https://github.com/No-Box-Dev/Noxkey
macOS secrets manager with Touch ID. Stores API keys in the Keychain, detects AI agents, delivers secrets via encrypted handoff. Free, open source, local-only. A dotenv alternative for developers.
https://github.com/No-Box-Dev/Noxkey
ai-agent-security cli credential-management developer-tools dotenv-alternative encryption keychain macos mcp menu-bar-app open-source secrets-manager swiftui touch-id
Last synced: 3 months ago
JSON representation
macOS secrets manager with Touch ID. Stores API keys in the Keychain, detects AI agents, delivers secrets via encrypted handoff. Free, open source, local-only. A dotenv alternative for developers.
- Host: GitHub
- URL: https://github.com/No-Box-Dev/Noxkey
- Owner: No-Box-Dev
- License: mit
- Created: 2026-03-07T01:32:18.000Z (4 months ago)
- Default Branch: main
- Last Pushed: 2026-03-29T18:47:16.000Z (3 months ago)
- Last Synced: 2026-03-29T18:53:13.000Z (3 months ago)
- Topics: ai-agent-security, cli, credential-management, developer-tools, dotenv-alternative, encryption, keychain, macos, mcp, menu-bar-app, open-source, secrets-manager, swiftui, touch-id
- Language: JavaScript
- Homepage: https://noxkey.ai
- Size: 1.83 MB
- Stars: 2
- Watchers: 0
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-mac - NoxKey - キーチェーンとTouch IDでAPIキーやトークンを管理するツール。 [![Open-Source Software][OSS Icon]](https://github.com/No-Box-Dev/Noxkey) ![Freeware][Freeware Icon] (セキュリティツール / オーディオ録音・処理)
- awesome-swift-macos-apps - Noxkey - Box-Dev/Noxkey?style=flat&label=" /> <img align="bottom" height="13" src="https://img.shields.io/github/last-commit/No-Box-Dev/Noxkey?style=flat&label=" /> - Keychain-based secret manager with Touch ID for storing API keys and other secrets. (Security / Text)
- fucking-awesome-mac - NoxKey - キーチェーンとTouch IDでAPIキーやトークンを管理するツール。 [![Open-Source Software][OSS Icon]](https://github.com/No-Box-Dev/Noxkey) ![Freeware][Freeware Icon] (セキュリティツール / オーディオ録音・処理)
README
NoxKey
macOS secrets manager with Touch ID. A secure dotenv alternative.
Stop putting API keys in .env files. Stop pasting secrets into AI chats.
Website ·
Blog ·
Install ·
CLI Reference ·
vs dotenv ·
vs 1Password CLI
---
## What is NoxKey?
NoxKey is a **free, open-source macOS secrets manager** that stores API keys, tokens, and credentials in the **macOS Keychain** (hardware-encrypted via Secure Enclave) and gates every access with **Touch ID**.
It replaces `.env` files with a developer CLI and native menu bar app. No cloud. No master password. No subscription. NoxKey detects AI coding agents (Claude Code, Cursor, Copilot) and delivers secrets through an encrypted handoff so the raw value never enters the agent's context window.
```bash
brew install no-box-dev/noxkey/noxkey
```
---
## The problem
You have API keys in `.env` files. Plaintext. No authentication. Any process on your machine can read them — including AI coding agents that treat your `.env` as just another project file.
[12.8 million secrets](https://noxkey.ai/blog/stop-putting-secrets-in-env-files.html?ref=github) were exposed in public GitHub repos in 2024. The `.env` pattern was designed in 2012, before AI agents existed. It's a liability.
## How NoxKey fixes it
NoxKey stores secrets in the **macOS Keychain** (Secure Enclave, hardware-encrypted) and gates every access with **Touch ID**. No files on disk. No master password. No cloud.
```bash
# Store a secret (from clipboard — never in shell history)
noxkey set myorg/project/STRIPE_KEY --clipboard
# Use it in your shell
eval "$(noxkey get myorg/project/STRIPE_KEY)"
# → Touch ID prompt → STRIPE_KEY loaded into environment
# List your secrets (names only, never values)
noxkey ls myorg/
```
When an AI agent calls `noxkey get`, NoxKey [detects the agent](https://noxkey.ai/blog/process-tree-agent-detection.html?ref=github) by walking the process tree and returns an **encrypted handoff** — the secret reaches the agent's environment but never enters its conversation context.
