{"id":50755301,"url":"https://github.com/escoffier-labs/agentpantry","last_synced_at":"2026-06-11T04:03:49.508Z","repository":{"id":362063647,"uuid":"1255728198","full_name":"escoffier-labs/agentpantry","owner":"escoffier-labs","description":"Secure browser session and secret sync CLI for AI agent machines.","archived":false,"fork":false,"pushed_at":"2026-06-10T02:20:37.000Z","size":2098,"stargazers_count":1,"open_issues_count":3,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2026-06-10T04:09:52.964Z","etag":null,"topics":["agent-infrastructure","agent-ops","ai-agents","brigade","browser-automation","browser-session-sync","chrome","claude-code","cli","codex","cookie-sync","cookies","firefox","go","hermes-agent","openclaw","secret-sync","secrets"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/escoffier-labs.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-06-01T05:52:01.000Z","updated_at":"2026-06-10T02:20:41.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/escoffier-labs/agentpantry","commit_stats":null,"previous_names":["escoffier-labs/agentpantry"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/escoffier-labs/agentpantry","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/escoffier-labs%2Fagentpantry","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/escoffier-labs%2Fagentpantry/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/escoffier-labs%2Fagentpantry/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/escoffier-labs%2Fagentpantry/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/escoffier-labs","download_url":"https://codeload.github.com/escoffier-labs/agentpantry/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/escoffier-labs%2Fagentpantry/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34181588,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-11T02:00:06.485Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent-infrastructure","agent-ops","ai-agents","brigade","browser-automation","browser-session-sync","chrome","claude-code","cli","codex","cookie-sync","cookies","firefox","go","hermes-agent","openclaw","secret-sync","secrets"],"created_at":"2026-06-11T04:03:48.845Z","updated_at":"2026-06-11T04:03:49.503Z","avatar_url":"https://github.com/escoffier-labs.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n  \u003cimg src=\"docs/assets/agentpantry-social-preview.jpg\" alt=\"Agent Pantry secure browser session sync for AI agents\" width=\"900\"\u003e\n\n  \u003ch1\u003eAgent Pantry\u003c/h1\u003e\n\n  \u003cp\u003e\u003cstrong\u003eAuthenticated sessions for agent machines.\u003c/strong\u003e\u003c/p\u003e\n\n  \u003cp\u003e\n    \u003cimg src=\"https://img.shields.io/github/actions/workflow/status/escoffier-labs/agentpantry/ci.yml?branch=master\u0026style=for-the-badge\u0026label=ci\" alt=\"CI status\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/go-1.25%2B-00ADD8?style=for-the-badge\u0026logo=go\u0026logoColor=white\" alt=\"Go 1.25+\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/platform-Linux%20%7C%20macOS%20%7C%20Windows-334155?style=for-the-badge\" alt=\"Platform: Linux, macOS, Windows\"\u003e\n    \u003cimg src=\"https://img.shields.io/badge/license-MIT-green?style=for-the-badge\" alt=\"MIT license\"\u003e\n  \u003c/p\u003e\n\u003c/div\u003e\n\nKeep your agent's machine authenticated. Agent Pantry (`agentpantry`) is a\nsecure browser session and secret sync CLI for AI agents. It mirrors selected\ncookies, browser auth state, and named secrets from your daily-driver (source)\nto the machine your agent runs on (sink), whether that is Codex, Claude Code,\nOpenClaw, Hermes Agent, or a custom runner. Everything moves encrypted over any\nreachable byte stream, so automation can use tools that expect local auth state.\n\nIn kitchen terms: the pantry is where the chef stores the cookies and the\nsecret recipes.