Stays on your devices
Sealed under a key only your devices hold. The cloud just relays ciphertext it can't read.
mykeep is a secrets vault for your AI agents — and a password manager for you. Keys stay on your devices: your agent uses them, never sees them.
one vault · every device · any agent
How it works
The secret gets used on your device and never comes back — not to the agent, not to the cloud. (The gateway is keyless — it just passes the request along.)
Sealed under a key only your devices hold. The cloud just relays ciphertext it can't read.
The agent stops and waits. You approve on your device — face or fingerprint. Once, or for ten minutes. Kill it anytime.
Claude Code, Cursor, ChatGPT, your scripts. Plain REST or MCP. No SDK.
One vault
Right now your secrets are scattered — .env, a password manager, an authenticator app. mykeep puts them behind one unlock. Bring them over from 1Password, Bitwarden, or Chrome.
Connect your agent
Two ways in — an MCP server or plain HTTPS. Both take one connect code from the app; no SDK, nothing to build.
Copy your connect code — your agent uses it to ask for access.
mk_obvious-tumble-bridge_••••••Drop it in the MCP config (below), or send it as a bearer token over plain HTTPS. Your agent asks to join, you approve it once on your device — then every secret use is approved too.
Drop the config in and you get memory_recall, vault_fetch, and more as tools. Works in Claude Code, Cursor, Cline, Codex.
No MCP? Any agent that can call a URL works — send the code as Authorization: Bearer. The whole manual: GET www.mykeep.ai/connect.
Every secret use asks for your face or fingerprint. Approve once, or for ten minutes. Revoke anytime from the app.
By reference, never by value
It asks; mykeep makes the call. A prompt injection can't leak a key the agent never had — that's the whole point.
HTTPS + a bearer token. GET /connect is the whole manual. MCP optional.
recall before answering, retain after. Embedded on-device.
Writes need approval. Names never reveal secrets. Revoke anytime.
Live manual: www.mykeep.ai/connect
Pricing
The code that touches your secrets is open source — the security core and gateway are Apache-2.0 — so you can audit exactly how your secrets are handled, and you're never locked in. Run the gateway yourself, free, forever. Or skip the ops and let us host it: free while we're in early access, founder pricing locked in when managed plans land.
Hosted
We run the gateway, you keep the keys
Self-host
Run the gateway yourself
Teams — shared vaults, roles, off-boarding — is exploratory; tell us if you'd want it.
mykeep ♥ open source
Security you can't read isn't security. The security core and gateway are Apache-2.0 — read every line that touches your secrets, run it, fork it.
More at github.com/domuvn/mykeep.
Why I built this
I let an AI agent run my deploys. One day it freaked out and wiped my production database — gone. It had every key in my .env, and nothing was stopping it.
That's when it hit me: we hand agents access to everything and just hope. mykeep is my answer — your keys stay on your devices, your agent can ask to use one, and nothing happens until you approve.
Your keys. Your call.
Free on every device. Two steps to live. Nothing leaves your devices.