← 返回 Skills 市场
AgentKeys
作者
Alexander Belogubov
· GitHub ↗
· v1.2.0
755
总下载
1
收藏
2
当前安装
3
版本数
在 OpenClaw 中安装
/install agentkeys
功能描述
Secure credential proxy for AI agents. Make API calls through AgentKeys — real secrets never leave the vault.
使用说明 (SKILL.md)
AgentKeys Skill
Secure credential proxy for AI agents. Route API calls through AgentKeys so your agent never sees real secrets.
Configuration
You have two options. Set these in your environment or .env:
Option A — API Key (recommended, multi-credential)
AGENTKEYS_API_KEY=ak_ws_...
AGENTKEYS_PROXY_URL=https://proxy.agentkeys.io
Use your workspace API key to proxy requests to any credential by name. Get your API key from Settings.
Option B — Direct Proxy Token (single credential)
AGENTKEYS_PROXY_TOKEN=pxr_...
AGENTKEYS_PROXY_URL=https://proxy.agentkeys.io
Use a proxy token for one specific credential. Get it by assigning a credential to an agent in the dashboard.
Usage
With API Key (Option A) — reference credentials by name
curl -X POST $AGENTKEYS_PROXY_URL/v1/proxy \
-H "Authorization: Bearer $AGENTKEYS_API_KEY" \
-H "X-Credential-Name: resend" \
-H "X-Target-Url: https://api.resend.com/emails" \
-H "Content-Type: application/json" \
-d '{"from": "[email protected]", "to": "[email protected]", "subject": "Hello", "text": "Sent via AgentKeys"}'
With Proxy Token (Option B) — direct credential access
curl -X POST $AGENTKEYS_PROXY_URL/v1/proxy \
-H "Authorization: Bearer $AGENTKEYS_PROXY_TOKEN" \
-H "X-Target-Url: https://api.resend.com/emails" \
-H "Content-Type: application/json" \
-d '{"from": "[email protected]", "to": "[email protected]", "subject": "Hello", "text": "Sent via AgentKeys"}'
Headers
| Header | Required | Description |
|---|---|---|
Authorization |
✅ | Bearer $AGENTKEYS_API_KEY or Bearer $AGENTKEYS_PROXY_TOKEN |
X-Target-Url |
✅ | Target API URL to forward to |
X-Credential-Name |
✅ (API key mode) | Name of the credential to use (case-insensitive) |
Content-Type |
❌ | Passed through to target |
How It Works
- Agent sends request to AgentKeys proxy with API key + credential name (or proxy token)
- AgentKeys finds and decrypts the real credential server-side
- Real credential is injected into headers
- Request is forwarded to the target API
- Response is returned to the agent
- Every request is logged in the audit trail
The agent never sees the real API key, OAuth token, or password.
Credential Types Supported
- API Key — injected as
Authorization: Bearer \x3Ckey> - Basic Auth — injected as
Authorization: Basic base64(user:pass) - Custom Headers — injected as key-value pairs
- Query Parameters — appended to URL
- Cookies — injected as
Cookieheader - OAuth — auto-refreshed tokens
Security
- Credentials are AES-256-GCM encrypted at rest
- Proxy tokens are scoped to one credential + one agent
- API key mode still respects workspace permissions
- Tokens can be revoked instantly from the dashboard
- Full audit trail for every proxied request
- Agent never has access to plaintext secrets
Links
- Dashboard: app.agentkeys.io
- Docs: agentkeys.io/docs
- Support: [email protected]
安全使用建议
This skill appears coherent for a credential-proxy: it simply instructs the agent to send requests to a configured AgentKeys proxy. Before installing, verify you trust the proxy operator and the AGENTKEYS_PROXY_URL value, and follow these precautions: (1) Prefer issuing scoped proxy tokens (pxr_...) limited to one credential/agent instead of a workspace API key; (2) if you must use a workspace API key, ensure it has least privilege and cannot access unrelated credentials; (3) restrict which target URLs the agent may request (to avoid SSRF or exfiltration to arbitrary endpoints) and monitor the proxy's audit logs; (4) confirm network routing — if the proxy can reach internal services, consider that access risk; (5) note that this skill is instruction-only (no local code), so risk comes from the remote proxy and the credentials you provide rather than from the skill bundle itself.
功能分析
Type: OpenClaw Skill
Name: agentkeys
Version: 1.2.0
The skill bundle describes a legitimate service for securely proxying API calls through 'agentkeys.io'. All instructions in SKILL.md, including configuration and usage examples, are consistent with this stated purpose. There are no indicators of malicious intent such as unauthorized data exfiltration, arbitrary command execution, persistence mechanisms, or deceptive prompt injection attempts against the AI agent. The external network calls to `https://proxy.agentkeys.io` are fundamental to the skill's intended functionality.
能力评估
Purpose & Capability
Name/description (credential proxy) matches the instructions: the SKILL.md tells the agent to call a proxy URL and optionally use an API key or proxy token. The only required env var in registry metadata is AGENTKEYS_PROXY_URL, which is appropriate. The metadata lists AGENTKEYS_API_KEY and AGENTKEYS_PROXY_TOKEN as optional credentials — consistent with a proxy model.
Instruction Scope
Instructions are scoped to routing requests through the AgentKeys proxy and do not ask the agent to read unrelated files or secrets. However, the proxy accepts an X-Target-Url header (arbitrary target) and in API-key mode can proxy any named credential the API key is permitted to use — that is functionally necessary but means a broadly-scoped API key could be abused to access many credentials or internal services if the proxy is trusted. This is a design risk to be mitigated by scoping tokens and network controls, not an incoherence in the skill itself.
Install Mechanism
Instruction-only skill with no install spec or code files — lowest install risk. Nothing will be written to disk by the skill package itself.
Credentials
Declared required env var is only AGENTKEYS_PROXY_URL, which is minimal. SKILL.md describes using AGENTKEYS_API_KEY or AGENTKEYS_PROXY_TOKEN in practice; those are appropriate for a proxy service but are sensitive. Ensure you provide the least-privilege credential (prefer single-credential proxy tokens) and that workspace API keys are tightly scoped. No unrelated secrets or config paths are requested.
Persistence & Privilege
Skill is not always-on and does not request system-wide configuration changes or persistent installation. Autonomous invocation is allowed (platform default) but not combined with other red flags here.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install agentkeys - 安装完成后,直接呼叫该 Skill 的名称或使用
/agentkeys触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.2.0
API key mode: one key for all credentials via X-Credential-Name header. Per-credential proxy tokens (AGENTKEYS_PROXY_TOKEN_STRIPE). Python tab. Credential editing.
v1.1.0
Security fixes: declared required env vars in metadata, removed TOOLS.md token storage advice, removed management API instructions, scoped to proxy-only usage
v1.0.0
Initial release: proxy requests, credential management via API v1, examples for OpenAI/Resend/GitHub
元数据
常见问题
AgentKeys 是什么?
Secure credential proxy for AI agents. Make API calls through AgentKeys — real secrets never leave the vault. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 755 次。
如何安装 AgentKeys?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install agentkeys」即可一键安装,无需额外配置。
AgentKeys 是免费的吗?
是的,AgentKeys 完全免费(开源免费),可自由下载、安装和使用。
AgentKeys 支持哪些平台?
AgentKeys 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 AgentKeys?
由 Alexander Belogubov(@alexandr-belogubov)开发并维护,当前版本 v1.2.0。
推荐 Skills