io.github.getaegis
aegis
Credential isolation for AI agents. Inject secrets at the network boundary.
stdiocommunityinfra
Package Details
@getaegis/cli
Transportstdio
Environment Variables
AEGIS_MASTER_KEY(str)
RequiredSecret
Master encryption key for the credential vault
AEGIS_SALT(str)
RequiredSecret
Hex-encoded 32-byte salt for key derivation (generated by aegis init)
AEGIS_DATA_DIR(str)
Directory for vault databases and registry (default: .aegis/)
AEGIS_PORT(str)
Gate proxy port (default: 3100)
AEGIS_LOG_LEVEL(str)
Log verbosity: debug, info, warn, error (default: info)
AEGIS_LOG_FORMAT(str)
Log output format: json or pretty (default: json)
AEGIS_VAULT(str)
Named vault to use (default: default)
AEGIS_REQUIRE_AGENT_AUTH(str)
Require agent authentication on every request (true/false, default: false)
AEGIS_POLICY_MODE(str)
Policy enforcement mode: enforce, dry-run, or off (default: enforce)
AEGIS_POLICIES_DIR(str)
Directory containing YAML policy files
AEGIS_METRICS(str)
Enable Prometheus metrics endpoint (true/false, default: true)