SafeClaw is a passkey-secured proxy that keeps your API credentials encrypted at rest and invisible to the agents that use them. Zero plaintext. Zero trust required.
Your vault is sealed with WebAuthn PRF โ only your biometric can unlock it. No passwords, no master keys.
Credentials are encrypted in your browser before transmission. The server never sees plaintext keys.
Agents route through the proxy and get responses โ but never see, store, or log your actual API keys.
One tap to lock the vault. Secrets are wiped from memory and the proxy returns safe placeholder responses.
Register two passkeys on different devices. Lose one, unlock with the other โ no lockout risk.
SSE streaming, all HTTP methods, auth injection โ your tools work exactly the same, just more secure.