Hasp holds your secrets in one encrypted vault and hands them to apps and agents only inside the project boundary, only while you allow it, and never as a value the agent reads.

As more and more development moves to agentic work, security becomes even more important.

But security usually means inconvenience. Users eventually give up and put their secret into .env files, or worse, straight up give to the agents. This leads to all sorts of bad situations.

It's easy to blame the user. But that won't change anything. So instead I tried to build hasp around this. Let user to work as they do normally and let hasp to do the heavy lifting. The main goal is the lowest disruption of the user's workflow.

After lots of internal and external testing, I think hasp v1 is ready for the public scrutiny. Hasp is under FCL-1.0-ALV2 license with available source code.

hasp - local secret broker

Hand agent the keys. Without actually handing it the keys.

Hand agent the keys. Without actually handing it the keys.