Keychains.dev is a secure credential proxy for AI agents. Use "keychains curl" as a drop-in for curl — just replace hard-coded credentials with template variables like {{GITHUB_TOKEN}}. Keychains injects real credentials server-side. Your agent never sees raw secrets — immune to prompt injection by design. Users approve each permission with one click and can revoke access anytime. Full audit trail. Works with 11,000+ API providers (OAuth, API keys, basic auth).
Hey Product Hunt! Happy to be hunting Keychains.dev today.
**Clawbot** and **OpenClaw** are incredible tools for giving AI agents real-world capabilities. But they both share the same concern: **"Wait, the agent has my raw API keys?"**
Prompt injection, leaked context windows, malicious plugins — once your credentials are in an agent's memory, you've lost control. A lot of people hold back from adopting agentic workflows because of this.
**Keychains.dev** solves exactly this problem with an elegant approach:
Your agent uses `keychains curl` instead of `curl`. Instead of hard-coding secrets, you use template variables like `{{GITHUB_TOKEN}}`. Keychains injects the real credentials **server-side** — the agent never sees them.
If you've been building with AI agents but felt uneasy about the security side, this is the missing piece. It's the kind of trust layer that makes the whole agentic ecosystem viable.
Give it a try — would love to hear what you think!
Congrats on launching, @severin__. The secure approach to managing credentials is impressive. How do you plan to drive initial ?
How do you think about trust and privacy tradeoffs in the proxy layer—what data must you see to inject auth and provide an audit trail, and what design choices let teams keep request/response bodies out of your infrastructure?
This is a great idea. Have you thought about expanding it to also support traditional website passwords, so agents couldn’t access those either? Curious whether you see this eventually replacing tools like 1Password, or staying focused purely on developer/API secrets.
Huge congrats on launch! Love the secure proxy model and zero‑secret agent design.
Credential handling in AI agents is one of those things that looks fine in demos but breaks fast in prod. I've seen raw API keys just float through context windows more times than I'd like to admit. The prompt injection immunity part is what I find most interesting here - you can't inject what the model never had access to. Curious how you handle OAuth token refresh mid-task though? If a token expires while an agent is running a long job, does it just get a 401 or is there auto-refresh built in?
I've made keychains.dev to be able to use the limitless power of AI agents like OpenClaw, without having afterthoughts about if it's properly keeping my passwords and credentials safe.
Feels more safer now. @community I'd love your feedback on it. Let's make agents safe!
About keychains.dev on Product Hunt
“Give AI access to 6754+ APIs with zero credentials exposed”
keychains.dev launched on Product Hunt on February 20th, 2026 and earned 181 upvotes and 18 comments, placing #6 on the daily leaderboard. Keychains.dev is a secure credential proxy for AI agents. Use "keychains curl" as a drop-in for curl — just replace hard-coded credentials with template variables like {{GITHUB_TOKEN}}. Keychains injects real credentials server-side. Your agent never sees raw secrets — immune to prompt injection by design. Users approve each permission with one click and can revoke access anytime. Full audit trail. Works with 11,000+ API providers (OAuth, API keys, basic auth).
keychains.dev was featured in Developer Tools (511k followers), Artificial Intelligence (466.2k followers) and Security (2.5k followers) on Product Hunt. Together, these topics include over 156.4k products, making this a competitive space to launch in.
Who hunted keychains.dev?
keychains.dev was hunted by alban. A “hunter” on Product Hunt is the community member who submits a product to the platform — uploading the images, the link, and tagging the makers behind it. Hunters typically write the first comment explaining why a product is worth attention, and their followers are notified the moment they post. Around 79% of featured launches on Product Hunt are self-hunted by their makers, but a well-known hunter still acts as a signal of quality to the rest of the community. See the full all-time top hunters leaderboard to discover who is shaping the Product Hunt ecosystem.
Want to see how keychains.dev stacked up against nearby launches in real time? Check out the live launch dashboard for upvote speed charts, proximity comparisons, and more analytics.
alban