## Install
```bash
# 1. Install via Homebrew
brew install no-box-dev/noxkey/noxkey
# 2. Launch the app (it lives in your menu bar)
open /Applications/NoxKey.app
# 3. Done — the CLI works immediately
noxkey ls
```
### Migrate from .env files
```bash
noxkey import myorg/project .env # import all secrets
noxkey ls myorg/project/ # verify
rm .env # delete the liability
```
## Why NoxKey
| | .env files | 1Password CLI | HashiCorp Vault | **NoxKey** |
|---|---|---|---|---|
| **Encryption** | None | AES-256 (cloud) | Server-side | **Secure Enclave (hardware)** |
| **Auth model** | None | Master password | Token-based | **Touch ID per access** |
| **AI agent safety** | None | None | None | **Process-tree detection** |
| **Network required** | No | Yes (sync) | Yes (server) | **No** |
| **Cost** | Free | $36/yr | Free (self-host) | **Free** |
| **Setup** | None | Account + master pw | Server infra | **`brew install`** |
## Architecture
```
┌──────────────┐ Unix socket ┌─────────────────┐
│ noxkey CLI │ ──────── JSON ────────────▶ │ NoxKey.app │
│ (Swift) │ │ (SwiftUI) │
└──────────────┘ └────────┬─────────┘
│
┌────────▼─────────┐
│ Agent Detection │
│ (process-tree │
│ walk, 20 levels) │
└────────┬─────────┘
│
┌─────────────┐ ┌───────▼──────────┐
│ Touch ID │ │ macOS Keychain │
│ (Secure │◀│ (Data Protection) │
│ Enclave) │ └──────────────────┘
└─────────────┘
```
**Menu bar app** — native SwiftUI. Manages the Keychain, handles Touch ID, detects AI agents via `proc_pidinfo`, serves requests over a Unix domain socket.
**CLI** — Swift binary. Talks to the app over the socket. Every request is validated server-side — the CLI can't bypass agent detection.
**Agent detection** — walks the process tree from the requesting PID up to `launchd`, checking each ancestor against known agent signatures (claude, cursor, codex, windsurf, copilot). [Full explanation →](https://noxkey.ai/blog/process-tree-agent-detection.html?ref=github)
## Key features
### Security
- **Touch ID on every access** — not a password, your fingerprint
- **Secure Enclave storage** — decryption key never leaves the chip
- **Strict mode** — mark high-value secrets to always require Touch ID, even during sessions
- **Zero network** — no telemetry, no sync, no cloud. Secrets never leave your machine
- **DLP guard** — scans AI agent output for leaked secret values before they enter context
### Developer experience
- **`eval "$(noxkey get org/proj/KEY)"`** — one command, any terminal
- **Session unlock** — `noxkey unlock org/proj` → one Touch ID, then batch access
- **Import/export** — `noxkey import org/proj .env` migrates everything in one step
- **Peek** — `noxkey peek org/proj/KEY` shows first 8 chars for verification
- **Organize** — `noxkey organize` reviews keys and adds missing metadata
- **Rotate** — `noxkey rotate org/proj/KEY` guides you through secret rotation
### Password & login management
- **Generate** — create login credentials with auto-generated passwords from the quick-access panel
- **Organizations** — managed org list, linked emails auto-selected per org
- **Email aliases** — generate unique `+alias` variants per project (e.g. `user+react-frontend-a1b2@domain`)
- **Tabbed view** — All | Logins | Recovery Codes | Generate in both panel and main app
- **Step-through clipboard** — username copied first, click Next for password
- **Browser detection** — auto-detects project from active localhost tab (Chrome, Safari, Arc, Edge)
### AI agent safety
- **Automatic detection** — Claude Code, Cursor, Codex, Windsurf, Copilot identified by process tree
- **Encrypted handoff** — agents get secrets in their environment, never in conversation context
- **Command blocking** — `--raw`, `--copy`, `load`, `export`, `bundle` blocked for agent callers
- **DLP scanning** — `noxkey guard` catches leaked values in agent output
## CLI reference
### Core
```
noxkey set --clipboard Store from clipboard
noxkey get Copy to clipboard (Touch ID)
