Show HN: AVP – an agent can't leak a secret it never had (github.com)

A new tool named Agent-Vault-Proxy (AVP) has been introduced to enhance security for AI agents by preventing the leakage of API keys. Unlike traditional methods that expose real secrets during operations, AVP provides just-in-time API keys by substituting a placeholder in the calling process with the actual secret at the last moment before outbound requests are made. This minimizes the risk of exposure from prompt injection or software supply chain attacks, as the real credentials never reside in the agent's memory. The solution uses a loopback HTTPS proxy that fetches credentials from Bitwarden Secrets Manager and injects them based on predefined bindings without the calling process ever needing to hold sensitive data. AVP addresses two critical threats in the current security landscape. It not only protects against prompt injection attacks which could exfiltrate API keys through malicious inputs but also against vulnerabilities in software supply chains where malicious packages could access these credentials. With low latency overhead (1-3 ms per request), and the capacity for comprehensive binding configurations by HTTP methods and URL paths, AVP is versatile enough for a range of applications, from CI runners to cron jobs. While it does not serve as a vault itself, AVP integrates with existing secret management solutions, marking a significant step forward in safeguarding sensitive credentials for AI applications.