AI Agents AI Gadgets & HW AI Models - LLM AI Open Source AI Security AI for Coding AI for Gaming AI for Images AI for Music AI for Videos Artificial Intelligence Editor's Choice NVIDIA AI Other News Robotics Tech Face-off Tech Satire

Keeper Security Launches Agent Kit for AI Developer Workflows

By Artūras Malašauskas Apr 30, 2026 6 min read Share:
Keeper Security's new Agent Kit enables AI coding agents to retrieve secrets and manage infrastructure without exposing credentials in chat history or source control.

The cybersecurity landscape is shifting beneath developers' feet. Keeper Security announced the launch of its Agent Kit on April 30, 2026, a suite of specialized AI skills designed to integrate Keeper Secrets Manager and Keeper Commander directly with industry-leading AI coding agents. The announcement came via PR Newswire.

Here's the problem the company is trying to solve: when developers embed agentic AI into their workflows, they face a critical security gap. Traditionally, for an AI agent to interact with protected infrastructure, developers have had to manually provide API keys or database credentials within the chat interface. This inadvertently stores sensitive data in third-party logs and training sets. The Keeper Agent Kit eliminates this risk by enabling AI agents to interact directly with Keeper's hardened Command Line Interface tools.

Think about the physical reality of this workflow. A developer opens their terminal. They type a prompt into their AI assistant. Without the Agent Kit, the AI might paste a raw credential into the chat window—visible, searchable, and potentially logged forever. With the Agent Kit, the AI runs CLI commands locally within the developer's authenticated session. The secret never leaves the vault. The chat history stays clean.

Craig Lurey, CTO and Co-founder of Keeper Security, framed the architecture as a definitive framework for how AI agents interact with sensitive enterprise data. By equipping these agents with instructions to use encrypted CLI tools locally, the agent runs commands within the developer's own authenticated session. This maintains the zero-knowledge standard while allowing developers to leverage the full speed of AI without leaving the vault door open.

The kit is optimized for the modern developer workflow and offers three core capabilities. Secure Secret Retrieval allows agents to use the keeper-secrets skill to inject credentials into local runtimes, ensuring the raw secret never appears in the chat UI. Automated Vault Administration lets agents manage users, teams, and audit resources via Keeper Commander through the keeper-admin skill. Streamlined Configuration uses the keeper-setup skill to automate the configuration of Keeper's security tools, establishing a secure environment for new projects from the first command.

For teams operating in hosted or orchestrated AI environments, Keeper also offers a Model Context Protocol server integration. Available in Docker and Node configurations, this enables agent platforms to retrieve secrets via a running MCP server process rather than local CLI tools. When an AI agent uses Keeper's CLI tools, every action taken by the agent is governed by the same rigorous role-based access controls and audit logging as a human user accessing systems through Keeper.

The technical implementation is straightforward enough that developers can verify it themselves. The Keeper Agent Kit is available as an open-source repository under the Apache 2.0 license. Developers can access the kit via the official Keeper Security GitHub. The repository contains three skills: keeper-secrets for app secrets and CI/CD injection, keeper-admin for enterprise vault operations, and keeper-setup for first-time CLI installation.

Installation varies by agent platform. Claude Code users install skills to ~/.claude/skills/. Cursor users target ~/.cursor/skills/. Codex and GitHub Copilot have their own paths. The keeper-setup skill will guide users through first-time setup if they don't have the CLIs installed. This is a practical detail that matters—developers won't get stuck waiting for IT to provision access before they can start using the tool.

Jeremy London, Director of Engineering, AI and Threat Analytics for Keeper Security, noted that security teams should not have to trade velocity for operational safety. With the Agent Kit, the company is transforming AI from a conversational assistant into a secure partner that respects the organizational security perimeter. By allowing agents to resolve secrets at runtime without ever seeing the raw credential, they help close one of the most dangerous exposure points in the modern developer stack.

The supported agent list includes Claude Code, Cursor, Codex, and GitHub Copilot. VS Code with Copilot Chat is also supported. Other agents can auto-detect the skills. This breadth of compatibility suggests Keeper anticipated the fragmented AI agent market and built for it accordingly (a smart move, given how many tools developers actually use).

Documentation from the company reveals the security model in detail. Skills are markdown files that tell the AI agent how to use a CLI tool. They're not executable code. Each skill documents commands, flags, and error-handling patterns. When a developer asks a question, the agent reads the relevant skill and builds the right CLI commands from it. The agent runs CLI commands on the local machine using the authenticated session. Secrets are resolved by the KSM and Commander CLIs at runtime, not pasted into chat.

For teams wanting deeper integration, Keeper supports two ways to connect AI agents. The skills/plugins approach works for CLI-driven developer workflows. The MCP server approach works for agent orchestration platforms. You can use both in the same environment. The auth model differs—skills use existing KSM/Commander CLI sessions while MCP uses KSM one-time access tokens.

Common troubleshooting scenarios are documented. If the agent doesn't pick up the skill, check that the skill files landed in the correct directory for your agent. Restart the agent session after installing. In Claude Code, run /plugin and check the Installed tab. If the ksm or keeper command is not found, the CLI tools need to be installed separately. Ask the agent to help install KSM CLI and the keeper-setup skill will handle the rest.

Permission denied errors when running CLI commands indicate the KSM profile or Commander session lacks the right permissions. Keeper's RBAC policies apply to all CLI access. Teams need to talk to their Keeper admin if they need additional role assignments. Skills installed globally but not loading in a project suggest some agents prioritize project-level skills over global ones. If a project has its own skills directory, global skills may be hidden.

What this means for the industry is significant. As organizations rapidly embed agentic AI into their development lifecycles, the exposure of privileged credentials within AI prompt history has become a critical security gap. The Keeper Agent Kit addresses this by creating a secure boundary between AI agents and sensitive infrastructure. It's not a silver bullet, but it's a concrete step toward operationalizing AI security.

The zero-knowledge architecture matters here. Keeper has built its reputation on zero-trust and zero-knowledge identity security. The Agent Kit extends this philosophy to AI workflows. Every action taken by the agent is governed by the same rigorous role-based access controls and audit logging as a human user. This consistency is important for compliance teams who need to track who accessed what and when.

Whether organizations actually adopt this at scale remains the real question. The tool is open-source, which lowers the barrier to entry. But security teams will need to evaluate whether the workflow changes justify the investment. Developers will need to learn new commands. IT will need to manage the MCP server infrastructure for hosted environments. The value proposition is clear—reduced credential exposure—but the implementation friction is real.

For now, the Agent Kit represents a pragmatic response to an emerging problem. AI agents are becoming more capable. They're accessing more systems. They're handling more sensitive data. The security perimeter needs to expand accordingly. Keeper's approach—keeping secrets out of chat history while maintaining developer velocity—aligns with how modern teams actually work. Whether that's enough to change behavior across the industry is something only time will reveal.

Arturas Malas Artūras Malašauskas is an AI Systems Integrator with 20+ years of production-grade web engineering experience. He has designed, shipped, and scaled enterprise Python/PHP systems for logistics, SaaS, and public-sector clients. For the past year, he has focused exclusively on AI integrations: deploying open-source LLMs, building generative media pipelines (image, audio, video), and engineering multi-agent workflows for real production environments. His standard: reproducibility, security, cost-efficient inference—no vaporware. He documents and evaluates emerging AI tooling, separating verified capabilities from marketing noise. Technical editor at: muza-ai.eu, ai-verslas.lt, ai-naujinos.lt Connect on LinkedIn
Share:

Comments

Sign in to comment:
    <