Envlock

Stop pasting API keys into chat. Store them in an encrypted vault. Let your AI agent read them safely.

Get Started β†’ View on GitHub
$ npm install -g @adewale0o/envlock click to copy
The Problem

Your API keys are in chat history right now

Every time you paste a key into ChatGPT, Claude, or Cursor, it gets logged, stored, and possibly trained on.

πŸ“

Stored Forever

Chat history lives on servers. You can't delete it. Your keys are there permanently.

🎣

Prompt Injection

A malicious prompt can trick the AI into sending your keys to an attacker. It's happened.

πŸ€–

Training Data

Some providers use conversations for training. Your keys could end up in model weights.

πŸ‘€

Screen Exposure

Screen sharing, screenshots, recordings β€” once a key is visible, it's compromised.

How It Works

Keys go from browser to vault. Chat is never involved.

The AI agent starts a local web server. The user opens a link and pastes keys into a form. Everything is encrypted.

1

Agent installs Envlock

One command: npm install -g @adewale0o/envlock. The agent does this itself.

2

Agent initializes the vault

envlock init creates an encrypted vault on disk. AES-256 encryption. Master password required.

3

Agent starts the web UI

envlock serve spins up a local web server. Agent gets a URL with a random access token.

4

User opens the link

User sees a clean form with 46 service templates. Picks OpenAI, Stripe, Discord, AWS β€” whatever they need.

5

User pastes their key

Key goes into the form. Clicks "Save Securely". Key is encrypted and stored. Never touched chat.

6

Agent reads the key

envlock get OPENAI_API_KEY β€” agent gets the key programmatically. Uses it to call the API. Done.

$ npm install -g @adewale0o/envlock
+ @adewale0o/envlock@1.2.0

$ envlock init
βœ… Vault initialized successfully!

$ envlock serve
🌐 Envlock Web UI is running!
Open this URL in your browser:
http://127.0.0.1:3847/?token=a8f3c...

── User opens link, adds keys ──

$ envlock get OPENAI_API_KEY --raw
sk-proj-abc123...

$ envlock list
OPENAI_API_KEY βœ… Set api_key
STRIPE_SECRET βœ… Set token
GITHUB_TOKEN βœ… Set api_key
Two Modes

Localhost or network β€” you choose

The web UI runs in two modes depending on where the agent and user are.

🏠 Localhost Mode

Agent and user on the same computer. Most secure β€” nothing leaves the machine.

envlock serve
  • Agent runs on your laptop
  • You open browser on the same laptop
  • URL: 127.0.0.1:PORT
  • Nobody else can reach it
  • Best for: Cursor, Claude Code, local OpenClaw

πŸ“‘ Network Mode

Agent on a server/VPS, user on a different device. Same WiFi or LAN network.

envlock serve --expose
  • Agent runs on a VPS or server
  • You open browser on your phone/laptop
  • URL: 192.168.x.x:PORT
  • Token required for access
  • Best for: Remote servers, team setups

πŸ€” What does "same network" mean?

"Same network" means devices connected to the same WiFi router, LAN, or private cloud network. For example:

Features

Everything you need. Nothing you don't.

πŸ”

AES-256 Encryption

Every secret encrypted at rest with PBKDF2 key derivation

🌐

Web UI

Clean browser form for users β€” no keys in chat

πŸ“¦

46 Templates

OpenAI, Stripe, Discord, AWS, and 42 more

πŸ€–

Agent API

JSON API for programmatic access by AI agents

πŸ”‘

Password Generator

Generate keys, tokens, UUIDs, passwords

πŸ“

Profiles

Separate dev/staging/prod environments

πŸ₯

Health Checks

Validate credential formats automatically

πŸ’Ύ

Backups

Encrypted backups with one-click restore

πŸ“‹

Audit Log

Every access logged with timestamp

πŸ”

Search & Tags

Find secrets by name, tag, or description

πŸ“€

Export

Shell, dotenv, Docker, JSON formats

πŸ”—

Share Bundles

Encrypted bundles for sharing secrets

Templates

46 services. Pre-built forms.

Users don't have to figure out field names. Pick a service, fill in the blanks.

