We take the security of Vault-0 seriously. If you discover a security vulnerability, please do not open a public issue.

Instead, please report it privately via email to: security@vault0.org (or replace with your actual contact method).

We will acknowledge your report within 48 hours and provide an estimated timeline for a fix.

Vault-0 is designed to protect API keys and sensitive data for AI agents.

• Storage: Secrets are encrypted using AES-256-GCM with a key derived from your master passphrase using Argon2id.
• Memory: Secrets are decrypted in memory only when needed and injected into the target process environment.
• Network: A local policy proxy is available at 127.0.0.1:3840 but is not in the agent's traffic path by default. To enforce network policies (domain blocking, redaction, MCP hardening), you must set HTTP_PROXY=http://127.0.0.1:3840 in the agent's environment. Without this, the proxy runs but does not intercept agent traffic.
• Updates: We recommend always running the latest version to ensure you have the latest security patches.

• Ephemeral .env: During the launch process, secrets exist in plaintext in ~/.openclaw/.env for approximately 2 seconds before being overwritten. This is a trade-off to support the OpenClaw daemon without modifying its source code.
• Memory Dump: A sophisticated attacker with root access who can dump the RAM of the running process could potentially retrieve decrypted keys.