\n\nAgent Pantry is part of the [Brigade](https://github.com/escoffier-labs/brigade)\nfleet from Escoffier Labs: small, composable agent-ops tools that help agent\nruntimes work with real local environments. It is still a standalone\nMIT-licensed CLI; you can use it without Brigade or any other Escoffier Labs\ntool.\n\n## Install\n\n    go install github.com/escoffier-labs/agentpantry/cmd/agentpantry@latest\n\nConfirm the installed binary:\n\n    agentpantry version\n\nOr install a release archive:\n\n    VERSION=v0.4.0\n    OS=linux\n    ARCH=amd64\n    curl -LO \"https://github.com/escoffier-labs/agentpantry/releases/download/${VERSION}/agentpantry_${VERSION}_${OS}_${ARCH}.tar.gz\"\n    curl -LO \"https://github.com/escoffier-labs/agentpantry/releases/download/${VERSION}/checksums.txt\"\n    sha256sum -c checksums.txt --ignore-missing\n    tar -xzf \"agentpantry_${VERSION}_${OS}_${ARCH}.tar.gz\"\n    install -m 0755 \"agentpantry_${VERSION}_${OS}_${ARCH}/agentpantry\" ~/.local/bin/agentpantry\n\n## How it works\n\nagentpantry is a single binary that takes on one of two roles, chosen by\nsubcommand.\n\nThe source runs on your daily driver. It watches the Chromium cookie store for\nchanges, copies the locked SQLite file to a temporary path, and decrypts each\nvalue using the keyring passphrase from the freedesktop Secret Service (falling\nback to Chromium's fixed \"peanuts\" key when no keyring is present). The\ndecrypted cookies are normalized into a snapshot, filtered through your domain\nallow/deny policy, and diffed against the last snapshot so only changes move.\nEach diff is JSON-encoded, sealed in an AES-256-GCM frame carrying a monotonic\nreplay counter, and written length-prefixed onto a stream.\n\nThe sink runs on your agent's machine. It opens each frame, rejects any frame\nwhose counter is not strictly greater than the last accepted one, and applies\nthe diff to its configured surfaces. The default sink surface is a plaintext\nsidecar SQLite database that holds the current cookie set; opt-in surfaces and\nadapters can also write secrets, browser stores, Netscape cookie files, GitHub\nCLI auth, OpenClaw provider profiles, and a Hermes Agent bundle.\n\n### Source-to-sink flow\n\n```mermaid\nflowchart TB\n    SOURCE[\"\u003cb\u003eagentpantry source\u003c/b\u003e\u003cbr/\u003e\u003ci\u003edaily-driver role\u003c/i\u003e\"]\n    SINK[\"\u003cb\u003eagentpantry sink\u003c/b\u003e\u003cbr/\u003e\u003ci\u003eagent-machine role\u003c/i\u003e\"]\n\n    subgraph INPUTS [\" source inputs \"]\n        BROWSERS[\"\u003cb\u003eBrowser profiles\u003c/b\u003e\u003cbr/\u003eChromium · Firefox · CDP\"]\n        SECRETS[\"\u003cb\u003eSecrets directory\u003c/b\u003e\u003cbr/\u003enamed files only\"]\n        POLICY[\"\u003cb\u003eDomain policy\u003c/b\u003e\u003cbr/\u003eallow first · deny wins\"]\n    end\n\n    BROWSERS \u0026 SECRETS \u0026 POLICY --\u003e SOURCE\n\n    subgraph PIPELINE [\" normalize and seal \"]\n        READ[\"\u003cb\u003eRead current state\u003c/b\u003e\u003cbr/\u003ecopy locked DB · ask CDP\"]\n        NORMALIZE[\"\u003cb\u003eDecrypt + normalize\u003c/b\u003e\u003cbr/\u003ecookies · secrets\"]\n        DIFF[\"\u003cb\u003eDiff snapshots\u003c/b\u003e\u003cbr/\u003esend only changed values\"]\n        FRAME[\"\u003cb\u003eSeal frame\u003c/b\u003e\u003cbr/\u003eAES-256-GCM · HKDF salt · replay counter\"]\n    end\n\n    SOURCE --\u003e READ --\u003e NORMALIZE --\u003e DIFF --\u003e FRAME\n\n    STREAM[\"\u003cb\u003eSealed byte stream\u003c/b\u003e\u003cbr/\u003eTCP · SSH stdio · tunnel\"]\n    FRAME == encrypted frames ==\u003e STREAM\n    STREAM == length-prefixed frames ==\u003e SINK\n\n    subgraph TARGETS [\" sink surfaces and adapters \"]\n        SIDECAR[\"\u003cb\u003eSidecar SQLite\u003c/b\u003e\u003cbr/\u003edefault cookie store\"]\n        SECRET_OUT[\"\u003cb\u003eSecrets\u003c/b\u003e\u003cbr/\u003e0600 files\"]\n        ADAPTERS[\"\u003cb\u003eAdapters\u003c/b\u003e\u003cbr/\u003ecookies.txt · gh · OpenClaw · Hermes\"]\n        CHROME[\"\u003cb\u003eChrome re-encrypt\u003c/b\u003e\u003cbr/\u003eWindows automation profile\"]\n    end\n\n    SINK --\u003e|reject stale counters| SIDECAR\n    SINK --\u003e SECRET_OUT\n    SINK --\u003e ADAPTERS\n    SINK --\u003e CHROME\n\n    GUARD[\"\u003cb\u003eSecurity boundary\u003c/b\u003e\u003cbr/\u003enothing syncs without an allow policy; values stay sealed in transit\"]\n    POLICY -. constrains .