Infisical · 2026-04-22 · notable
Agent Vault — Open-Source HTTP Credential Proxy for AI Agents
Infisical's Agent Vault is an open-source HTTP proxy that injects credentials at the network layer — agents (Claude Code, Cursor, Codex) never see the actual keys, structurally blocking credential exfiltration via prompt injection. 697 GitHub stars.
An open-source proxy that sits between your AI agent and the internet, injecting credentials so the agent never sees the actual keys.
What is it?
Agent Vault is an open-source, self-hosted HTTP credential proxy built by Infisical. It runs locally and routes your AI agent's outbound HTTP requests through a forward proxy, injecting API keys and secrets at the network layer. The agent never receives or stores credentials — it makes requests to localhost, and Agent Vault handles authentication to the real upstream service. Currently in research preview.
How does it work?
Agent Vault operates via the standard HTTPS_PROXY environment variable. It terminates the TLS connection, looks up the matching credential from its vault for the target host, and reconstructs the request with proper authentication headers before forwarding. If a prompt injection attack tricks the agent into attempting to exfiltrate credentials, the attack fails because the agent never had them in its context window.
Why does it matter?
Prompt injection is the primary security concern for production AI agents. The typical mitigation is 'be careful with what tools you give the agent' — Agent Vault offers a structural fix: agents simply cannot leak what they never received. Built by Infisical, a team with a track record in secrets management, with 697 GitHub stars in its first days.
Who is it for?
Teams running AI agents in production with real API credentials
Try it
github.com/Infisical/agent-vault