Your AI agents are powerful. Make sure they're safe.
Enclave is the local privacy and spending shield for AI agents. Your data stays encrypted. Your money stays budgeted. Your agents stay in bounds.
Trust Architecture
The Problem
AI agents need access to everything.
That's the problem.
AI sees your documents
When you share files with Claude or Copilot, your raw data leaves your device. You can't audit it. You can't revoke it.
AI has your credentials
API keys in .env files, passwords in plain text, secrets scattered everywhere. One compromised agent and it's all exposed.
AI can spend your money
Agentic commerce is here. AI agents are buying things on your behalf. But who controls the budget? Who sets the limits?
The Solution
Two shields. One local runtime.
Enclave sits between your AI agents and your life. It runs on your device. Nothing leaves unless you decide it does.
Enclave Vault
Protects your data from AI agents
- Encrypted local storage (ChaCha20-Poly1305)
- AI agents query through MCP — never see raw documents
- Per-agent permissions and access logging
- Local RAG with Apple Silicon acceleration
- Works with Claude Desktop, Cursor, OpenClaw, any MCP client
Enclave Wallet
Protects your money from AI agents
- Budget envelopes with spending limits per task, category, or agent
- Virtual card provisioning — agent gets a scoped card, not your bank account
- Human-approval thresholds for purchases above your set limit
- Real-time spending dashboard and kill switch
- Protocol-agnostic: ACP, UCP, MPP, x402
How It Works
Four steps to enforced boundaries
Install Enclave locally
One command. Runs entirely on your machine. No cloud accounts, no subscriptions, no data leaving your device.
git clone https://github.com/zd87pl/slm-vault pip install -e .
Connect your AI agents via MCP config
Add one JSON snippet to your Claude Desktop, Cursor, or OpenClaw config. That's the entire integration.
{
"mcpServers": {
"enclave": {
"command": "python",
"args": ["-m", "advanced_vault.mcp_server"]
}
}
}Set your policies
Define what each agent can access and spend. Per-agent granularity. Change them any time.
Work normally — Enclave enforces invisibly
Your AI agents keep working as expected. Enclave intercepts MCP commands, enforces your policies, and returns synthesized responses. The agent never sees raw data.
Architecture
Local-first. Policy-enforced.
Enclave runs on your device. Every MCP command passes through your policy engine. Nothing reaches your data or finances without passing your rules first.
External AI Agent
Claude Desktop · Cursor · OpenClaw · Any MCP client
Enclave
runs locally on your device
VAULT
Encrypted documents
Local RAG · ChaCha20
WALLET
Budget envelopes
Virtual cards · Limits
POLICY ENGINE
Per-agent rules · Enforced locally · Audited · Revocable
External AI Agent receives answer
✓ Never saw raw documents · ✓ Never saw real card details
Early Access
Built by developers, for developers
Enclave is open-source and in active development. Here's what early adopters are saying.
Finally a way to let AI agents help me without handing over my entire filesystem. Vault is the missing layer.
The MCP-native approach is the right call. Enclave intercepts at the protocol level — not a hacky wrapper.
I've been waiting for something like Wallet. My agent bought a $200 API credit last week. Never again.
Quick Start
Up in three commands
No cloud accounts. No API keys. No data leaving your device. Just clone, configure, and enforce.
git clone https://github.com/zd87pl/slm-vault cd slm-vault pip install -e .
{
"mcpServers": {
"enclave": {
"command": "python",
"args": ["-m", "advanced_vault.mcp_server"]
}
}
}python -m advanced_vault.cli init # Vault is running. Your agents are now governed.