No plaintext handoff
Sensitive values should not live in `.env`, shell profiles, or CLI config files an agent can read directly.
Security model
Agent security belongs at the local runtime boundary
Automic Vault protects macOS developer machines by moving secrets out of plaintext files, injecting approved credentials into trusted tools, and gating sensitive commands before they execute.
Last updated: May 15, 2026
Threat model
The risk is an agent with filesystem and tool access.
Automic Vault assumes a local AI coding agent can read project files, inspect shell configuration, run command-line tools, and accidentally expose credentials through logs or transcripts. The product reduces that ambient authority.
Tool-scoped access
Approved tools receive named secrets for the execution that needs them; the model does not receive a raw value to paste or summarize.
Visible authority changes
Package publishing, cloud mutation, and token-revealing commands should be approved at the command boundary.
Controlled installation
Release builds install under `/opt` and stub into `/usr/local/bin`; debug builds use `/tmp/opt` and `/tmp/usr/local/bin`.
Disclosure
Report security issues through GitHub.
Automic Vault is open-source software. Use the public repository for source review, issue reporting, and release tracking. Do not include live secrets in public issues.