Open Source Tool

ethilia-vault

Secret management for AI workflows. Encrypted vault with rotation. Zero plaintext in memory or logs.

MIT License Rust

AI Logs Your Secrets

AI sees OPENAI_API_KEY=sk-... in your .env. Stores it in context. Sends it to OpenAI. ethilia-vault encrypts secrets before AI touches them.

How ethilia-vault protects secrets from plaintext exposure at every stage

Military-grade encryption. Secrets encrypted at rest. Decrypted only when needed, in memory, never logged.

Configurable TTL policies. API keys rotate every 30/60/90 days automatically. Old keys revoked.

Who accessed what secret, when. Exportable logs. Compliance-ready (SOC2, ISO27001).

Rust-based. <1ms per decrypt. Cached in-memory for hot paths. Zero latency overhead.

Works with AI IDEs via MCP. Secrets injected into context encrypted. AI never sees plaintext.

Local file, AWS KMS, GCP Secret Manager, Azure Key Vault. Unified API.

ethilia-vault is free and open source (MIT). For centralized secret management with RBAC and SSO, check out Security Triad.

Install ethilia-vault in 5 minutes. Encrypt your secrets today.