Each key has a name, an encrypted value using AES-256-GCM, and optional governance
rules.
Host locking
Lock a key to one domain with allowedHost. When used through the proxy, the key can only
be sent to that domain.
OPENAI_KEY → locked to api.openai.com
Even if a compromised dependency tries to steal a host-locked key, it cannot exfiltrate the
key to another server. The proxy blocks the request with HTTP 403.
Permanently hidden values
A key can be marked non-revealable. Its value can never be displayed in the interface,
but it remains available through the proxy and CLI.