Keyway

GitHub-native secrets management. Repo access = secret access.

brew install keywaysh/tap/keyway
keyway init                  # Create vault, push secrets
keyway run -- npm start      # Run with secrets injected, nothing on disk

A teammate clones the repo and runs keyway run -- npm start. Done in 30 seconds. No .env on disk.

Why Keyway?

GitHub-native — If you have repo access, you have secret access. No new accounts, no invites.
Zero-trust mode — keyway run -- npm start injects secrets at runtime. Nothing on disk.
AI-safe — Secrets never in .env files, never in AI context. MCP server for assistants that need to manage secrets without seeing them.
Deploy sync — Push to Vercel, Netlify, Railway with keyway sync.
Fully open-source — MIT licensed, self-hostable, auditable.

Works with AI Assistants

AI coding agents can read your .env files. Keyway keeps secrets out of AI context.

keyway run -- npm start                        # Secrets in RAM only
claude mcp add keyway -- npx @keywaysh/mcp     # MCP server for AI assistants

Learn more →

Repositories

Repo	Description
keyway	Monorepo — API, Dashboard, CLI, Crypto, MCP, Docs
keyway-action	GitHub Action for CI/CD
homebrew-tap	Homebrew formulae

Get Started →

_{Built by @NicolasRitouet}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Keyway

Keyway

Why Keyway?

Works with AI Assistants

Repositories

Pinned Loading

Repositories

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

People

Top languages

Uh oh!

Most used topics

Uh oh!