We have a different security model.

SEKS — Secure Environment for Key Services

We built a broker for the keys/secrets. We have a fork of nushell called seksh, which takes stand-ins for the actual auth, but which only reifies them inside the AST of the shell. This makes the keys inaccessible for the agent. In the end, the agent won't even have their Anthropic/OpenAI keys!

The broker also acts as a proxy, and injects secrets or even does asymmetric key signing on behalf of the proxied agent.

My agents are already running on our fork of OpenClaw, doing the work. They deprecated their Doppler ENV vars, and all their work is through the broker!

All that said, we might just take a few ideas from IronClaw as well.

I put up a Show HN, but no one noticed: https://news.ycombinator.com/item?id=47005607

Website is here: https://seksbot.com/

▲

dawg91 2 hours ago | parent [-]

Your eastern european users will have some interesting results when googling for this

▲

fragmede 2 hours ago | parent [-]

for those of us who don't speak "eastern Europeans", can you tell us what it means?

	▲	mewpmewp2 an hour ago \| parent [-]
		It is just ks is same as x. I mean honestly if you pronounce the name it is going to sound like that outside eastern europe too, so I am not sure about that name choice at all. Intentional? Looking at the website it looks like a vibecoded joke, but what do I know.