Building an agent-safe secret runtime for local developer workflows.
| Project | Description |
|---|---|
| kxxx | Secret runtime that keeps raw credentials away from LLMs and agentic tools. Brokered safe path for agent integrations, compatibility path for existing workflows. |
┌─────────────┐
Agent ──► │ kxxx broker │ ──► Provider action (e.g. GitHub API)
│ (policy + │
│ audit) │ ──► Result metadata only (no raw secret)
└──────┬───────┘
│
Secret resolved internally
Instead of passing secrets to agents via env vars, kxxx brokers the operation and returns only the result — the agent never sees the raw secret.