The model writes a placeholder. The real key gets swapped in at the moment the command runs. Keys live in your OS keychain; the chat never holds one. macOS, Linux, Windows. Free. Open source.
Set up subscribetome for me using https://github.com/matterhornso/subscribetome
Quit and reopen Claude Code when it's done.
/stm:dashboard
A local web page opens. Pick a service, paste the key. Goes straight to your OS keychain — never through chat.
Use my OpenAI key to call chat completions with the message "hello"
The plugin swaps in the real key the instant the curl runs. The transcript only ever holds a placeholder.
A short, narration-free tour: Keys, Projects, Policy & audit, Import. All four tabs of the local dashboard.
subscribetome runs entirely on your own machine. There is no backend, so nobody — not the author, not Matterhorn Labs — can see your keys, your commands, or even that you use it. There is nothing to see, because nothing of yours is anywhere but your own machine.
Your machine serves it on 127.0.0.1, bound to loopback. No remote machine can reach it. Token-authed; DNS-rebind-defended.
No servers, no cloud, no sign-up, no telemetry. The only outbound calls happen when you click sync, only to the providers you've configured.
macOS Keychain, Windows Credential Manager, or Linux Secret Service / pass / opt-in encrypted file. Run stm doctor to see which is active.




Today: generate an API key on OpenAI or Stripe, copy it, switch tabs to the stm dashboard, paste it. Tomorrow: click stm in your browser bar from the provider's page, the key flows straight to the OS keychain — never to the clipboard, never to a chat.
Want this sooner? Open an issue on GitHub →