noxkey peek Show first 8 chars
noxkey rm Delete a secret
noxkey ls [prefix] List key names (no values)
noxkey ls --type=login --org=n1 Filter by type, org, or search
noxkey import Import from .env file
noxkey export Export to .env file
```
### Sessions
```
noxkey unlock [--timeout=4h] One Touch ID, then batch access
noxkey lock [org/proj] Lock prefix (or all)
noxkey session Show active sessions
```
### Security
```
noxkey strict Always require Touch ID (even during sessions)
noxkey unstrict Remove strict mode
noxkey guard DLP scan stdin for leaked values
noxkey verify Print security verification commands
noxkey audit [N] Show last N audit log entries
```
### Maintenance
```
noxkey rotate Guided rotation workflow
noxkey organize [--dry-run] [--auto] Review and fix metadata
noxkey scan [path] [--prefix=org/proj] Find and import .env files
noxkey config --timeout=8h Set session timeout per prefix
noxkey update Update app and/or CLI
```
### Naming convention
```
org/project/KEY — project-specific secrets
shared/KEY — cross-project secrets (e.g. shared/CLOUDFLARE_API_TOKEN)
```
## Security model
| What | Where |
|---|---|
| Secret values | macOS Data Protection Keychain (Secure Enclave) |
| Metadata | Separate Keychain item per secret |
| Session cache | In-memory only, cleared on lock/quit |
| Socket | User-only permissions (`0600`), peer UID verified |
- Secrets **never leave the machine** in plaintext
- Agent callers receive AES-256-CBC encrypted payloads via self-deleting temp scripts
- Sessions are bound to PID + process start time (prevents PID recycling attacks)
- `noxkey ls` and `noxkey peek` never expose full values
## Build from source
```bash
git clone https://github.com/No-Box-Dev/Noxkey.git
cd Noxkey
open NoxKey.xcodeproj
# Build and run (Cmd+R)
```
The CLI auto-installs to `~/.local/bin/noxkey` when the app launches. Add `~/.local/bin` to your `PATH`.
Requires macOS 14+ and Xcode 15+.
## Blog
Deep dives into how NoxKey works and why:
- [Stop Putting Secrets in .env Files](https://noxkey.ai/blog/stop-putting-secrets-in-env-files.html?ref=github)
- [macOS Keychain for Developers](https://noxkey.ai/blog/macos-keychain-for-developers.html?ref=github)
- [How Touch ID Can Protect Your API Keys](https://noxkey.ai/blog/touch-id-api-keys.html?ref=github)
- [The Developer's Guide to Credential Hygiene](https://noxkey.ai/blog/credential-hygiene-for-developers.html?ref=github)
- [6 Ways AI Agents Leak Your Secrets](https://noxkey.ai/blog/five-ways-ai-agents-leak-secrets.html?ref=github)
- [How We Built Process-Tree Agent Detection](https://noxkey.ai/blog/process-tree-agent-detection.html?ref=github)
## FAQ
**Is NoxKey free?**
Yes. MIT-licensed, open source, no account, no subscription, no cloud.
**How is NoxKey different from 1Password CLI?**
NoxKey is local-only (no cloud, no account), free, and includes AI agent detection with encrypted handoff. [Full comparison](https://noxkey.ai/compare/noxkey-vs-1password-cli.html?ref=github).
**How is NoxKey different from dotenv?**
dotenv stores secrets as plaintext files with zero authentication. NoxKey stores them in the hardware-encrypted Keychain with Touch ID. [Full comparison](https://noxkey.ai/compare/noxkey-vs-dotenv.html?ref=github).
**Does NoxKey work on Linux or Windows?**
No. NoxKey is macOS only — it depends on the macOS Keychain and Touch ID. For cross-platform needs, consider 1Password CLI or HashiCorp Vault.
**Does NoxKey send data to the cloud?**
No. Zero outbound network connections. Verifiable via macOS network monitoring.
**How does NoxKey detect AI agents?**
It walks the macOS process tree when a secret is requested. If an AI agent is in the calling chain, the secret is delivered through an encrypted, self-deleting temp script instead of as a raw value. [Technical deep-dive](https://noxkey.ai/blog/process-tree-agent-detection.html?ref=github).
## License
[MIT](LICENSE) — Copyright (c) 2024-2026 [No-Box-Dev](https://noboxdev.com)