-\u003e GUARD\n    FRAME -. enforces .-\u003e GUARD\n    GUARD -. limits writes .-\u003e TARGETS\n\n    classDef source fill:#eff6ff,stroke:#2563eb,color:#1e3a8a;\n    classDef process fill:#ecfdf5,stroke:#059669,color:#064e3b;\n    classDef stream fill:#fff7ed,stroke:#ea580c,color:#7c2d12;\n    classDef sink fill:#f8fafc,stroke:#64748b,color:#334155;\n    classDef guard fill:#fee2e2,stroke:#ef4444,color:#7f1d1d;\n    class SOURCE,BROWSERS,SECRETS,POLICY source;\n    class READ,NORMALIZE,DIFF process;\n    class FRAME,STREAM stream;\n    class SINK,SIDECAR,SECRET_OUT,ADAPTERS,CHROME sink;\n    class GUARD guard;\n```\n\nThe transport is just a byte stream, so the link can be a TCP connection over a\ntrusted network or a piped stdio channel through a tunnel. The encryption and\nframing do not care which.\n\n## Quickstart\n\n### On the sink (agent machine)\n    agentpantry init --role sink\n    agentpantry keygen\n    # copy ~/.config/agentpantry/psk.key to the source machine\n    # edit config.toml: set peer to the bind address, e.g. 0.0.0.0:8787 over your VPN\n    agentpantry doctor\n    agentpantry sink\n\n### On the source (daily driver)\n    agentpantry init --role source\n    # copy the psk.key from the sink into ~/.config/agentpantry/psk.key\n    # edit config.toml: set peer to the sink address, add a [[browsers]] block and allow domains\n    agentpantry doctor\n    agentpantry source\n\n`init` writes a commented config that walks through each field (it refuses to\noverwrite an existing config unless you pass `--force`), and `doctor` validates\nthe result before you rely on it, warning about misspelled or misplaced config\nkeys instead of ignoring them.\n\nA `[[browsers]]` entry takes a `kind`: `chromium` (Chrome, Chromium, Brave, Edge;\ndecrypted via the Secret Service with a `peanuts` fallback) or `firefox` (reads\nplaintext cookies from the profile's `cookies.sqlite`, so no keyring is needed).\nPoint `cookie_path` at the profile's cookie store. A source configured with only\nFirefox browsers skips the keyring check in `agentpantry doctor`.\n\nOn Windows, `kind = \"chromium\"` decrypts `v10` cookies using the DPAPI-unwrapped\nkey from the profile's `Local State`. `agentpantry install-service` on Windows\nprints a Scheduled Task command (agentpantry is a console app, so it runs as a\nlogon task rather than an SCM service). A Windows sink supports the sidecar,\nsecrets, and adapter surfaces, plus the real-Chrome re-encrypt surface described\nnext.\n\nA Windows sink can also use the real-Chrome re-encrypt surface (`chrome`): it\nwrites synced cookies into the target Chrome Cookies store as `v10` AES-256-GCM,\nencrypted with the sink's own DPAPI-unwrapped key. Use it against a not-running,\npre-app-bound, or dedicated automation profile; an app-bound (version 127+)\nprofile may prefer `v20`, so v10 writes are best treated as a legacy/automation\npath.\n\nFor app-bound Chrome (version 127+, `v20` cookies) where the key is no longer\nrecoverable from `Local State`, use `kind = \"cdp\"`: launch Chrome with\n`--remote-debugging-port=9222` (bound to loopback, ideally a dedicated automation\nprofile) and set `url = \"http://127.0.0.1:9222\"` on the browser entry. agentpantry\nasks Chrome for the cookies over the DevTools Protocol, so Chrome performs its own\nauthorized decryption. The debugging port grants full browser control, so keep it\non loopback and treat it as sensitive. A `cdp` reader syncs at startup, on\nother browsers' file events, and on the `resync_seconds` poll, which defaults\nto 60 seconds for a CDP source when unset.