Secure keys. Govern prompts. Control spend.

Drop in our SDK and eliminate the risk of exposed provider keys. The complete execution gateway for client-side AI and agents.

Free tier available. No credit card required.
App.swift
// Initialize iOS SDK with execution key
import PromptKeeper

let pk = PromptKeeper(
  execKey: "pk_exe_9x2..."
)

// Execute securely. No raw keys in IPA.
let res = await pk.execute(
  promptId: "support_v2",
  inputs: ["msg": userInput]
)
Gateway Logs
[10:42:01] EXEC support_v2 · 312ms · $0.004
[10:42:05] EXEC onboarding · 289ms · $0.002
[10:42:06] DENY mutation via pk_exe_ → 403
[10:43:10] EXEC support_v2 · 401ms · $0.005
[10:44:00] WARN team mobile-prod at 89% cap
[10:45:12] PUSH prompt v2→v3 · ops@co
[10:45:14] EXEC support_v3 · 310ms · $0.004

How it works

1. Store

Vault your provider keys safely and upload your prompt templates. We support OpenAI, Anthropic, and Gemini natively, with more providers coming soon.

$ Store provider key
prke store key openai sk_proj_...
Vaulted: pk_mgt_78x...

$ Store prompt template
prke store prompt support_agent \
  "You are a helpful assistant..."
Deployed: v1

2. Execute

Ship execution keys to your frontend or agents. They can only run prompts. They cannot read your provider keys.

// iOS SDK usage
let pk = PromptKeeper(
  execKey: "pk_exe_abc..."
)
let res = await pk.execute(
  promptId: "support_agent",
  inputs: ["user": "Hi!"]
)

3. Govern

Monitor spend, enforce hard limits per key, and update prompt versions without shipping new code.

pk_exe_9x2... ACTIVE
Spend: $12.40 / $50.00 daily cap
pk_exe_4m1... BLOCKED
Spend: $50.00 / $50.00 daily cap
Vault & Execution

Dual-key architecture.

Management keys own the vault. Execution keys only run prompts. Leaked runtime keys can execute, but never exfiltrate. Your blast radius is constrained by architecture, not just policy.

Architecture Setup
// 1. Management Key (CI/CD only)
export PK_MGT_KEY="pk_mgt_99x..."
prke update prompt onboarding

// 2. Execution Key (Shipped in App)
const client = new PromptKeeper("pk_exe_11z...")
/* pk_exe_ keys CANNOT read prompts, read provider keys, or mutate state. They ONLY execute. */
Spend Controls

Hard caps that actually work.

Set hard execution budgets per app, per day, or per user. Detect anomalies in real-time and automatically kill requests before a runaway agent loop drains your startup's runway.

pk.config.yml
teams:
  mobile-prod:
    daily_budget: $50.00
    action_at_100: block
    alerts:
      - threshold: 80%
        notify: slack_channel

# Incident Log
BLOCKED request from pk_exe_4m...
REASON budget exceeded ($50.02 / $50)
Governance

Over-the-air prompt updates.

Separate your prompts from your codebase. Update, test, and rollback system prompts instantly without forcing your users to download an app update. Every change is versioned and attributed.

Prompt History: support_v2
VerDeployedAuthorAvg Latency
v4
Today, 10:42 AM
"You are concise..."
 ops@co 312ms
v3
Yesterday
"You are helpful..."
 dev@co 450ms
v2
Oct 12
"Always answer in..."
 dev@co 480ms

MCP & Agent Ready

Integrate PromptKeeper using any tool supporting the MCP protocol, or expose agentic skills securely to your AI workflows.

Get early access

Reserve your spot to secure your AI infrastructure.