Vault
Overview
Section titled “Overview”Vault is a medium-depth plugin that provides unified, encrypted credential and configuration management. All API keys in one place, accessible by authorized agents on demand.
Features
Section titled “Features”- Encrypted storage — API tokens stored with encryption at rest
- Per-agent access control — agents only see keys they’re authorized for
- MCP config management — store and manage MCP server configurations
- Agent skill registry — register and discover agent capabilities
Supported Credentials
Section titled “Supported Credentials”| Type | Example |
|---|---|
| API Tokens | OpenAI, Anthropic, Linear, GitHub |
| MCP Configs | Server endpoints, authentication |
| Agent Skills | Registered capabilities and tools |
# Check vault status.\entrance.exe nota status# → token_count: 5, mcp_config_count: 3
# Agents access keys through MCP tools# (keys never leave the Entrance process)Security Model
Section titled “Security Model”- Entrance = trusted core (runs as system service)
- External agents = non-privileged clients (access via MCP/HTTP)
- Keys are never exposed in agent prompts — agents request access, Entrance injects at runtime