Daniel

First external contribution to Agent Vault (AV) has been merged! @opencode is now a supported agent in AV. You can now run: agent-vault run -- opencode This will have the agent proxy requests through AV from which you can broker credentials. Stay tuned for better security guarantees around the agent's operating environment soon.

For a while, we've been grappling with one big question: How do we give agents secure access to services without them reading any secrets? Today, we provide an early answer: Agent Vault, an open source, HTTP credential proxy and vault. Agents like OpenClaw or Claude Code can proxy requests through Agent Vault regardless of the method an agent uses to interact with any target service: API, CLI, SDK, MCP. With Agent Vault, we’re rethinking how secrets should be consumed by agents. We believe that vaults and/or secret stores are here to stay but the way in which secrets are delivered to fit the ergonomics of how agents operate will change drastically. In the current state, agents cannot be trusted with holding secrets directly and so there has to be a dedicated credential broker beside each agent, be it through a dedicated service, sidecar, or egress layer; to securely attach credentials onto every request to the outside world. With this proxy in place, you can inspect proxied requests and, in the future, apply firewall rules to apply restrictions to traffic flowing through the proxy. The Agent Vault project by @infisical is an early peek into a trend that we believe many folks including Anthropic, Brex, Browser Use and others have caught onto which is the separation of the agent from its credentials. Check it out.

@JoelTheDane Best of luck to the IT force having to learn how to use MacOS (US based), or Linux (also US based/funded). This is purely symbolic politics, makes no sense

@deildo_jr @infisical hey @deildo_jr, thank you for raising the pr! i've just merged it in, and it's now live in the latest version!

If @infisical accept my PR I could use it. In case you missed it github.com/Infisical/php-…

If you’re a Vercel user acting on today’s security incident, here are some best next steps: > Rotate all secrets in your Vercel dashboard immediately > Bulk-migrate env vars to sensitive variables (@infisical has a Vercel sync you can use to quickly mark all secrets as sensitive) > Set up automations to rotate DB creds and API keys on a schedule > Use dynamic secrets, so DB credentials are short-lived > Pull secrets at runtime through our SDKs instead of storing them in Vercel > Make sure you have audit logs to see what was accessed

I had to urgently switch our hosting from @Railway to @Render In the past, doing so would've been a huge pain.... Migrating env vars, reconfiguring services, setting up internal networking, fixing broken builds etc. Instead, I installed the Railway, Render, and @infisical MCPs and asked Codex to migrate us. In a few hours it had unified our env management, configured all our Render instances, fixed broken builds. All we had to do was update our DNS. Exciting times!

being an engineer by trade vs being an engineer by heart makes such a big difference in work ethic

Announcing Infisical for Kids, the enterprise-grade household secrets management platform: > Real-time secret interception > Privileged access management (per room) > Just-in-Time kitchen access via Slack > Automated permission slip lifecycle management With Infisical for Kids, your kid submits a formal access request for the pantry at 9 PM. Denied. Full audit trail included. Build infrastructure, not punishments. kids.infisical.com

@infisical groundbreaking, infisical is now a household name

@bidhanxcode you shouldn't need to share .env files, ever. @infisical takes care of all that for you :)

How do you securely share .env files with teammates?

Pretty sure this was the plane that I was unfortunate enough to be on this morning

@benln Where will the one in Dubai be located at? @benln

Cafe Cursor is coming up in these cities: • Hanoi - 2/28 • Nairobi - 2/28 • Quito - 2/28 • Vilnius - 3/2 • Tokyo - 3/5 • Dubai - 3/5 • Geneva - 3/6 • Hong Kong - 3/8 • Barcelona - 3/10 • Barranquilla - 3/12 • Bangkok - 3/14 • Kigali - 3/17 • Zurich - 3/18

Insane stuff happening in Europe. Hopefully this doesn’t encourage other countries to follow suit

@adxtyahq just tell your agent swarm to integrate Infisical.com for secrets management, should do the trick!

me defending AI’s code in prod knowing damn well it hardcoded the API keys

this is incredible! 👏 can’t wait to see how this gets executed 🌍🇪🇺

what in the san francisco

@nalinrajput23 share.infisical.com works great for sharing any type of sensitive secrets!

How do teams usually share .env variables securely?