All πŸ€– AI πŸ“± Social ☁️ Cloud πŸ—„οΈ Database πŸ’³ Payment πŸ› οΈ Dev
πŸ€–OpenAI
🧠Anthropic
πŸ’ŽGemini
πŸ€—Hugging Face
πŸ”„Replicate
🐦Twitter / X
πŸ’¬Discord
✈️Telegram
πŸ“‘Slack
πŸ“ΈInstagram
πŸ‘€Facebook
πŸ’ΌLinkedIn
▢️YouTube
🎡TikTok
πŸ€–Reddit
πŸ“ŒPinterest
πŸ™GitHub
☁️AWS
🌐Google Cloud
πŸ”·Azure
β–²Vercel
🟒Netlify
🌊DigitalOcean
πŸͺFly.io
🐘PostgreSQL
🐬MySQL
πŸƒMongoDB
πŸ”΄Redis
πŸ”₯Firebase
⚑Supabase
πŸ’³Stripe
πŸ…ΏοΈPayPal
πŸ“§SendGrid
πŸ”«Mailgun
πŸ“±Twilio
πŸ•Datadog
πŸ›Sentry
πŸ“ŠNew Relic
🐳Docker Hub
πŸ“¦npm
πŸ›‘οΈVPN
πŸ”‘SSH Key
πŸ”“OAuth
🎫Bearer Token
πŸ‘€Basic Auth
πŸ”‘API Key
Security

Built for paranoia

Every layer is designed to keep your secrets safe.

πŸ” AES-256 Encryption

All secrets encrypted at rest with AES-256-CBC. Key derived via PBKDF2 with 100,000 iterations.

πŸ”‘ Token Authentication

Web UI requires a random 32-character token. Without it, you see nothing. Token changes every restart.

🏠 Localhost Default

Web UI only listens on 127.0.0.1 by default. Must explicitly opt-in to expose to network.

πŸ“‹ Audit Logging

Every read, write, delete, and access is logged with timestamp and agent ID.

πŸ”’ File Permissions

Vault files are 0600 β€” only the owner can read or write. No other user on the system can access them.

⏰ Auto-Expiry

Set secrets to expire after N seconds. Expired secrets are automatically inaccessible.

Architecture

What's happening under the hood

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ ENVLOCK CLI β”‚ β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ β”‚ β”‚ β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ β”‚ β”‚ Commands β”‚ β”‚ Web UI β”‚ β”‚ Agent β”‚ β”‚ Export β”‚ β”‚ β”‚ β”‚ (CLI) β”‚ β”‚ Server β”‚ β”‚ Bridge β”‚ β”‚ Engine β”‚ β”‚ β”‚ β””β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”˜ β”‚ β”‚ β”‚ β”‚ β”‚ β”‚ β”‚ β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β”‚ β”‚ β”‚ β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β–Όβ”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ β”‚ β”‚ Vault Core β”‚ β”‚ β”‚ β”‚ (AES-256) β”‚ β”‚ β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β”‚ β”‚ β”‚ β”‚ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ β”‚ β”‚ β”‚ β”‚ β”‚ β”‚ β”‚ β”‚ β”Œβ”€β”€β”€β”€β–Όβ”€β”€β”€β” β”Œβ”€β”€β”€β–Όβ”€β”€β”€β”€β” β”Œβ”€β”€β”€β–Όβ”€β”€β”€β”€β” β”Œβ”€β”€β”€β–Όβ”€β”€β”€β”€β” β”Œβ”€β”€β–Όβ”€β”€β”€β”€β”€β” β”‚ β”‚ β”‚Secrets β”‚ β”‚ Slots β”‚ β”‚ Audit β”‚ β”‚History β”‚ β”‚Backups β”‚ β”‚ β”‚ β”‚(enc) β”‚ β”‚(enc) β”‚ β”‚ Log β”‚ β”‚ β”‚ β”‚(enc) β”‚ β”‚ β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β””β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚ β”‚ β”‚ β”‚ ~/.envlock/ β”‚ β”‚ β”œβ”€β”€ vault.enc ← encrypted secrets β”‚ β”‚ β”œβ”€β”€ slots.enc ← encrypted metadata β”‚ β”‚ β”œβ”€β”€ audit.json ← access log β”‚ β”‚ β”œβ”€β”€ history/ ← change tracking β”‚ β”‚ β”œβ”€β”€ profiles/ ← dev/staging/prod β”‚ β”‚ └── backups/ ← encrypted snapshots β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Get Started

Takes 30 seconds. No sign-up, no cloud, no BS.

1
Install: npm install -g @adewale0o/envlock
2
Initialize: envlock init
3
Start web UI: envlock serve
4
Open the URL in your browser. Add your keys. Done.
View on GitHub β†’ View on npm