How does KeyRunner keep secrets safe from AI agents?

KeyRunner fetches credentials from your Vault, 1Password, or PAM system at runtime and injects them directly into the API call. The agent only invokes a named action, it never sees the underlying secret or API key.

What is governed agent execution?

Governed agent execution means AI agents can only call APIs through approved, policy-controlled actions. Every call is policy-checked, blast-radius scored, credential-isolated at runtime, and fully audited, without the agent receiving raw credentials.

How do I convert my existing APIs into AI tools with KeyRunner?

Import your OpenAPI spec into KeyRunner. It automatically generates named tool definitions agents can invoke. You define governance contracts, map credentials, and KeyRunner handles policy checks, secret injection, approval gates, and audit logging at runtime.

What is blast radius scoring for AI agents?

Blast radius scoring is KeyRunner quantifying the potential scope and impact of an agent action before it executes. A low-blast action like reading a record has a different risk profile than a bulk delete or a financial transfer. KeyRunner scores each tool call and can block, flag, or require approval based on that score.

How does KeyRunner handle approval gates for AI agents?

When an agent calls a tool that exceeds a policy threshold (high blast radius, sensitive write operation, or out-of-policy scope), KeyRunner can pause execution and route the request to a designated approver. The agent waits until the approval is granted or denied before proceeding.

What is time boxing in the context of AI agent tool calls?

Time boxing sets a maximum allowed duration for a single tool call execution. If an operation stalls, hangs, or runs longer than the configured limit, KeyRunner auto-cancels the call and can trigger a rollback. This prevents runaway agent loops from holding resources indefinitely.

How does KeyRunner prevent AI agents from leaking PII or PHI?

KeyRunner applies response redaction rules before the API response is returned to the agent. Admins define which fields, patterns, or data types (PII, PHI, PCI, secrets) should be stripped. The agent receives only the clean, redacted response - it never sees the raw sensitive data.

Turn existing APIs into
governed AI tools
in under 5 minutes.

Give agents capability, not credentials.

KeyRunner is the governed execution layer for enterprise AI agents. Connect an existing API, add the KeyRunner SDK, onboard your agent, and run governed actions with policy enforcement, runtime secret injection, approvals, redaction, and auditability built in.

Runs inside your infrastructureSecrets injected only at runtimeFull audit trail

How it works

Connect API

Import OpenAPI spec in seconds

Add SDK

A few lines of code

Onboard agent

Give agent approved tools

Run governed

Safe, monitored, auditable

Agent requests an API action

Claude

ChatGPT

Cursor

Your agent

KeyRunner

Policy checkSecret injectionApproval gatesContract governanceTime boxingResponse redactionRate limitingData classificationBlast radius scoringAudit & logs

Your API / Enterprise Systems

Salesforce

ServiceNow

Jira

Workday

Snowflake

Any REST

No secrets exposed to the model

Credentials are never stored or shared with the LLM.

Sensitive data redacted

Responses are filtered before they reach the agent.

Policy checked before every action

Only allowed actions with valid inputs are executed.

High-risk writes require approval

Critical actions get human approval when needed.

Every execution is auditable

Complete logs for every action, decision, and user.

From local API testing to governed agent execution

Developers start with the free API client. Security teams add policy, runtime credentials, and audit trails for production.

Trusted by Customers

GLHomes

MetroPlusHealth

In Partnership With

1Password

Why agents fail in production

Most API-connected agents never make it past the demo.

They all hit the same three walls.

Credential exposure

Agents get too close to raw credentials

Internal API workflows often require tokens, service accounts, OAuth grants, or environment secrets. When agents, scripts, or MCP tools handle them directly, credentials can leak into logs, traces, prompts, local files, or overly broad runtimes.

Governance gap

Logs show what happened. They do not stop it.

Post-execution logs help with investigation, but they do not enforce policy before a risky API call goes out. Production agents need pre-execution checks for user, agent, action, environment, and payload.

