Private beta · waitlist open

You own your stack Apps just borrow

One local-first vault for your secrets, your data, and the AI that acts on your behalf. Per-field consent. Every read recorded.

Get BoxOwl free
Local-first E2EE secrets Open & auditable
activity · today live · 23 reads
  • Claude Desktop just now
    read address.home
  • Hermes Agent 2 min ago
    execute login.amazon
    confirm-mode pause · approved
  • Cursor 4 min ago
    read login.github
    scope revoked · returned null
  • Hermes Agent 12 min ago
    read profile.bio
  • Claude Code 1 hr ago
    write notes.draft
    new entry · 240 chars
every read recorded see how it works →
30-second tour See it in action · hover to pause
Works with
Secured with
Secrets

Encrypted secrets you control.

Passwords, payment methods, secure notes, and 2FA seeds — end-to-end encrypted on your device. We can't read them; neither can anyone else.

  • Passwords, 2FA, and autofill

    Generate strong passwords, store them encrypted, autofill on every browser and device. TOTP codes live next to the account they protect.

  • Per-item sharing & family

    Share a Netflix login with your family without sharing your bank password. Per-item visibility, family-vault membership for what you co-own.

  • Breach monitor & Travel Mode

    Inline breach checks via HIBP k-anonymity. Premium Travel Mode wipes flagged categories at a border, syncs back when you're home.

Explore Secrets
Vault47 items
⌕   search vault
Netflixkira@…
2FA
Amazonlogin.amazon
filling
GitHubpasskey
passkey
Stripek@…
otp
Autofilled amazon.com · login complete
Data

Your personal data, owned by you.

Name, address, phone, identity, work history — structured in your vault. Apps you've connected read live under per-field consent. Next time you move, every connected app finds out within seconds.

  • One source of truth, propagated

    Update your address once. Every connected app you've granted access to finds out within seconds. No more updating twenty profiles after a move.

  • Sharing for people, not just apps

    Per-field visibility, per-connection overrides — partner sees the home address; colleague doesn't. Family vaults for shared addresses and household notes.

  • Public views you control

    Your page at boxowl.me/u/{handle} — bio, links, business card with vCard + QR. Verified by a portable did:web identity.

Explore Data
Agents

AI agents, on your trust boundary.

Connect any MCP-speaking AI assistant. BoxOwl runs as a local daemon; agents get per-tool scope grants you authorize, risky actions pause for confirmation, every read is recorded. Your vault stays on your device.

  • Engine-agnostic

    Works with Claude Desktop, Claude Code, Cursor, VS Code Copilot, Gemini CLI, ChatGPT, OpenClaw, and Hermes Agent — the recommended fully-local pairing.

  • Per-tool scopes & confirmation gating

    You authorize each grant: which tools, categories, fields. Risky actions pause for a confirmation prompt. Every read, write, and denied call recorded.

  • Open daemon, open skills

    Apache 2.0 daemon and SDKs. Signed skill catalog with verified scope declarations. A security researcher can read every line of code that touches your vault.

Explore Agents
3 connected agents 1 paused
Hermes Agent 7 scopes · last read 12m ago
Recommended
Claude Desktop 4 scopes · last read just now
Active
Cursor 1 scope revoked · 4m ago
Paused
12 reads today all on-device
For builders

Read user data under per-field consent. Webhooks on every change.

PDaaS docs → SMRT docs →
Five principles

One architecture across every section.

Free for individuals.

Premium adds Travel Mode, vault attachments, the full NightWatch dashboard, and family vaults. Free · $3/mo Premium · $24/yr annual · Family from $6/mo.

See pricing

Take your stack with you.

BoxOwl is in private beta. Get the Android app, install the browser extension, and join the waitlist for a registration token.

Get on Android Install browser extension