Your AI agent’s API keys are sitting in plain sight

Here's something most people building AI agents don't think about until it's too late: the moment your agent calls an LLM, your API keys can end up in the context window. From there they flow into provider logs, debug output, places they were never supposed to go.

We've been thinking about this problem for a while. Today we're shipping something that fixes it.

The 1Claw Agent Template on Pinata

The 1Claw Agent Template is now live on Pinata's OpenClaw marketplace. It gives you HSM-backed secret storage out of the box, meaning your keys live in hardware and get fetched at runtime through short-lived tokens. They never touch the context window. They're used and discarded.

What you get

• HSM-backed vault — Secrets encrypted by keys that never leave hardware. Your agent authenticates with a short-lived JWT and fetches credentials at runtime. No keys in env vars, no keys in context.
• Shroud LLM proxy — Every LLM call routes through our proxy, which redacts PII and catches prompt injection before it ever reaches the model. Not at the application layer — at the proxy layer, which is where it actually matters.
• Intents API — If your agent is doing anything on-chain, transaction signing happens inside the HSM. Private keys never leave. The agent submits what it wants to do; the infrastructure signs.
• MCP tools built in — The template ships with oneclaw_* tools that the agent uses directly: store secrets, create vaults, grant access, share credentials, submit transactions. The agent self-serves instead of asking you to run CLI commands.

Deploy in ten minutes

The whole thing deploys in about ten minutes:

1. Deploy the template from the OpenClaw marketplace.
2. Enroll the agent — type /oneclaw-enroll in chat. You'll get an approval email. Approve it, paste the API key into Pinata's env vars, restart.
3. The agent bootstraps itself — it creates a vault, grants you access, and writes its resolved IDs to disk. You don't configure anything else.

From there, store secrets via the CLI on your machine or ask the agent to do it. Your agent fetches them at runtime — they never appear in context, logs, or memory.

The agent knows how to use its own tools

One thing we focused on with this template: the agent should be self-sufficient. When it needs to store a secret, it calls oneclaw_put_secret. When it hits a 403, it calls oneclaw_grant_access to fix its own permissions instead of asking you to go to the dashboard. When it needs a vault, it creates one. The MCP-first principle is baked into every workspace file the agent reads at startup.

The result is an agent that handles secrets properly without you having to babysit it.

Free tier, no card required

The free tier includes 1,000 API requests a month, 3 vaults, 50 secrets, and 2 agents. No credit card required. When you need more, paid plans start at $29/month — or use pay-per-use settled in USDC on Base.

If you're building agents that touch real credentials or real money, this is worth your time.