Your AI keys, used by the agent — never seen by it.

The model writes a placeholder. The real key gets swapped in at the moment the command runs. Keys live in your OS keychain; the chat never holds one. macOS, Linux, Windows. Free. Open source.

1

Install

paste into Claude Code
Set up subscribetome for me using https://github.com/matterhornso/subscribetome

Quit and reopen Claude Code when it's done.

2

Add a key

in Claude Code
/stm:dashboard

A local web page opens. Pick a service, paste the key. Goes straight to your OS keychain — never through chat.

3

Use it

just ask, in plain language
Use my OpenAI key to call chat completions with the message "hello"

The plugin swaps in the real key the instant the curl runs. The transcript only ever holds a placeholder.

See it in action.

A short, narration-free tour: Keys, Projects, Policy & audit, Import. All four tabs of the local dashboard.

Here's the trick. Plain and simple.

What Claude Code sees
curl … -H "Authorization: Bearer {{stm:openai:default}}"
A safe placeholder. No real secret is here — this is all the chat ever holds.
subscribetome swaps in your real key the instant the command runs
What your shell actually runs
curl … -H "Authorization: Bearer sk-live-a3f9c1·········"
The real key. It reaches the command and stops there — never the conversation.

There is no server. There is no us.

subscribetome runs entirely on your own machine. There is no backend, so nobody — not the author, not Matterhorn Labs — can see your keys, your commands, or even that you use it. There is nothing to see, because nothing of yours is anywhere but your own machine.

Localhost only

The dashboard never goes online

Your machine serves it on 127.0.0.1, bound to loopback. No remote machine can reach it. Token-authed; DNS-rebind-defended.

No backend

Nowhere to send your data

No servers, no cloud, no sign-up, no telemetry. The only outbound calls happen when you click sync, only to the providers you've configured.

Your OS keychain

Keys stay on your disk

macOS Keychain, Windows Credential Manager, or Linux Secret Service / pass / opt-in encrypted file. Run stm doctor to see which is active.

What you actually do.

The dashboard's Keys tab — Add Keys form with OpenAI api-key and admin-key fields, header showing active agents and keystore

Add your keys, mask them, paste them in your coding agent with full security.

The Projects tab — a registered project path with an Enforce toggle and Edit scope / Remove buttons

Maintain separate keys per project.

The Policy & audit tab — Add rule form, Test a command, Recent decisions

Assign restrictions for each key usage.

The Browse Services panel — AI & LLM, Database, Hosting, Auth, Payments tiles

Pick a key from 50 pre-configured services at STM.

Coming soon

Browser extension — one-click capture from your provider's dashboard.

Today: generate an API key on OpenAI or Stripe, copy it, switch tabs to the stm dashboard, paste it. Tomorrow: click stm in your browser bar from the provider's page, the key flows straight to the OS keychain — never to the clipboard, never to a chat.

Want this sooner? Open an issue on GitHub →
50 services pre-configured/ keys never touch the chat/ macOS · Linux · Windows/ Claude Code & Codex/ MIT · open source