Skip to main content
Container Use provides secure secret management for agents working with sensitive data like API keys, database credentials, and authentication tokens. Secrets are resolved within the container environment - agents can use your credentials without the AI model ever seeing the actual values.

How It Works

When you configure secrets, Container Use:
  • Stores secret references in your configuration (agents only see op://vault/item/field, not actual values)
  • Resolves references dynamically when commands run and injects actual values as environment variables in the container
  • Strips secrets from logs and command outputs to prevent leaks
  • Prevents easy extraction by agents (e.g., echo $API_KEY won’t show in logs)
This means:
  • ✅ Your application code can access secrets normally
  • ✅ Agents can run your code that uses secrets
  • ❌ The AI model never sees actual secret values
  • ❌ Secrets don’t appear in chat logs or model context
Secrets are configured per-project and apply to all new environments. Existing environments continue using their original configuration.

Secret Types

Container Use supports four secure secret reference formats:
Access secrets stored in 1Password vaults using the op:// schema:
Requires 1Password CLI to be installed and authenticated on your system.

Configuration Commands

Using Secrets in Your Code

Once configured, secrets are available as environment variables inside agent environments:
Security Note: While your code can access secrets normally, Container Use automatically strips secret values from logs and command outputs. This means echo $API_KEY or similar commands won’t expose secrets in the development logs that agents or users can see.