Story

I built Vultrino because I kept running into the same problem: I want AI agents to do things that require credentials, but I don't want those secrets in prompts, logs, or context windows.

It's not just API keys – it's signing commits with PGP keys, accessing databases, decrypting files, anything that needs a secret. The agent shouldn't see the credential; it should just be able to use it.

Vultrino is a credential proxy that sits between your AI agent and the operation. The agent says "use my github-api credential" or "sign this with my pgp-key" and Vultrino handles the secret material without exposing it.

Key features: - WASM plugin system – add any credential type (PGP signing plugin included, build your own) - MCP native – works directly with Claude - OAuth2 with automatic token refresh - Scoped API keys – agent X can only access credentials matching "github-*" - Encrypted storage (AES-256-GCM), SSRF protection, audit logging

Written in Rust. Self-hosted, no cloud dependency.