NanoClaw is adopting OneCLI Agent Vault as its default credential and proxying layer, replacing its internal credential proxy with the `@onecli-sh/sdk`. Every NanoClaw agent now routes outbound HTTPS traffic through OneCLI’s gateway, which injects credentials at runtime without exposing raw API keys to agents. OneCLI assigns unique agent identities, enabling granular policies per agent group (e.g., sales vs. support agents).

The integration uses `applyContainerConfig()` to enforce routing rules, ensuring requests match host/path patterns to trigger credential injection. Rate limits are enforced directly in policies—for example, capping Gmail API deletions at three per hour—to prevent catastrophic misuse. This addresses risks highlighted by the OpenClaw incident, where unregulated agents deleted a user’s entire email archive.

Beyond secret storage, OneCLI solves the critical problem of credential misuse during agent operations. Unlike HashiCorp Vault or AWS Secrets Manager, which only protect secrets at rest, the Agent Vault acts as a proxy that never hands raw keys to agents. Policies govern access, including time-bound approvals and activity thresholds.

Both NanoClaw (GitHub: qwibitai/nanoclaw) and OneCLI (GitHub: onecli/onecli) are open source. The partnership demonstrates a shift toward runtime credential isolation and auditable policy enforcement, critical for safe agent deployment at scale.