{"id":"onecli-onecli","name":"onecli","homepage":"https://onecli.sh","repo_url":"https://github.com/onecli/onecli","category":"security","subcategories":[],"tags":["ai-agents","secret-management","vault","gateway","mcp","cli","nodejs","rust","security-tools","postgres"],"what_it_does":"OneCLI is an open-source gateway and dashboard that stores encrypted credentials for AI agents and transparently injects the right secrets into outbound HTTP requests made by those agents, so the agents never directly handle the real API keys. It uses a Rust HTTP gateway for request interception and a web dashboard for managing agents, secrets, and permissions; optionally it can integrate with external vaults (e.g., Bitwarden) for on-demand credential injection.","use_cases":["Run multiple AI agents that call third-party APIs without embedding raw API keys in each agent","Centralize credential management and rotate secrets in one place","Enforce per-agent access via scoped tokens and host/path-based routing","Use a local gateway to safely test agent integrations with real vendor APIs","Optional vault-on-demand integration to avoid storing certain secrets on the OneCLI server"],"not_for":["A public, internet-facing secret vault without strong operational hardening and threat modeling","Use cases that require standards-based OAuth client registration to be managed automatically for many downstream services","Workloads needing comprehensive API/SDK ergonomics beyond HTTP proxying (no evidence of first-class SDKs)"],"best_when":"You can run OneCLI as a trusted local/controlled network component (or self-hosted service) alongside your agents, and you need transparent HTTP credential injection with encryption at rest and per-agent access control.","avoid_when":"You cannot guarantee secure network placement, TLS configuration, and operational controls for a component that performs MITM-style HTTPS interception; or you need well-defined, documented REST/OpenAPI contracts for agent-to-service management.","alternatives":["Cloud secret managers (e.g., AWS Secrets Manager/GCP Secret Manager) paired with agent-side secure retrieval","Dedicated API gateways/proxies that implement auth/credential brokering","Vault systems like HashiCorp Vault with dynamic secrets and policies","Dedicated “credential vending” services built specifically for each integration"],"af_score":35.8,"security_score":69.5,"reliability_score":16.2,"package_type":"skill","discovery_source":["openclaw"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:23:29.853455+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Proxy-Authorization header access tokens (gateway authentication)","Google OAuth (multi-user/team mode via NextAuth)","Single-user (no login) mode for local use"],"oauth":true,"scopes":true,"notes":"Agents authenticate to the gateway using access tokens carried in a Proxy-Authorization header; the README also mentions per-agent scoped permissions and Google OAuth for teams, plus a single-user local mode without login."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided; appears to be open-source/self-hosted."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":35.8,"security_score":69.5,"reliability_score":16.2,"mcp_server_quality":0.0,"documentation_accuracy":55.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":70.0,"rate_limit_clarity":10.0,"tls_enforcement":70.0,"auth_strength":75.0,"scope_granularity":65.0,"dependency_hygiene":45.0,"secret_handling":85.0,"security_notes":"README indicates encrypted secret storage using AES-256-GCM with decryption at request time, and per-agent access tokens with scoped permissions. However, operational details of TLS enforcement, certificate handling for MITM interception, logging/redaction, key management, and rate limiting are not documented in the provided README, so residual security risk exists for misconfiguration.","uptime_documented":0.0,"version_stability":40.0,"breaking_changes_history":0.0,"error_recovery":25.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Gateway MITM interception for HTTPS may require careful TLS trust/cert handling; agents may fail to make outbound calls if the interception/certificate setup is not correct.","Host/path pattern matching determines which secrets are injected; misconfigured patterns can cause missing credentials or wrong credential injection.","Single-user (no login) mode is suitable for local development only; using it in less-trusted environments increases risk."]}}