Goal
Extend Agentic Secrets from registered local CLI delivery into native workflows for OpenClaw, Hermes Agent, and other autonomous agents without weakening the local secret-authority boundary.
Scope
- Design agent-facing integration patterns that expose bounded capabilities, pinned profiles, and redacted audit events.
- Avoid raw secret retrieval APIs and keep secret delivery explicit, narrow, approved, auditable, and fail-closed.
- Study approaches, implementations, and product ideas from https://github.com/The-17/agentsecrets while preserving Agentic Secrets stricter local approval and secret-delivery boundaries.
Milestones
- Inventory target autonomous agent workflows, starting with OpenClaw and Hermes Agent.
- Define native integration contracts for bounded capabilities and pinned profiles.
- Add redacted audit events for agent-native workflows.
- Prototype one integration without exposing raw secret retrieval.
- Document which AgentSecrets ideas were adopted, rejected, or adapted.
Acceptance criteria
- Integrations do not introduce public plaintext secret retrieval APIs.
- Agent actions use pinned profiles or equivalent bounded delivery contracts.
- Audit records identify the agent workflow and delivered secret alias without secret values.
- Borrowed patterns from The-17/agentsecrets are reviewed against Agentic Secrets approval, secret-authority, and fail-closed guarantees.
Roadmap source: ROADMAP.md, Direction 3.
Goal
Extend Agentic Secrets from registered local CLI delivery into native workflows for OpenClaw, Hermes Agent, and other autonomous agents without weakening the local secret-authority boundary.
Scope
Milestones
Acceptance criteria
Roadmap source: ROADMAP.md, Direction 3.