No shared runtime

Every new agent rebuilds the same API actions

Teams wire the same Stripe, Slack, Salesforce, GitHub, cloud, and internal APIs into Claude, Cursor, ChatGPT, scripts, and internal agents. Without a shared governed runtime, API logic drifts and risk multiplies.

The fix

One API workflow layer. Every agent governed.

KeyRunner starts as the API client your team uses to build and test requests. Those requests become reusable workflows, and those workflows become approved actions agents can run with policy, runtime credentials, redaction, and audit built in.

See how it works

Universal coverage

Any agent. Any API.

KeyRunner sits in the middle. Agents never touch credentials. APIs never send raw data to your model.

Any agent

Claude

ChatGPT

Cursor

Internal ops

Named action

no credentials passed

Clean response

agent-safe data only

Named action

Clean response

KeyRunner

governed runtime

On every request

Policy enforced before call

Write actions require approval

Credentials injected at runtime

On every response

SSNs, PHI, card data redacted

API keys and secrets stripped

Every call logged for audit

Credential sources

HashiCorp Vault

1Password

Azure Key Vault

AWS Secrets

Fetched at runtime. Never stored by KeyRunner.

Auth'd API call

credentials injected

Raw response

unredacted, all fields

Auth'd API call

Raw response

Any API or app

Salesforce

Stripe

GitHub

Slack

Google Cloud

Internal APIs

Request — policy checked, credentials injected by KeyRunner

Response — PII, PHI, and secrets stripped before agent sees it

Interactive Demo

See how KeyRunner works

From OpenAPI spec to governed agent tool in five steps. Credentials stay in your vault. PII never reaches the agent.

Import your API

Paste an OpenAPI spec. KeyRunner converts every endpoint into a named, governed tool — no changes to the downstream service.

keyrunner · import

Three endpoints parsed from spec. Each becomes a named, callable tool with no agent awareness of the underlying API or credentials.

API imported — 3 governed tools created

Next:define who can call which tool

Step 1 of 5

Click Next to explore

One platform, two jobs

API client for developers.
Governance layer for agents.

The same APIs you test with the client become governed tools your AI agents call through the enforcement layer.

Intercept & policy check

Docs

Trust by design

Why trust us?

KeyRunner is built to give security, platform, and developer teams a tighter execution model without slowing down daily work.

Proven Security

Security controls built into the workflow

KeyRunner is designed to protect execution paths, secrets, and tenant boundaries from the start.

Zero Trust Framework

Every request is authenticated and verified to reduce unauthorized access risk.

Encrypted Environment Variables

Sensitive configuration stays protected with stronger handling for runtime secrets.

Centralized KeyConnector

Enterprise requests can be routed through infrastructure that runs inside your environment.

Data Protection

Safer handling for sensitive information

KeyRunner reduces accidental exposure with controls focused on what developers actually send and receive.

Sensitive Data Redaction

PII, PHI, and PCI can be redacted according to tenant-defined security rules.

Secrets Scanner

Continuously scan collections and requests to identify risky values before they spread.

Data Anonymization

Anonymize response data when needed to preserve privacy and reduce downstream exposure.

Compliance & Transparency

Visibility for security and governance teams

Operational trust is not just about prevention. It also depends on auditability, monitoring, and evidence.

Compliance with Industry Standards

Practices align with major compliance expectations so organizations can move with more confidence.

Audit Trails

Keep detailed records of actions and system behavior for accountability and review.

User Activity Monitoring

Track behavior across the platform to surface operational patterns and potential concerns.

API-first agentic security

Give agents capability. Not credentials.

Start with the free API client for developers. Add policy enforcement, credential isolation, and audit trails when your agentic workflows need enterprise-grade governance.

The execution guarantee

Secrets never reach the agent.

Credentials are injected at runtime, inside your infrastructure. Agents invoke named actions, nothing more.

Book a Demo→Download Free API Client→

Ask AI

Turn existing APIs intogoverned AI toolsin under 5 minutes.