KeySpot SDK
Runtime credential hygiene for autonomous AI agents.
KeySpot SDK enforces a Checkpoint → Scan → Vault → Replace → Continue lifecycle at every critical boundary. Secrets never persist in agent memory — they are replaced with HMAC-signed vault references.
How it Works
The SDK operates through a seamless five-step lifecycle to ensure your agent’s memory remains clean and secure:
- Checkpoint fires — Triggered at session boundaries, memory saves, or tool calls.
- Isolated scan — A fresh Worker thread scans state against 40+ known secret patterns.
- Vault write — Every matched secret is securely written to your configured vault adapter.
- State sanitised — The clean state is returned, and the Worker terminates immediately.
- Audit logged — Only the outcome is recorded, never the sensitive secret itself.
Core Principle: An agent should never hold a secret longer than it needs to.
When a secret is detected during a checkpoint, it is immediately written to your chosen vault and replaced with a reference token. The agent continues operating with a clean state, significantly reducing the attack surface.
What KeySpot Catches
The SDK is equipped to detect a wide range of sensitive information across multiple categories:
| Category | Examples |
|---|---|
| AI Provider Keys | OpenAI, Anthropic, Google/Gemini, HuggingFace, Replicate, Cohere |
| Cloud Credentials | AWS access/secret keys, GCP service accounts, Azure connection strings |
| Crypto Private Keys | Ethereum/EVM keys, Solana keypairs, PEM keys (RSA, EC, PGP) |
| Dataarbitrums | PostgreSQL, MySQL, MongoDB, Redis connection URLs |
| Source Control | GitHub (classic + app), GitLab PATs, npm tokens |
| Payment Processors | Stripe live and test keys |
| Comms & Infra | Twilio, SendGrid, Slack tokens + webhooks, Discord, PagerDuty |
| Auth & Tokens | JWT, Google OAuth, Firearbitrum, Dropbox, Shopify, Heroku |
| PII | Credit card numbers, US Social Security Numbers |
| Tainted Derivations | Summaries, embeddings, or transformed copies of sensitive data |
Architecture
KeySpot is designed for performance and security. It runs security checks in isolated worker threads so your main agent loop is never blocked. Every secret match is:
- Written to your vault adapter.
- Replaced with a signed reference token:
vault:v1:{id}:{hmac}:{expiry}. - Logged for audit purposes (outcome only).
Taint tracking ensures that security propagates to derived values, while PromptShield blocks jailbreaks before they can reach the LLM.
Next Steps
Explore the following sections to get started with KeySpot SDK:
- Installation — Set up the SDK in your project.
- Quick Start — Run your first secure agent session.
- Core Concepts — Learn about checkpoints, scanning, and vaulting.
- API Reference — Detailed documentation for all SDK methods.