Show HN: Vault-AI – an open-source digital safe for AI secrets (v0.3.2)

1•vaultaiproject•1h ago

I built Vault-AI to solve a problem I kept running into when building AI apps: API keys and secrets end up scattered in .env files, hardcoded, or shared insecurely.

Vault-AI is a lightweight, self-hosted secrets manager — kind of like HashiCorp Vault, but simplified and aimed at AI workloads. It runs in Docker, comes with a simple CLI, and manages tenants, token-based auth, secret rotation, rollback, version history, and audit logs.

Quickstart: git clone → ./start.sh → vault-ai store/get

Repo: https://gitlab.com/vaultaiproject/vault-ai.git

Would love feedback from the HN community — what features are missing, and what would make this useful in your own AI/ML pipelines?

Comments

jaredallard2•1h ago

Why would someone want to use this over Vault or the multitude of other secrets managers?

vaultaiproject•1h ago

HashiCorp Vault (and other enterprise-grade managers) are incredibly powerful — but also heavy. For many AI/ML projects I’ve seen, people don’t need the full ecosystem: they just want to stop hardcoding API keys in .env files and have an easy way to rotate/retrieve them.

Vault-AI is aimed at that use case:

Lightweight & fast to start → git clone → ./start.sh gets you running in 2 minutes with Docker + Postgres.

AI-first focus → tenants + token-based auth designed for AI agents, LLM apps, RAG pipelines.

Simple CLI → no steep learning curve; just vault-ai store/get/rotate/audit.

Self-contained → no external cloud dependencies, runs locally or on your infra.

If you’re running a large enterprise with complex RBAC, PKI, dynamic secrets → HashiCorp Vault is the gold standard. If you’re building AI apps and just need a safe, self-hosted digital safe for API keys, tokens, and secrets, Vault-AI is a quicker fit.

vaultaiproject•1h ago

Thanks for your reply jaredallard2!

This Windows 11 app is a fantastic addition to the stock taskbar

Parallel and Recursive Route Rendering

The Vibes Have Taken Over

Replacing Clojure-lsp with clj-kondo and Refactor-nREPL

Show HN: A networking app to help students connect with alumni and get referrals

Show HN: SyGra – Graph-oriented Synthetic data generation Pipeline for LLMs

Learning to read C++ compiler errors: Not a legal base class

Ask HN: How do you orchestrate multiple agents?

Private Equity Is Getting Boring

Stress Testing Deliberative Alignment for Anti-Scheming Training

Show HN: Open-source Todoist Clone that you can run on your personal Supabase

Why Boeing Pilots Can't Fly Airbus Jets Without Being Retrained

Volvo to expand production at Ridgeville plant with new hybrid model

I Survived the Zombie Apocalypse

Random Mosaic – Detecting unauthorized physical access with colored rice

Principles for making complex simple again (with interactive AI mentors)

Personalizing Agentic AI to Users' Musical Tastes

The Risks of NPM

Huxe: A Personal Intelligence System

Find SF Parking Cops

Show HN: I Want My Travel

AI tools I wish existed

Which diseases will you have in 20 years? This AI accurately predicts your risks

Supporting Fairness and Originality in NIH Research Applications

Hundreds plunge into Chicago River in first open-water swim in nearly a century

OpenAI Systematically hiding messages from users (270 in one conversation)

Claude Code but for Analytics

Ask HN: Can I use grapheneos or flx1 Linux phone to prevent cell tower hacking?

Scoop: Stripe in talks to buy back stock from investors

We're living in a golden age of affordable mechanical keyboards