Agents & the CLI

AI agents and servers are first-class consumers in Stillvault. An agent gets the secrets it is authorised for through the same approval loop — and the vendor still sees nothing.

Enrol an agent

An admin enrols the agent before it can ask for anything. Once enrolled, the agent requests secrets by path. Every request still runs through the human approval loop: an approver releases the lease, the agent never holds standing access, and the vendor stays blind to plaintext.

Least privilege by path

Access policies scope an agent to the paths it needs and nothing more. An agent that reads production database credentials can be limited to db/prod/* and will be denied anywhere else. Grant the narrowest set of paths that lets the agent do its job. See Access policies for the policy model.

The CLI

The stillvault CLI handles get, request, and seal from a consumer host:

stillvault request db/prod/connection   # open a request for an approver
stillvault get db/prod/connection       # fetch a secret you hold a lease for
stillvault seal db/prod/connection      # seal a new value client-side

A versioned Claude skills bundle installs alongside the CLI, so an agent can use Stillvault as its secrets backend.

Roadmap: an MCP server (stdio) that exposes the same get/request/seal operations to agents over the Model Context Protocol.