Clavitor

About

AI-native credential vault. Hardware-key encryption. Agents get scoped tokens, not vault access. No master password. No compromise.

Full description:

Clavitor is the credential layer for humans, agents, and machines.

YOUR AGENTS ARE SMARTER THAN YOUR POLICIES
AI agents need credentials — API keys, database passwords, service tokens. Most tools hand them full vault access. Clavitor doesn't. It issues scoped tokens to each agent through a narrow API. No browsing. No discovery. No enumeration. There is no agent-facing endpoint that returns a list of credentials. The capability doesn't exist in the binary.

Every agent is rate-limited. More than three unique credentials per minute or ten per hour triggers a throttle. A second violation locks the agent entirely — frozen until you unlock it with a hardware key tap.

MATHEMATICS, NOT POLICY
The vault server cannot decrypt your data. Not a policy — a mathematical property. Three tiers of encryption keep credentials out of reach even if the server is fully compromised:

  • L1 — vault encrypted at rest with a key that never touches disk
  • L2 — credential fields encrypted with a key the server has never seen
  • L3 — identity and financial data protected by a physical hardware key via WebAuthn PRF

No master password. No recovery codes. Authentication is a tap on your YubiKey, Touch ID, or biometric sensor — not something that can be phished, keylogged, or guessed.

FOR EVERYDAY USE
  • Auto-fills logins, TOTP codes, and credit cards
  • Generates strong passwords on signup forms
  • Detects new logins and saves them automatically
  • Live TOTP countdown — no separate authenticator app needed

PRIVACY
No tracking. No analytics. No telemetry. The extension talks only to your vault.

https://clavitor.ai