\n\nBoth ends must hold the same pre-shared key. Generate it once on the sink with\n`agentpantry keygen` and copy the file to the source. Run `agentpantry status`\non either machine to print the active role, peer, key path, surfaces, and the\nconfigured allow/deny domains. To run the source or sink as a persistent\nbackground service, use `agentpantry install-service`, which writes a systemd\nuser unit and prints the commands to enable it.\n\nThe `examples/` directory has copyable source and sink configs for Chromium,\nFirefox, CDP, Hermes Agent, GitHub CLI, OpenClaw, and SSH stdio transport.\n\n## Operating\n\n`agentpantry doctor` checks a configuration before you rely on it. It verifies\nthat the pre-shared key exists, is 32 bytes, and is mode 0600, that the role\nand peer are well formed, and that the role-specific pieces are in place: on a\nsource it confirms each browser cookie store and the secrets directory are\nreadable, and on a sink it confirms the bind address is loopback (warning if\nnot), and that each configured surface is satisfiable. On a source it also\ndials the peer to confirm reachability; pass `--no-net` to skip that or\n`--timeout` to change the dial timeout. Each check prints `OK`, `WARN`, or\n`FAIL`. doctor exits 0 when nothing failed and exits 1 when any check is a\n`FAIL` (warnings do not fail the run), so it can gate a startup script. Pass\n`--json` for a machine-readable payload with check rows, fail/warn counts, and a\nsafe config summary for operator dashboards such as Brigade.\n\n`agentpantry status` reports the active role, peer, key path, surfaces, and the\nconfigured allow/deny domains. It also reports the last sync: the time of the\nmost recent successful source cycle and the cookie and secret counts in the\nlast frame that was sent, or `never` if the source has not run yet. Pass\n`--json` for machine-readable output.\n\nThe transport can ride an SSH channel instead of a TCP listener. Run the source\nwith `--stdio` to stream sealed frames to stdout, and the sink with `--stdio` to\nread them from stdin, then connect the two over SSH:\n\n    agentpantry source --stdio | ssh sink.example agentpantry sink --stdio\n\nIn `--stdio` mode the source never dials the peer and the sink never binds a\nport, so the encrypted link exists only inside the SSH channel. The same key\nand framing apply.\n\n## Hardening\n\nThe transport begins each connection with a session-salt handshake (the sink\nissues a fresh random salt over TCP; the source issues it over `--stdio`) and\nderives a per-session AES-256 key from the pre-shared key via HKDF, so a frame\ncaptured from one session cannot be replayed into another. Secret syncing can be\nnarrowed with a `[secret_names]` allow/deny policy (exact names; deny overrides\nallow; an empty allow permits everything in the `secrets_dir`). `make gosec`\nruns the security scanner, `make vuln` runs govulncheck, and\n`make fuzz PKG=... FUZZ=...` runs the fuzz targets for the untrusted-input\nparsers.\n\n### Rotating the pre-shared key\n\n`agentpantry rotate-key` rotates the key with no sync downtime. Run it on the\nsink: it writes a fresh `psk.key` and preserves the previous key beside it as\n`psk.key.old`. The sink accepts new connections under either key (and logs a\nwarning when a peer still uses the old one), so the source keeps syncing while\nyou distribute the new key:\n\n    agentpantry rotate-key            # on the sink\n    # copy the new psk.key to the source over a secure channel\n    # restart the source, or let it reconnect\n    agentpantry rotate-key -finish    # on the sink, retires psk.key.old\n\n`doctor` and `status` show a rotation in progress, and a running sink picks up\nthe rotation without a restart. Finish promptly: until `-finish`, a holder of\nthe old key is still accepted. `keygen` remains the blunt instrument; it backs\nup an existing key beside itself as `psk.key.bak.