gloves

gloves is a secure secrets control plane for multi-agent runtimes and human operators.

It provides:

• agent-owned encrypted secrets
• human approval workflows
• access/audit controls
• vault and daemon operations
• an interactive TUI navigator
• a Bun OpenClaw client/plugin bridge for brokered secret injection

Documentation

Start here: Documentation Index

API and crate docs: docs.rs/gloves

• Quickstart
• Architecture
• Security
• Concepts and Parts
• Secrets and Requests
• Humans, Agents, and GPG
• TUI Guide
• Configuration Guide
• Troubleshooting
• VM Multi-Agent Operations
• Security Hardening
• Release Binaries

Command Model

Primary command groups:

• gloves secrets ...: set/get/grant/revoke/status
• gloves request ...: create one pending human request
• gloves requests ...: list/approve/deny pending requests
• gloves vault ...: encrypted vault operations
• gloves gpg ...: per-agent GPG key workflows
• gloves tui: interactive command center

Recursive help is supported:

gloves help
gloves help secrets
gloves help secrets set
gloves secrets help set
gloves requests help approve

Quick Example

# initialize runtime layout
gloves --root .openclaw/secrets init

# create one secret
gloves --root .openclaw/secrets secrets set service/token --generate

# read secret
gloves --root .openclaw/secrets secrets get service/token

# list entries
gloves --root .openclaw/secrets list

If you omit --ttl, gloves uses defaults.secret_ttl_days from config; the built-in default is 30 days. Use --ttl never for a non-expiring secret. gloves secrets set prints the expiry timestamp for expiring secrets and says never expires otherwise.

For complete setup and human/agent workflows, use Quickstart.

OpenClaw Integration

The repository now includes:

• gloves-mcp for redacted MCP tool access
• @gloves/mcp-client as the Bun/TypeScript bridge to gloves-mcp
• @gloves/openclaw as the OpenClaw Gateway plugin, including the secret-delivery logic
• integrations/openclaw/gloves.json5 as the reference config snippet

If you are setting up OpenClaw, the only package you should install is @gloves/openclaw. The only remaining internal JS package is @gloves/mcp-client.

Recommended runtime path:

• install @gloves/openclaw on the Gateway host
• let the plugin launch host-local gloves-mcp sessions over stdio
• allow the plugin tool group per agent with group:plugins:gloves

Current plugin reads keep secret values out of the MCP result body and inject them into the sandbox environment or tmpfs instead. No sandbox bind mount to ~/.cargo/bin, a daemon socket, or the token path is required for the standard OpenClaw setup.

Compatibility transports:

• socketPath remains available for non-OpenClaw or legacy runtime integrations
• gloves daemon remains available for direct host-side automation
• neither transport is the preferred OpenClaw deployment path

Install

From release binaries (recommended)

curl -fsSL https://raw.githubusercontent.com/openclaw/gloves/main/scripts/setup-openclaw.sh | bash

From crates.io

cargo install gloves

From source

git clone https://github.com/openclaw/gloves
cd gloves
cargo install --path .

Security and Policy

• Use least-privilege agent access in .gloves.toml
• Prefer gloves secrets get --pipe-to <command> over raw stdout in automation
• Keep secrets root and config permissions private
• Use gloves audit --json --limit 100 for machine-readable audit export

Details:

• Architecture
• Security
• Configuration Guide
• Security Hardening
• GLOVES Config Spec

Development

cargo fmt --all
cargo clippy --all-targets --all-features -- -D warnings
cargo test --all-features --locked
cargo doc --no-deps

When Docker is available, the OpenClaw sandbox harness can be exercised with:

bun run docker:e2e

That harness now models the recommended OpenClaw flow: a plugin running in the sandbox image launches bundled gloves-mcp over stdio and keeps tool responses redacted.

License and Changelog

• LICENSE
• CHANGELOG