Stop storing API keys in plain-text .env files.
ArmorClaw encrypts everything with AES-256 and unlocks only on your machine.
npx clawhub@latest install armorclaw
pip install ./skills/armorclaw
# Initialize vault
armorclaw init
# Store your first key
armorclaw set OPENAI_KEY
# Or import your whole .env at once
armorclaw import ~/.openclaw/openclaw.env
# List stored secrets
armorclaw list
from armorclaw.openclaw import inject_vault_env
# Inject all vault secrets into environment at startup
inject_vault_env(password="your-master-password")
# Or use ARMORCLAW_PASSWORD env var for bot auto-unlock
# export ARMORCLAW_PASSWORD="your-master-password"
# inject_vault_env()
One key, all your skills:
from armorclaw.openclaw import get_vault_key
# Any skill can pull keys from the vault
api_key = get_vault_key("OPENAI_KEY", skill="senticlaw")
armorclaw init Initialize vault + set master password
armorclaw set KEY [value] Store a secret
armorclaw get KEY Retrieve a secret
armorclaw list List all stored keys (no values shown)
armorclaw delete KEY Delete a secret
armorclaw import [path] Import .env file into vault
armorclaw log [KEY] View access log
armorclaw report Skill usage report
| Mode | Security | Description |
|---|---|---|
| ------ | ---------- | ------------- |
password | Medium | Type master password each time |
machine | Good | Locked to registered machine (MAC address) |
static-ip | Good | Locked to your static external IP only |
machine+static-ip | Strongest | Machine AND static external IP must match |
bot | Convenient | Bot auto-unlocks using stored password |
> ⚠️ IP restriction requires a STATIC external IP. Dynamic/rotating IPs (most home internet) will lock you out when your IP changes. ArmorClaw will warn you and confirm before registering.
Built by PHRAIMWORK LLC · MIT License
Part of the PHRAIMWORK Security Suite: SentiClaw + ArmorClaw
共 1 个版本