Give agents permission,not passwords.
Boundveil keeps credentials encrypted on your device, binds every action to its exact project and approval, and leaves a redacted, tamper-evident receipt.
- No raw-secret MCP tools
- Local vault decryption
- Account ≠ vault key
- GitHub
- Vercel
- Cloudflare
- Supabase
- Codex
- Claude Code
A control plane with a hard local boundary.
Agents receive typed capabilities. Your trusted device supplies the credential only to the intended provider call.
The hosted account is not your vault key.
Website login controls plans, devices, teams, and approvals. Vault decryption stays behind your local master password, trusted device, or recovery material.
- 01Rust cryptographic boundary
Vault keys and provider credentials remain outside ordinary browser and webview state.
- 02No secret-returning agent tools
Provider-aware actions replace get-secret, arbitrary proxy, and unrestricted shell primitives.
- 03Honest revocation
Revocation blocks future authority; it never promises impossible remote erasure of copied data.
Local access stays yours. SaaS adds coordination.
Preliminary monthly packages for validation—billing is not live and prices are not final.
Your trusted execution layer belongs on your device.
Windows desktop first. A signed, direct-download Android APK follows after its secure-storage and update gates pass.