Vault
Store once, encrypted at rest
Add env vars per project and environment. Values are AES-256-GCM encrypted before they ever hit the database. You hold the master key.
Built for agentic pipelines
Your agents get tokens. Never your keys.
Envstash brokers scoped, short-lived credentials to AI agents and CI bots — so the underlying secret never leaves the vault. Env vars across environments. Flat price. Near-zero ops.
No per-seat tax. No machine-identity billing. No Vault engineer required.
broker — envstash
# agent requests credentials for deploy
$ envstash broker mint --agent ci-bot --scope read:stripe
✓ scoped token issued (expires 15m)
es_tok_8f3a2b1c…d4e9
✗ STRIPE_SECRET_KEY — never exposed
3.2%
of AI-assisted commits leak secrets
Double the baseline rate
81%
spike in Anthropic & OpenAI key leaks
Year over year
$540
monthly Infisical bill example
10 devs + 20 machine identities
How it works
The gap incumbents haven't filled
Doppler and Infisical hand secrets to whatever authenticates. Neither keeps a secret out of an agent's reach. Envstash brokers access so the agent never sees the underlying key.
Broker
Mint scoped ephemeral tokens
When an agent or pipeline needs access, Envstash issues a short-lived token with explicit scope — read:stripe, write:deploy — not the raw secret.
Inject
Pull .env at runtime
One curl to fetch a ready-to-write .env for dev, staging, or prod. Tokens expire. Keys never appear in prompts, logs, or git history.
# pull env vars into your project
$ curl -H "Authorization: Bearer $PULL_TOKEN" \
https://envstash.dev/api/pull/my-app > .env
Compare
Not another enterprise vault
Enterprise platforms demand a Vault engineer. DX SaaS tools tax you per seat or per machine identity. Envstash targets the solo builder and the agentic pipeline — flat, predictable, purpose-built.
| Capability | Doppler | Infisical | Envstash |
|---|---|---|---|
| Agent-scoped brokering | — | — | ✓ |
| Flat team pricing | — | — | ✓ |
| Self-host option | — | ✓ | Soon |
| Just env vars (no PKI/PAM bloat) | ✓ | — | ✓ |
| Setup in minutes | ✓ | — | ✓ |
| Open source core | — | ✓ | Soon |
Features
Everything you need. Nothing you don't.
Env vars across environments with the security model the AI era actually demands.
Encrypted at rest
AES-256-GCM in Node before values touch Postgres. If the database leaks, attackers get ciphertext — not your keys.
Per-project pull tokens
Each repo gets its own pull token. Fetch a ready-to-write .env with one curl — no CLI install, no SDK lock-in.
Environment parity
dev, staging, prod — same keys, different values. One dashboard, zero drift between what you set and what ships.
Agent identity scoping
Issue tokens bound to a specific agent identity with explicit read/write scope. Revoke one without rotating everything.
Ephemeral by default
Brokered tokens expire in minutes, not months. Limits blast radius when an agent goes off-script.
Solo-builder friendly
No 3-hour self-host setup. No $21/seat RBAC wall. Built for the vibe coder who needs it working tonight.
Pricing
One flat price.
Whole team.
No $21/seat RBAC wall. No counting machine identities. Predictable billing for solo builders and small teams who just want env vars that work.
$12/ month
Early access · founding member pricing
- Unlimited projects & environments
- Unlimited pull tokens
- Agent broker (scoped ephemeral tokens)
- AES-256-GCM encryption at rest
- Dashboard + pull API
- No per-seat fees
- No machine-identity tax
Stop feeding raw keys to your agents.
The secrets layer built for agentic pipelines — where the agent gets a scoped ephemeral token and never the raw key.
Get on the list