\t\t\t\t![\"Infisical](\"https:\/\/www.europesays.com\/ai\/wp-content\/uploads\/2026\/04\/Untitleddesign.jpg\")
\n Engineering teams building with AI agents can now ship them to production without exposing API keys and credentials to prompt injection. Agent Vault, available today on GitHub, lets agents do their jobs without ever reading the underlying secrets, and runs on any infrastructure the team already uses.<\/p>\n
Infisical,<\/a> the all-in-one secrets, certificates, and privileged access management platform, today launched Agent Vault, an open source credential security layer for AI agents. Available in research preview today at github.com\/Infisical\/agent-vault, Agent Vault gives engineering teams a way to move agents into production safely, with one credential security layer that works across every environment where they run agents: on-premise, in Kubernetes, and across any cloud.<\/p>\n \u201cAgent Vault is purpose-built for the agentic era. It reflects how we think secrets management should work when agents, not humans, are the primary actors on the internet.\u201d<\/p>\n For the platform, DevOps, and security teams standing behind the rapid rollout of AI agents, Agent Vault closes a gap that has forced uncomfortable trade-offs between shipping quickly and controlling risk. Traditional secrets management was designed for applications that fetch a credential and use it directly, a model that breaks the moment an agent is exposed to prompt injection, because any secret an agent can read is a secret an attacker can exfiltrate.<\/p>\n Also Read:\u00a0AiThority Interview with Glenn Jocher, Founder & CEO, Ultralytics<\/a><\/p>\n Agent Vault removes that risk at the source. Agents route their outbound requests through Agent Vault, which attaches credentials at the proxy layer, so the agent completes its work without ever seeing, storing, or logging the underlying secret. The credential brokering happens transparently: the agent is not aware that the proxy layer exists at all, which means a compromised agent has no surface to reason about, probe, or attempt to circumvent. In technical terms, Agent Vault is a TLS-intercepting, credential-injecting forward proxy purpose-built for agent workloads.<\/p>\n \u201cSecrets management was built for a world where applications fetched credentials and used them. That assumption no longer holds for AI agents,\u201d said Tuan (Tony) Dang, CTO and co-founder of Infisical. \u201cThe tools most teams rely on for secrets management today were designed long before prompt injection was a concern, and they are anchored to a paradigm that predates this problem. Agent Vault is purpose-built for the agentic era. It reflects how we think secrets management should work when agents, not humans, are the primary actors on the internet.\u201d<\/p>\n What Agent Vault Delivers for Engineering Teams<\/p>\n For the teams deploying AI agents at scale, that shift changes what the day-to-day work of shipping agents actually looks like.<\/p>\n Ship agents to production without the credential risk. Teams no longer need to choose between moving fast on agent development and protecting sensitive credentials. Agents keep their full ability to call APIs, query databases, and integrate with internal services, but a prompt injection attack cannot walk away with the keys. Get Started With Agent Vault<\/p>\n Engineering teams can start building with Agent Vault today. The open source project is live at\u00a0github.com\/Infisical\/agent-vault, with full installation instructions, integration guides, and architectural overviews available at\u00a0docs.agent-vault.dev. Teams evaluating credential security for agent deployments that demand production-grade reliability and enterprise support are invited to reach out to the Infisical team at\u00a0infisical.com\/talk-to-us\u00a0to discuss a commercial path.<\/p>\n Research preview status<\/p>\n Agent Vault is launching as a research preview. It is open source and available for developers to experiment with today, but it is not yet production-ready. Infisical is releasing Agent Vault at this stage to share its thinking openly, gather feedback from the engineering community, and iterate in public. Organizations interested in a production-grade version for enterprise use are encouraged to contact the Infisical team directly.<\/p>\n Also Read:\u00a0\u200b\u200bThe Infrastructure War Behind the AI Boom<\/a><\/p>\n
\nOne credential layer across every environment. Most organizations building with agents run across multiple clouds, on-premise systems, and hybrid infrastructure. Agent Vault follows the agent wherever it runs, so teams govern credential access in one place instead of stitching together environment-specific solutions.
\nNo agent code changes required. Agent environments can be configured so that all outbound traffic routes through Agent Vault automatically. Every agent running in that environment is covered without modifying agent code, rewriting prompts, or swapping SDKs. Teams protect their entire agent fleet with a single infrastructure change<\/p>\n