Show HN: AVP – an agent can't leak a secret it never had
Category: security
Tags: security, proxy, ai-agents, secrets-management, python
Score: 8.0/10 (Innovation: 8, Technical: 8, Documentation: 9, Utility: 7)
Agent-Vault-Proxy is a just-in-time API key proxy that prevents credential leakage by substituting real secrets with placeholders in the calling process, swapping them on the wire only when communicating with permitted upstreams. It targets the critical security gaps of prompt injection and software supply chain attacks in AI agents, offering a novel, practical approach to credential isolation without requiring code changes.
Target audience: security engineers, backend devs, devops
Repository: https://github.com/inflightsec/agent-vault-proxy · Python · MIT · 12 stars
View on Hacker News