\u003ctimestamp\u003e` before replacing\nit (pass `--backup=false` to skip that), but unlike `rotate-key` the sink\naccepts only the new key from that moment on. Delete `psk.key.bak.*` files once\na rotation is confirmed, especially one prompted by suspected key exposure:\nthey hold retired key material.\n\n## Reliability\n\nA TCP source reconnects automatically with capped backoff (1s up to 30s) if the\nsink restarts or the link drops, and resends its full current state on each\nreconnect. Set `resync_seconds` to have the source periodically re-sync on a\ntimer in addition to filesystem events (covers any missed event); a `kind=cdp`\nsource, which has no file to watch, defaults to a 60s poll when `resync_seconds`\nis unset.\n\n## Security\n\n- Domains are opt-in. Nothing syncs until you add it to `domains.allow`. An\n  empty allow list permits nothing, and a `domains.deny` entry overrides any\n  allow match.\n- The sidecar SQLite is plaintext, mode 0600. Treat the sink like a secret\n  store: anyone who can read that file can impersonate the synced sessions.\n- The pre-shared key file is written 0600 and must be kept off shared storage.\n- Cookie values are never logged. They live only in memory, in the encrypted\n  frames on the wire, and in the sidecar.\n- Transport is AES-256-GCM with a shared key; run it over Tailscale, Twingate,\n  a LAN you trust, or an SSH tunnel.\n- The sink defaults to loopback. Both `doctor` and `agentpantry sink` startup\n  warn when the bind address exposes the sink beyond loopback.\n\n## Surfaces\n\nThe sink applies each synced diff to one or more surfaces, chosen by the\n`surfaces` list in the sink config.\n\n- `sidecar` (always available): a plaintext sidecar SQLite database holding the\n  current cookie set, written mode 0600. This is the default and safest target.\n- `chrome` (opt-in, fragile): writes synced cookies directly into an existing\n  Chrome Cookies SQLite, re-encrypting each value with the sink machine's own\n  keyring key. The table schema is introspected at open time so it tolerates\n  Chrome version differences. This surface targets a profile that is not\n  running. Writing a live profile is unsupported, and Chrome may ignore or\n  overwrite the rows. It requires a `[[browsers]]` entry whose `cookie_path`\n  points at the target store.\n- `secrets`: writes synced secrets as individual files under the configured\n  secrets directory, one file per secret, mode 0600.\n\nExample sink config selecting multiple surfaces:\n\n    role = \"sink\"\n    peer = \"127.0.0.1:8787\"\n    surfaces = [\"sidecar\", \"secrets\"]\n    secrets_dir = \"/home/agent/.config/agentpantry/secrets\"\n\n## Secrets\n\nBeyond cookies, agentpantry can mirror a directory of secrets from source to\nsink in the same encrypted frame. On the source, set `secrets_dir` to a\ndirectory and each regular file becomes one secret (the file name is the secret\nname, the file contents are the value). Dotfiles and subdirectories are skipped.\n\nOn the sink, enable the `secrets` surface and set `secrets_dir` to the\ndestination. Each secret is written as a 0600 file named after the secret.\nSecret names are sanitized on the sink: any name containing a path separator,\na `..` element, or an absolute path is skipped rather than written outside the\nsecrets directory.\n\nCookies and secrets travel together inside one AES-256-GCM frame, so a single\npeer connection carries both.\n\n## Adapters\n\nAdapters are extra sink surfaces that write synced data into the native file a\nspecific CLI or agent harness already reads, so the tool wakes up authenticated\nwithout any agentpantry-aware glue. They are declared with an optional\n`[[adapters]]` block in the sink config, each entry chosen by `type`. An adapter\nis layered on top of the regular `surfaces` list; you can run both at once.