Open Source

Your AI keys.
Encrypted.

ML engineers juggle 10–20 API keys across OpenAI, Anthropic, Mistral, HuggingFace, W&B, and more. Keys rotate, leak in committed .env files, and there's no standard way to manage them across experiments. llmvlt fixes that — one encrypted vault, provider-aware validation, safe subprocess injection.

$ curl -sSL https://llmvlt.dev/install.sh | sh

> irm https://llmvlt.dev/install.ps1 | iex

$ go install github.com/moronim/llmvlt@latest

Releases | Source | Docs

Why llmvlt

🔒

AES-256 + Argon2id

Secrets encrypted at rest with a master password. Single file vault, 0600 permissions. No plaintext ever.

✔

Format validation

Knows that OpenAI keys start with sk-, HF tokens with hf_. Blocks bad formats before they waste your GPU hours.

🚀

Subprocess injection

llmvlt run -- python train.py injects secrets into the child process only. Never touches your shell or history.

📋

Provider presets

12 built-in presets for OpenAI, Anthropic, HuggingFace, Cohere, Mistral, W&B, and more. One command to scaffold.

📈

Experiment tracking

Tag runs, review which keys were active. llmvlt history shows your experiment audit trail.

📤

Multi-format export

Inject as shell exports, .env files, or Jupyter os.environ cells. Pipe-friendly output.

Built-in presets

Provider-aware scaffolding. Each preset knows the keys, formats, and rotation policies.

openai-stack

OpenAI API credentials

anthropic-stack

Anthropic (Claude) API

huggingface-stack

Hugging Face credentials

replicate-stack

Replicate API

wandb-stack

Weights & Biases

langchain-stack

LangChain / LangSmith

together-stack

Together AI

mistral-stack

Mistral AI

google-ai-stack

Google AI (Gemini)

cohere-stack

Cohere API

full-llm-stack

All providers combined

mlops-stack

W&B + LangSmith

How it works

Initialize a vault with a preset

$ llmvlt init --preset openai-stack
✓ Vault initialized (.llmvlt.store) Preset: openai-stack — OpenAI API credentials

Set secrets with format validation

$ llmvlt set OPENAI_API_KEY sk-proj-abc123...
✓ OPENAI_API_KEY format looks valid
✓ Secret OPENAI_API_KEY saved
$ llmvlt set OPENAI_API_KEY wrong-value
✗ Invalid format. OPENAI_API_KEY: Should start with 'sk-' or 'sk-proj-'
# use --force to override

Run experiments with secrets injected

$ llmvlt run --tag "gpt4-baseline" -- python train.py
# secrets injected into subprocess only
# parent shell stays clean
$ llmvlt history
2026-04-03 14:30:00 python train.py [gpt4-baseline]
↳ OPENAI_API_KEY

Export in multiple formats

$ llmvlt inject --format dotenv
# .env format $
llmvlt inject --format shell
# export statements
$ llmvlt inject --format jupyter
# os.environ cells

Your AI keys.Encrypted.