Welcome
HQ Vault is an encrypted credential vault built for AI agents. It stores, retrieves, and delegates secrets without exposing them to conversation context.
| What it does | How |
|---|---|
| Store secrets securely | XChaCha20-Poly1305 encryption via libsodium (native C bindings) |
| Serve secrets to agents | Localhost HTTPS daemon with bearer token auth |
| Replace .env files | eval $(hq-vault env-file myapp/) — encrypted storage, same workflow |
| Delegate scoped access | Time-limited, use-limited tokens for workers and sub-agents |
| Keep secrets out of AI context | Secure entry flows (stdin echo-disabled, one-time web page) |
Quick start
# Installnpm install -g hq-vault
# Initialize a vaulthq-vault init
# Start the daemonhq-vault serve --daemon
# Store a secret (prompts via stdin, echo disabled)hq-vault store slack/indigo/user-token
# Retrieve ithq-vault get slack/indigo/user-tokenFrom an agent or worker:
import { getSecret } from "hq-vault";
const token = await getSecret("slack/indigo/user-token");How it works
Agent / Worker HQ Vault (localhost:13100)┌─────────────┐ ┌──────────────────┐│ SDK or HTTP │ Bearer token │ ││ request │ ─────────────→ │ Auth + decrypt ││ │ secret value │ ││ │ ←───────────── │ Audit logged │└─────────────┘ └──────────────────┘ │ ┌──────┴──────┐ │ vault.db │ │ (encrypted │ │ SQLite) │ └─────────────┘- Secrets are stored via CLI or secure entry flow — values never appear in shell history or conversation
- The daemon holds the master key in memory, auto-locks after 30 minutes of inactivity
- Agents authenticate with bearer tokens and retrieve secrets over HTTPS
- Every access is audit-logged with timestamp, token name, operation, and path (never values)
Next
- Introduction — what this is and why it exists
- Installation — install, init, first secret
- CLI Reference — every command documented
- HTTP API — programmatic access
- SDK — TypeScript functions for workers