Overview
Give AI agents the access they need without exposing secret values
Stashbase helps you run coding agents with the credentials they need while keeping secret values out of the agent's process environment. Instead of receiving a real API key or token, the agent receives a short-lived placeholder. Stashbase exchanges that placeholder only when the agent makes an approved HTTP(S) request to an approved host.
How it works
Your shell → stashbase agent run → coding agent
│
│ placeholder in a supported request header
▼
Stashbase credential broker
│
▼
approved API destinationYou define the secrets and destinations a workflow may use in an agent profile. The profile can read configured source names from a Stashbase environment, a local secrets file, or both.
Quick start
Create a stashbase-agent.toml file in a trusted project directory:
[agent_profiles.coding]
project = "my-project"
environment = "development"
egress_hosts = ["registry.npmjs.org"]
[agent_profiles.coding.secrets.GH_TOKEN]
hosts = ["api.github.com"]Validate the policy before it is granted secrets, then launch your agent:
stashbase agent validate --profile coding --profile-source directory
stashbase agent run --profile coding --profile-source directory -- codexThe child process gets a placeholder named GH_TOKEN, never the real value. It may use that placeholder only for requests to api.github.com; package-registry traffic is permitted without receiving a credential.
Agent profiles are early access and reduce local credential exposure during normal workflows. They are not isolation from a malicious process running as the same user. Review repository profiles before running them with secrets.