodies/headers/query strings, with configurable retention.
- •Install via script (macOS/Linux), Docker, or from source (Go 1.25+, Node.js 22+); the server exposes an HTTP API (14321), a TLS proxy (14322), and a web UI.