AI/ML●●●Banger
OpenLegion – AI agent fleet with container isolation and vault proxy
Vault proxy injects credentials at the network layer so agents never touch your keys.
Big BrainSolve My ProblemShip It
curiouscake
202mo ago
Back to browse
GitHub Repository
Credential isolation for agent containers
18 starsRust
Airlock – container agents should never hold credentials
by kalib_tweli·Mar 18, 2026·2 points·0 comments
AI Analysis
●●SolidBig BrainNiche Gem
Host-side credential enforcement for containerized agents before they leak your AWS keys.
Strengths
- •Busybox-style single binary shim reads argv[0] to proxy any CLI tool
- •TOML command modules with conservative deny rules reject unknown commands
- •Unix socket communication means credentials never touch the container filesystem
Weaknesses
- •Zero stars and forks — very early with no community validation yet
- •Homebrew PATH issues on macOS require manual configuration workarounds
Category
Target Audience
DevOps engineers running AI agents in Docker containers
Similar To
Docker Socket Proxy · Vault Agent · ssm-session-manager
Post Description
I built Airlock to move policy enforcement for credentialed CLI access out of agent containers and onto the host.
In Dockerized agent setups, prompt files, skills, and other in-container controls are not a real boundary. The agent can ignore or rewrite them.
Airlock replaces sensitive CLIs in the container with shims that send requests to a host daemon over a Unix socket. The host validates the request against policy and, if allowed, executes the real command there.
The goal is to let a containerized agent use tools like git, ssh, aws, terraform, or docker without the container holding the real credentials.
It’s not a general sandbox or a complete agent security solution. It solves a narrower problem: host-side enforcement for credentialed CLI access.
Similar Projects
Security●●●Banger
Agent Vault – A HTTP credential proxy and vault for AI agents
Agents never see credentials — brokered access beats retrieval for prompt injection safety.
Zero to OneSolve My Problem
dangtony98
156561mo ago
Security●●Solid
AVP – an agent can't leak a secret it never had
Agents can't leak secrets they never had—placeholder injection at the wire.
Big BrainSolve My Problem
radku
311d ago
Developer Tools●●Solid
Mistle – Open-source infrastructure for running sandboxed coding agents
Credential proxying keeps keys out of sandboxes, unlike Ramp Inspect.
Ship ItBig Brain
jonathanlowhy
601mo ago
Security●●Solid
Fakekey – never expose real API keys in the agent environment
MITM proxy swaps fake keys for real ones so agents never see credentials.
Niche GemBig Brain
tomsun28
202mo ago
Security●●●Banger
AgentSecrets – Zero-Knowledge Credential Proxy for AI Agents
Agent credential proxy using OS keychain injection—credentials never touch agent memory.
Zero to OneSolve My ProblemBig Brain
steppacodes
343mo ago