\n\nFour adapter types ship:\n\n- `netscape`: a cookie surface that writes a Netscape `cookies.txt` (the format\n  curl, wget, and yt-dlp consume), mode 0600. It keeps an in-memory row set\n  seeded from its own file on start, so a sink restart does not drop rows the\n  source has not re-sent, and it rewrites the whole file on each apply.\n- `gh`: a secret surface that writes the GitHub token into the GitHub CLI's\n  `hosts.yml`. It is merge-only, so unrelated hosts already in the file are\n  preserved, and upsert-only, so a transient missing secret never deletes the\n  token and logs you out. Set `secret` to the secret name holding the token,\n  `host` (defaults to `github.com`), and optionally `user`.\n- `openclaw`: a secret surface that merges provider profiles into an OpenClaw\n  `auth-profiles.json`. The `profiles` field there is an OBJECT keyed by\n  `\u003cprovider\u003e:default`, not an array, so each `profiles` mapping entry maps a\n  secret name to its profile key. The secret value must itself be the profile\n  JSON object; a value that is not valid JSON is skipped rather than written, so\n  a malformed secret never corrupts a working gateway file. Like `gh` it is\n  merge-only and upsert-only.\n- `hermes`: a cookie and secret surface that writes an Agent Pantry bundle under\n  a Hermes-readable directory, usually `~/.hermes/agentpantry`. The bundle\n  contains `cookies.txt`, `secrets/\u003cname\u003e`, and `agentpantry.json` describing the\n  relative paths. This is an Agent Pantry-owned subtree, so deletes remove the\n  corresponding bundled cookie or secret.\n\nExample sink config with the common adapters:\n\n    role = \"sink\"\n    peer = \"127.0.0.1:8787\"\n    surfaces = [\"sidecar\"]\n\n    [[adapters]]\n    type = \"netscape\"\n    path = \"/home/agent/.config/agentpantry/cookies.txt\"\n\n    [[adapters]]\n    type = \"gh\"\n    path = \"/home/agent/.config/gh/hosts.yml\"\n    secret = \"gh_token\"\n    host = \"github.com\"\n    user = \"octocat\"\n\n    [[adapters]]\n    type = \"openclaw\"\n    path = \"/home/agent/.openclaw/auth-profiles.json\"\n\n    [adapters.profiles]\n    anthropic_secret = \"anthropic:default\"\n\n    [[adapters]]\n    type = \"hermes\"\n    path = \"/home/agent/.hermes/agentpantry\"\n\n`agentpantry doctor` checks each adapter: that its target directory is writable\nor creatable, that a `gh` adapter names a secret, and that an `openclaw` adapter\ncarries a profiles mapping. For `hermes`, `path` is a bundle directory, not a\nsingle file.\n\n## Status\n\nCurrent status: cookie sync to the plaintext sidecar remains the default path.\nAdditional shipped surfaces include real-Chrome re-encrypt, secrets, Netscape\n`cookies.txt`, `gh`, `openclaw`, and the Hermes Agent bundle. Source support\nincludes Linux Chromium, Firefox, Windows Chromium, and Chrome DevTools Protocol\nexport for app-bound Chrome profiles.\n\n## Release packaging\n\nLocal release archives can be built into `dist/`:\n\n    make package VERSION=v0.2.1\n\nThe package target runs `go test ./...`, `go vet ./...`, `gosec`, and\n`govulncheck`, then cross-builds Linux, macOS, and Windows archives with build\nmetadata stamped into the `agentpantry version` output. `dist/checksums.txt`\ncontains SHA-256 checksums for the generated archives.\n\nTagged releases (`v*`) are built by GitHub Actions. The release workflow uploads\nthe platform archives, `checksums.txt`, a source SPDX SBOM, and GitHub artifact\nprovenance attestations.\n\n## Acknowledgements\n\nHat tip to [agentcookie](https://github.com/mvanhorn/agentcookie) for the spark.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fescoffier-labs%2Fagentpantry","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fescoffier-labs%2Fagentpantry","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fescoffier-labs%2Fagentpantry/lists"}