Your OpenClaw agent is smart. It can browse the web, write code, manage files. But the moment you need it to call Stripe, or hit the GitHub API, or query a database, you are stuck pasting API keys into places they do not belong.
This tutorial shows you how to set up AgentSecrets with OpenClaw so your agent can make authenticated API calls to any service, with your keys locked in your OS keychain where they belong. No .env files, no plaintext, no key values anywhere in your agent's context.
Time to set up: ~2 minutes.
Prerequisites
- OpenClaw installed and running
- One of: Python, Node.js, Go, or Homebrew (for installation)
- At least one API key you want to use (Stripe, OpenAI, GitHub, anything)
Step 1: Install AgentSecrets
AgentSecrets is a single CLI binary. Choose your preferred installation method:
Homebrew (macOS/Linux)
brew install The-17/tap/agentsecrets
npm/npx (Node.js)
# Run without installing
npx @the-17/agentsecrets init
# Or install globally
npm install -g @the-17/agentsecrets
pip (Python)
pip install agentsecrets-cli
Go
go install github.com/The-17/agentsecrets/cmd/agentsecrets@latest
Step 2: Create Your Account
agentsecrets init
This is interactive. You will create a free account and your encryption keys will be generated and stored in your OS keychain automatically.
What just happened: An X25519 keypair was generated on your machine. The private key went into your OS keychain (macOS Keychain, Windows Credential Manager, or Linux Secret Service). The public key was sent to the server. Your secrets are encrypted client-side — the server only stores encrypted blobs it cannot read.
Step 3: Store Your API Keys
agentsecrets secrets set STRIPE_KEY=sk_test_51Hxxxxx
agentsecrets secrets set OPENAI_KEY=sk-proj-xxxxxxx
agentsecrets secrets set GITHUB_TOKEN=ghp_xxxxxxxxx
Each key is encrypted with AES-256-GCM using your workspace key, uploaded to the cloud in encrypted form, and stored in your OS keychain for instant local access. The server cannot read any of them.
Now delete those keys from ~/.openclaw/.env if they are there. They are safe in your keychain now.
Step 4: Install the OpenClaw Skill
From ClawHub
openclaw skill install agentsecrets
Manual install
cp -r /path/to/agentsecrets/integrations/openclaw ~/.openclaw/skills/agentsecrets
Step 5: Use It
Talk to your OpenClaw agent naturally:
You: "Check my Stripe account balance"
The agent will:
- Run
agentsecrets secrets listto see thatSTRIPE_KEYis available - Run
agentsecrets call --url https://api.stripe.com/v1/balance --bearer STRIPE_KEY - Return the balance without ever seeing
sk_test_51Hxxxxx
The Native Exec Provider (OpenClaw v2026.2.26+)
If you are running OpenClaw v2026.2.26 or later, AgentSecrets ships as a native exec provider for the SecretRef system. When your workflow references a secret, OpenClaw calls the AgentSecrets binary directly to resolve it at execution time. The value is injected into the process and never written to any OpenClaw config file.
agentsecrets exec
This means you do not need to configure credentials in ~/.openclaw/.env at all. The SecretRef system handles the resolution and AgentSecrets handles the zero-knowledge guarantee. Your agent gets what it needs without the value ever passing through your config.
Wrapping External Tools (Stripe CLI, Node servers, and others)
Some tools manage their own HTTP calls and need credentials as environment variables rather than via the proxy. For these, use agentsecrets env to wrap the command:
# Wrap the Stripe MCP server
agentsecrets env -- stripe mcp
# Wrap a Node server
agentsecrets env -- node server.js
# Wrap any dev server
agentsecrets env -- npm run dev
This resolves all secrets for your active project from the OS keychain and injects them as environment variables into the child process at startup. The values exist only in child process memory for the duration of the process. Nothing is written to disk.
Claude Desktop config for wrapping the native Stripe MCP:
{
"mcpServers": {
"stripe": {
"command": "agentsecrets",
"args": ["env", "--", "stripe", "mcp"]
}
}
}
Real Examples
Bearer Token APIs (Stripe, OpenAI, GitHub)
# Check Stripe balance
agentsecrets call --url https://api.stripe.com/v1/balance --bearer STRIPE_KEY
# List OpenAI models
agentsecrets call --url https://api.openai.com/v1/models --bearer OPENAI_KEY
# List your GitHub repos
agentsecrets call --url https://api.github.com/user/repos --bearer GITHUB_TOKEN
Custom Header APIs
agentsecrets secrets set SENDGRID_KEY=SG.xxxxxxxx
agentsecrets call \
--url https://api.sendgrid.com/v3/mail/send \
--method POST \
--header X-Api-Key=SENDGRID_KEY \
--body '{"personalizations":[{"to":[{"email":"test@example.com"}]}],"from":{"email":"you@domain.com"},"subject":"Test","content":[{"type":"text/plain","value":"Hello"}]}'
Query Parameter APIs
agentsecrets secrets set GOOGLE_MAPS_KEY=AIzaSyxxxxxxxxxx
agentsecrets call \
--url "https://maps.googleapis.com/maps/api/geocode/json?address=Lagos+Nigeria" \
--query key=GOOGLE_MAPS_KEY
POST with Bearer and Body
agentsecrets call \
--url https://api.stripe.com/v1/charges \
--method POST \
--bearer STRIPE_KEY \
--body '{"amount":1000,"currency":"usd","source":"tok_visa"}'
Multiple Credentials in One Call
agentsecrets call \
--url https://api.example.com/data \
--bearer AUTH_TOKEN \
--header X-Org-ID=ORG_SECRET
Checking Your Audit Trail
Every call through AgentSecrets is logged with key names only, never values:
# See last 5 calls
agentsecrets proxy logs --last 5
# Filter by a specific key
agentsecrets proxy logs --secret STRIPE_KEY
Output:
2026-02-26 01:15:00 STRIPE_KEY GET https://api.stripe.com/v1/balance 200 245ms
2026-02-26 01:16:30 OPENAI_KEY POST https://api.openai.com/v1/chat/completions 200 1203ms
You can audit exactly what your agent accessed, when, and where, without any key values ever appearing.
Managing Your Keys
# List all stored key names
agentsecrets secrets list
# Add a new key
agentsecrets secrets set NEW_KEY=value
# Remove a key
agentsecrets secrets delete OLD_KEY
# Pull all keys from cloud (new machine setup)
agentsecrets secrets pull
# Push local keys to cloud (backup/sync)
agentsecrets secrets push
What Is Happening Under the Hood
When you run agentsecrets call --bearer STRIPE_KEY:
- CLI loads your project config to get the project ID
- Looks up
STRIPE_KEYin the OS keychain for that project - Builds the HTTP request with
Authorization: Bearer <actual_value> - Forwards the request to the target URL
- Logs the call (key name, URL, status code — not the value)
- Returns the response body to stdout
The key value exists in memory only for the duration of the request. It never touches the filesystem, never enters agent memory, never appears in logs.
Troubleshooting
"Secret 'KEY_NAME' not found in keychain"
The key has not been stored yet. Run: agentsecrets secrets set KEY_NAME=value
"No project configured"
Run agentsecrets init from your project directory first, or agentsecrets project use <name>
"agentsecrets: command not found"
Ensure the binary is installed correctly. If using Homebrew, confirm the tap is added. If using npm, confirm the package is installed globally.
Next Steps
- Full architecture and documentation
- Building AgentSecrets — Engineering deep dive
- GitHub repository
- Open an issue if something does not work
Your keys are too valuable to leave in plaintext. Move them to your keychain and let your agent do the work.
Top comments (0)