oc

Give your agents access,
not your secrets.

Open-source credential vault. Your agents call services and never see a key.

Get Started
OneCLI terminal flow: start the proxy, add credentials, and agents just work
API keys scattered everywhere.One encrypted vault.
Agent sees raw keys.Agent never sees a key.
Revoking access means hunting down keys.Revoke once, everywhere.
Agent has unrestricted access.Block endpoints or rate-limit per agent.

Works with any agent framework

Add OneCLI, remove the risk

OpenClawNanoClawIronClawDifyn8nOpenHands+ any framework
OneCLI architecture showing agents connecting through the OneCLI proxy to external services
Without OneCLI+ OneCLI
Secret handlingLLM sees raw API keysEncrypted vault,
agent never sees keys
SetupHardcode keys or env varsdocker run ghcr.io/onecli/onecli

It happened to her.

It won't happen to you.

N
NIK
@ns123abc

META's head of AI safety and alignment gets her emails nuked by OpenClaw

See More

>be director of AI Safety and Alignment at Meta

>install OpenClaw

>give it unrestricted access to personal emails

>it starts nuking emails

>"Do not do that"

>*keeps going*

>"Stop don't do anything"

>*gets all remaining old stuff and nukes it aswell*

>"STOP OPENCLAW"

>"I asked you to not do that"

>"do you remember that?"

>"Yes I remember. And I violated it."

>"You're right to be upset"

Summer YueOpenClaw chat log showing the agent deleting emails while ignoring stop commandsSummer Yue X profile showing her role at Meta
2.8M views29K likes3.3K retweets
Elon Musk
Elon Musk
@elonmusk

People giving OpenClaw root access to their entire life

Monkey with gun meme
64.1M views46K likes23K retweets
Don't take our word for it
Andrej Karpathy
Andrej Karpathy
@karpathy

AI researcher

CLIs are super exciting precisely because they are a “legacy” technology, which means AI agents can natively and easily use them.

1.9M views11K likes
Guillermo Rauch
Guillermo Rauch
@rauchg

CEO, Vercel

Google has shipped a CLI for Google Workspace. 2026 is the year of Skills & CLIs.

481K views3.2K likes
Peter Steinberger
Peter Steinberger
@steipete

OpenClaw creator

Agents are really, really good at calling CLIs (actually much better than calling MCPs).

186K views1.5K likes
Kyle Daigle
Kyle Daigle
@kdaigle

COO, GitHub

GitHub Copilot CLI is generally available with custom agents, multi-model autopilot, and much more.

1.2M views5.8K likes

How it works

1. Start OneCLI

$docker run -d -p 10254:10254 -p 10255:10255 -v onecli-data:/app/data ghcr.io/onecli/onecli
{
  "status": "running",
  "dashboard": "localhost:10254",
  "gateway": "localhost:10255"
}

2. Add credentials

$open http://localhost:10254
{
  "credentials": ["google", "github", "slack"]
}

3. Your agent just works

$curl -x http://localhost:10255 https://gmail.googleapis.com/gmail/v1/users/me/messages
{
  "messages": [
    { "from": "[email protected]", "subject": "Re: Q3 roadmap" },
    { "from": "[email protected]", "subject": "PR #42 merged" },
    { "from": "[email protected]", "subject": "ONC-118 assigned to you" }
  ]
}

What you get

Zero code changes

Set HTTPS_PROXY and your agent's existing HTTP calls get credentials injected. No SDK, no wrapper.

Encrypted vault

Credentials stored in local KMS or OneCLI Cloud. Never written to disk in plain text.

Full audit trail

See every API call, which agent made it, and when.

One Docker container

Proxy, vault, and dashboard all run from a single docker run command.

Go deeper

CLI is the New MCP

Nawaz Dhandala · OneUptime

The Best AI Agent Interface Already Exists

Cobus Greyling · LinkedIn

CLI Tools for AI Agents

Eugene Petrenko · jonnyzzz.com

Rewrite Your CLI for AI Agents

Justin Poehnelt · Google