Local-first proxy that keeps API keys out of AI agent context. Your agent sends requests to localhost — Aegis injects real credentials on the outbound HTTPS request. The agent never sees the raw key. Encrypted vault, domain allowlists, full audit trail, per-agent scoping, YAML policy engine, and native MCP server for Claude Desktop, Cursor, VS Code, Windsurf, and Cline. No SDK. No cloud. No code changes. Open source (Apache 2.0).