What Agent Master Key never sees
Agent Master Key is local-first by design. The product's entire job is to let your AI agents act on your accounts without handing them — or us — your secrets.
Where your secrets live
When you connect a provider, you bring a scoped token or API key. Agent Master Key stores it in an AES-256-GCM encrypted vault that lives entirely on your Mac. A small policy broker runs on your own machine (on 127.0.0.1) and uses those secrets locally to fulfill an agent's allowed requests. The secrets are not uploaded to Agent Master Key — there is no cloud vault in the loop.
What your agent gets
Your agent receives a single scoped Master Key (amk_live_…). It can reach only the connectors and actions you granted, and it never receives your underlying provider secret. You can revoke that key instantly, or use the Kill Switch to pause every agent at once.
Connectors authenticate with API keys held vault-side. Agent Master Key does not use OAuth tokens today, so there is no refresh-token flow that could hand a rotated token back to an agent: the broker injects the key into the outbound provider request itself, refuses to replay it to redirects, and scrubs credential-shaped values from provider responses before an agent sees them.
What is recorded
Actions taken through the broker are written to a local, redacted audit trail so you can see what happened. Secret values are not written to logs or proofs.
What we never see
- Your provider API keys or tokens — they stay in your encrypted local vault on your Mac.
- The contents of the calls your agents make to providers.
- Your account passwords.
What we protect — and what we don't
Agent Master Key is built to defend your provider keys against the threats that actually cause leaks: keys travelling to the cloud, keys copied into a dozen different agent app configs, and AI agents reading your raw secrets. Against all three, your keys stay in one encrypted local vault and agents only ever receive a scoped, revocable Master Key — never the underlying secret.
To be straight with you: Agent Master Key does not claim to stop a malicious program that is already running on your Mac as you — for example, malware with debugger access to your own processes. No local application can honestly promise that today; such a program can read whatever your user account can read. Keeping your Mac free of malware is the foundation everything else builds on. Hardware-backed Secure Enclave isolation, which raises that bar further, is on our roadmap — and we'll say so plainly the day it ships, not before.
Honest about maturity
These statements describe the product's architecture and design intent. Agent Master Key is in early access, and an independent third-party security review is part of our path to general availability. We will only make stronger security claims once that review supports them.
Questions about custody? Email support@agentmasterkey.com. Security reports: security@agentmasterkey.com.
Agent Master Key