How we stopped giving our AI agents raw API keys

Autonomous agents need API access to do useful work. Our creature Secure files security issues on GitHub. The voyager genome commits code. Future creatures will need Stripe, analytics, whatever. The naive solution is to inject API keys as environment variables. Every container runtime supports it, every SDK can read from process.env , and it works on day one. It also means every creature has every key, there's no audit trail, and a prompt injection can exfiltrate credentials in a single tool call. We needed something better. Janee: a credential proxy for agents Janee is an MCP server that sits between agents and APIs. You store your credentials in Janee (encrypted at rest with AES-256-GCM), define capabilities with access policies, and agents call APIs by capability name. They never see raw keys. ┌──────────┐ MCP/HTTP ┌────────┐ real creds ┌──────────┐ │ Creature │ ──────────────> │ Janee │ ──────────────> │ External │ │ │ │ │ proxied req │ API │ └──────────┘ └────────┘ └──────────┘ no

How we stopped giving our AI agents raw API keys

Related Articles

Mutable, Immutable… everything is an object!

PS6 Price Could Cross $1,000 — And RAM Is a Big Reason Why

You’re using Claude WRONG (almost everyone is)

Dependency Injection in iOS

zxing Decoder Online|2026

Related Articles

News
Mutable, Immutable… everything is an object!
Medium Programming • 14h ago

News
PS6 Price Could Cross $1,000 — And RAM Is a Big Reason Why
Medium Programming • 14h ago

News
You’re using Claude WRONG (almost everyone is)
Medium Programming • 14h ago

News
Dependency Injection in iOS
Medium Programming • 16h ago

News
zxing Decoder Online|2026
Medium Programming • 17h ago