onecli

onecli / onecli

Public

Open-source credential vault, give your AI agents access to services without exposing keys.

onecli.sh ai-agents nanoclaw openclaw rust secret-management
560
19
100% credibility
Found Mar 12, 2026 at 255 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
TypeScript
AI Summary

OneCLI is a secure gateway that transparently injects stored credentials into AI agent requests without exposing real secrets to the agents.

How It Works

1
🔍 Discover OneCLI

You hear about a safe way to hide passwords from your AI helpers and visit the website.

2
🚀 Launch the vault

With one easy click, you start the secure vault on your computer – no hassle needed.

3
🌐 Open your dashboard

A simple web page appears where you control everything for your AI friends.

4
🤖 Create an AI helper

You name your smart assistant and get a special passcode just for it.

5
🔒 Hide your passwords

You store your real service logins safely – they're encrypted and never shown to anyone.

6
🧪 Test the magic

Run a quick example request and see fake logins swap to real ones automatically.

Secure AI in action

Your AI helpers now call services safely, with all secrets protected forever.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 255 to 560 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is onecli?

OneCLI is an open-source credential vault in TypeScript and Rust that secures AI agents' API access by injecting real keys at runtime without exposure. Store credentials once in an encrypted web dashboard, issue agents fake placeholders like "FAKE_KEY", and route calls through a proxy gateway that swaps them transparently—even for HTTPS via MITM interception. Docker run spins up the full stack with an embedded DB on ports 10254 (dashboard) and 10255 (proxy).

Why is it gaining traction?

Unlike scattered env vars or GitHub secrets, this open source credential management system centralizes rotation and auditing for multi-API agents, with host/path matching and per-agent tokens preventing over-privileging. The Rust proxy handles high-throughput injection without buffering streams, supporting SSE and large payloads. A one-command curl demo proves it instantly, hooking devs building agent fleets.

Who should use this?

AI devs crafting agents that hit Anthropic, OpenAI, or custom endpoints, tired of baking keys into codebases. Teams deploying containerized agents needing scoped access without key leaks. Local prototypers wanting quick credential proxying via Docker Compose.

Verdict

Solid open source credential vault for agent security—great docs, easy local setup, auto-generated demo secret—but 105 stars and 1.0% credibility signal early maturity; prod users should add monitoring. Try the Docker image if agent key hygiene is your pain point.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.