onecli/onecli

Open-source credential vault, give your AI agents access to services without exposing keys.

What's novel

Open-source credential vault, give your AI agents access to services without exposing keys.

Code Analysis

12 files read · 7 rounds

A Rust-based MITM proxy gateway that intercepts AI agent HTTPS connections, decrypts injected secrets from a PostgreSQL database using AES-256-GCM, and transparently injects credentials into agent responses.

Strengths

Excellent architectural separation between the Rust gateway (performance-critical) and Next.js dashboard; well-chosen tech stack with proper streaming support for large payloads; clear security model with CA-based MITM and token-based auth; production-ready Docker setup with health checks.

Weaknesses

Core implementation logic is missing from the repository (module files don't exist), making it impossible to verify actual injection mechanics or policy evaluation; no visible test coverage; over-engineered for simple secret vault use cases.

Score Breakdown

Innovation

7 (25%)

Craft

73 (35%)

Traction

75 (15%)

Scope

84 (25%)

Signal breakdown

Innovation

Not Fork+1

Code Novelty+2

Concept Novelty+2

Craft

Ci+5

Tests+3

Polish+3

Releases+5

Has License+5

Code Quality+20

Readme Quality+15

Recent Activity+7

Structure Quality+5

Commit Consistency+0

Has Dependency Mgmt+5

Traction

Forks+17

Stars+30

Hn Points+15

Watchers+6

Early Traction+5

Devto Reactions+0

Community Contribs+2

Scope

Commits+7

Languages+8

Subsystems+10

Bloat Penalty+0

Completeness+7

Contributors+6

Authored Files+15

Readme Code Match+3

Architecture Depth+7

Implementation Depth+8

Evidence

Commits

Contributors

Files

238

Active weeks

TestsCI/CDREADMELicenseContributing

Repository

Language

TypeScript

Stars

638

Forks

License

Apache-2.0