AXAgentSecrets

Secrets that
agents can't steal.

The secrets platform for AI agents and the engineers who use them.

$ npm install -g @agentsecrets/ax
Free to start • open live demo
Dogfooded daily in this monorepo. No .env files were harmed.
ax
ax CLI preview — real usage via your terminal or MCP
THE INVISIBLE CRISIS

Your agents
can read
everything.

Cursor, Claude Code, Aider — they have full filesystem access. They autocomplete your Stripe keys. They leak them in prompts. .env files were never designed for this world. dotenvx helps, but agents still get the keys eventually.
Prompt injection = instant exfil
One bad webpage or RAG doc and the agent happily dumps every secret it can access.
Worktrees multiply the disaster
New worktree? Copy every .env again. Share with coworker? Slack the keys. Per-env? Pure chaos.
ONE TOOL. TWO AUDIENCES.

ax is built for both.

FOR AGENTS
MCP + safe primitives.
Never the value unless asked.
has_secret returns true/false. list_secrets shows names only. run_command injects at runtime. Agents stay blind to actual credentials.
FOR YOU
Worktree native.
Per-env by default.
Git-style sharing.
No more copying files between checkouts.
ZERO TRUST BY DEFAULT
Cloud sync with AES. Your keys, your control.
VERSIONED • AUDITED
Every change is reversible. Every access is logged. Even by agents.
v2 coming soon — full secret history and one-click rollback.
BUILT FOR THE AGENT ERA

The first secrets tool your agents will actually use.

AX MCP SESSION
$ ax list --env production
DATABASE_URL
STRIPE_LIVE
ANTHROPIC_KEY
$ ax has ANTHROPIC_KEY --env production
true
$ ax run --env production -- node server.js
Server started. Secrets injected in memory only. Agent never saw them.

Add the MCP server once. Every agent (Cursor, Claude, custom) gets safe, auditable access. No more "I accidentally leaked the prod key in a prompt".

THE CLI YOU'LL ACTUALLY USE

ax feels like magic.
Because it was built for how you actually work.

01 ax init in any repo. It just knows your worktrees.
02 ax set FOO bar -e staging. Synced to your cloud vault.
03 ax run -- pnpm dev. Secrets never touch disk or agents.
# In this monorepo (dogfooding live)
pnpm ax init
 
# Safe presence check — agents love this
ax has DATABASE_URL -e development
# → true (boolean only, no value ever exposed)
 
# Run anything with secrets injected
ax run -e production -- node dist/server.js
 
# For your AI agents
npx @agentsecrets/mcp
# Add to Cursor/Claude config once. Done.
Install axSee the SaaS dashboard
Used in production by teams who got tired of waking up to leaked keys in agent logs.
SECURE BY DEFAULT • AGENT BLIND • GIT NATIVE