v0.1.0-pre · Free · AGPL-3.0 · Works offline

Secrets manager that
understands your dependency graph.

Stores API keys. But also tells you who uses them, where, and what breaks if you revoke. Auto-matches NVD/GHSA incidents. Scans npm/Cargo deps for known secret-leak history. All on your laptop.

Download View source
Watch the 60-second demo
LockScreen → Charter issuance → Recovery flow

Day-one capabilities

Everything below is in the free tier. No account required. Open source AGPL-3.0.

🕸

Dependency graph

Visual map of Issuer → Credential → Usage → Project → Deployment → URL. Filter by env, search by usage, simulate revocations. The vault speaks the language of your codebase, not just key/value pairs.

M3 React Flow Local-first
💥

Blast radius preview

"What breaks if I revoke this?" — answered before you click. Highlights every service, deployment, and URL that depends on the key. No production accidents.

📡

Incident feed

NVD / GHSA / issuer RSS polled locally and matched to your vault. The relay server never sees what credentials you store. Zero-knowledge.

🛡

Supply-chain scan

OSV.dev queried for every npm / Cargo dep with secret-leak history. Lockfile-aware, semver-precise.

🤖

RAILGUARD

Auto-generates .cursorrules, CLAUDE.md, Copilot instructions — AI editors can't exfiltrate keys.

📜

Vault Charter recovery

Diceware 6 words + 4-digit verifier. Optional Shamir 2-of-3 split for inheritance. Forget passphrase, not vault.

M23
⌨️

CLI · MCP · VS Code · JetBrains

apivault in your terminal. Native MCP server for Claude / Cursor / Copilot Chat. VS Code & JetBrains plugins with hover, code-lens, blast-radius graph.

M18 M21 M22 
$ apivault list --json
$ apivault scan supply-chain --project .
$ apivault run --project <id> -- npm run deploy

Free during beta

모든 기능을 무료로 사용해보세요. 베타 기간 동안은 가격 부과 없음.
All features free while we polish the experience.

BETA · FREE
Everything
$0 / no credit card

Open source AGPL-3.0. Includes every feature. No account required for local vault.

  • Local vault & dependency graph (unlimited)
  • Blast radius simulation
  • Incident feed (NVD / GHSA)
  • Kill Switch + audit log
  • RAILGUARD AI editor protection
  • Supply-chain scan (OSV.dev)
  • CLI · MCP · VS Code · JetBrains plugins
  • Vault Charter recovery (Diceware + Shamir 2-of-3)
  • Multi-device E2EE sync (up to 5 devices)
Coming later
Roadmap

사용자 피드백 + dogfooding 후 도입할 추가 기능들. 가격 정책은 베타 종료 시점에 사용자와 함께 결정.

  • 일반 비밀번호 vault (general passwords + autofill)
  • Auto-rotation with provider hooks
  • Auto-revoke (Stripe / GitHub / AWS API)
  • Team / org / shared vault (RBAC + SSO)
  • Browser extension (Chrome / Firefox / Safari)
  • Mobile companion (iOS / Android)

📬 베타 기간 동안 사용 후기 / 버그 리포트 / 기능 요청 환영합니다. GitHub Issues.

Existing vaults answer "where is the key?" — none answer "what happens when this key leaks?" or "is the npm package I'm about to install going to phone home with my .env?" That gap is where breaches start. We close it on your laptop, before the breach mail arrives.