Your AI agent can read your .env

Your secrets don't belong in AI context.

Cursor, Copilot, and Claude can read every .env file in your project. Keyway keeps secrets in memory — invisible to AI, gone when the process stops.

brew install keywaysh/tap/keyway

Then run: keyway init · Other install options

Get started free Read the docs

Open source · Self-hostable · Free forever for public repos

What your AI assistant sees

Every file in your project is context. Including .env.

Without Keyway

my-app/

src/

package.json

.envreadable by AI

DATABASE_URL=postgres://admin:s3cret@db.prod.com

STRIPE_KEY=sk_live_4eC39HqLyjWDarjtT1zdp7dc

JWT_SECRET=super-secret-key-do-not-share

With Keyway

my-app/

src/

package.json

.envno file on disk

$ keyway run -- npm start

3 secrets injected into process memory

AI sees nothing. Process ends, secrets vanish.

Built for the AI era

Three primitives that keep your secrets safe — from humans and machines.

keyway run

Zero-trust mode

Inject secrets directly into process memory. No .env file on disk, invisible to AI agents, gone when the process stops.

$ keyway run -- npm start

MCP Server

AI-native secrets

Let AI assistants manage secrets through the Model Context Protocol — with scoped access and full audit trail.

$ npx @keywaysh/mcp

GitHub-native access

No new credentials

Repo access = secret access. When someone leaves, revoke their GitHub access. No secrets to rotate.

$ keyway init

Open source. Self-hostable. Yours.

Audit every line of code. Run it on your infrastructure. Contribute on GitHub.

Backend

Fastify API + PostgreSQL

keywaysh/keyway

Dashboard

Next.js 15 web app

keywaysh/keyway

CLI

Go, Homebrew / npm

keywaysh/keyway

Crypto Service

Isolated gRPC microservice

keywaysh/keyway

Everything is open source — including the Dashboard, MCP Server, and Docs.

View on GitHub Self-hosting guide →

Built for real workflows

From onboarding to offboarding, Keyway fits how teams actually work.

New dev joins? Productive in minutes.

GitHub repo access = secret access. No invites, no Slack scavenger hunts.

Dev leaves? Secrets stay safe.

Remove GitHub access, Keyway access revoked automatically. Zero secrets to rotate.

Same secrets, every deploy.

Sync to Vercel, Netlify, Railway. Local, staging, production — always in sync.

AI can't read what's not on disk.

keyway run keeps secrets in memory. Your AI agent sees nothing.

Sync to your stack

Connect your deployment platform. Push once, sync everywhere.

Vercel

Netlify

Railway

GitHub Actions

Everything you'd expect

Security-first architecture. No shortcuts.

AES-256-GCM

Industry-standard encryption, unique IV per secret

Isolated crypto service

Encryption key never touches the API server

Full audit trail

Who accessed what, when, from where

Version history

Full history with diff and rollback

Provider sync

Sync to Vercel, Netlify, and Railway

TLS 1.3 everywhere

End-to-end encryption in transit, no exceptions

Learn more about our security architecture →

See it in action

From exposed secrets to AI-proof in 30 seconds.

keyway — zsh

"I built Keyway after watching Claude autocomplete a database password from a .env file during a live demo. AI agents are incredibly useful — but they shouldn't see your production secrets."

Nicolas Ritouet

Software Engineer & CTO, Founder of Keyway

Don't want to self-host?

Keyway Cloud is our managed service — hosted securely, always up to date, and free for open source projects.

MonthlyAnnually

2 months free

Free

0€/month

For open source and side projects

Unlimited public repos
1 private repo
3 environments per repo
2 provider integrations
15 collaborators per repo
CLI + Web dashboard

Get started

Pro

Team

15€/month

For growing teams

10 private repos
Unlimited environments
Audit logs
Member management

Start with Team

Startup

39€/month

For scaling startups

40 private repos
30 collaborators per repo
Unlimited environments
Priority support
Everything in Team

Get Startup

14-day money-back guarantee

Compare plans

Feature	Free	Pro	Team	Startup
Public repos	Unlimited	Unlimited	Unlimited	Unlimited
Private repos	1	5 (up to 10)	10	40
Collaborators per repo	15	15	15	30
Environments	3	Unlimited	Unlimited	Unlimited
Provider integrations	2	Unlimited	Unlimited	Unlimited
CLI & Web dashboard
GitHub Action
Audit logs
Member management
Priority support

Frequently asked questions

What counts as a private repo?

Any GitHub repository marked as private that you connect to Keyway. Public repos are always free and unlimited.

How does annual billing work?

Pay upfront for 12 months and get 2 months free. That's a 16.7% discount compared to monthly billing.

Can I switch plans later?

Yes, you can upgrade or downgrade at any time. Changes take effect immediately, and we'll prorate the difference.

What happens if I exceed my repo limit?

You'll need to upgrade to a higher plan or remove some private repos to add new ones. Your existing secrets remain accessible.

Do you offer refunds?

Yes, we offer a 14-day money-back guarantee. If you're not satisfied, contact us for a full refund.

What is the collaborator limit?

Each repository can have up to 15 collaborators with access to secrets on Free, Pro, and Team plans. Startup plan allows up to 30 collaborators per repo.

Do you support GitHub organizations?

Yes! All plans work with both personal accounts and GitHub organizations.

How does billing work for teams?

Plans are billed per account, not per seat. You pay for the plan's repo limit, and all collaborators with repo access can use those repos.

Your secrets don't belong in AI context.

Set up in 30 seconds. Free for solo developers.

Get started free View on GitHub