隨著 AI Agent 應用普及，如何安全地管理敏感憑證成為關鍵課題

Claude Code executes my code all day but it can’t see my secrets. They’re encrypted in my Mac’s Secure Enclave. Not in the cloud or in a .env file.

Introducing keypo vault. Your Mac as a programmable password manager for your agents. Open source.https://t.co/2rgcjKxCsj pic.twitter.com/JUA4rJOSdM

— Dave Blumenfeld (@dblumenfeld) March 11, 2026

On Monday we showed how your Mac can replace an external wallet provider for your agent.

The same paradigm exists for password managers: products like 1Password store your secrets on their servers. pic.twitter.com/chR6dTGizo

— Dave Blumenfeld (@dblumenfeld) March 11, 2026

Cloud-based password managers can be clunky to set up with a lot of handholding.

Managing accounts, service tokens, sessions…all just to inject an env var.

The result is most people don’t bother. They just use .env files and hope for the best.

— Dave Blumenfeld (@dblumenfeld) March 11, 2026

Keypo vault creates three local vaults with three policies: biometric (touchID), passcode (device password) and open (no ACL).

Encryption and decryption of your secrets happen inside your Mac secure enclave. Your agent can’t decrypt your secrets without your approval.

— Dave Blumenfeld (@dblumenfeld) March 11, 2026

The key command is “vault exec”. It decrypts secrets and injects them as env variables into a child process. Your agent constructs the command, you approve with Touch ID or passcode, and the secrets exist only in the subprocess: your agent never sees your secret as plaintext. pic.twitter.com/NAg5oM7qlc

— Dave Blumenfeld (@dblumenfeld) March 11, 2026