One prompt injection. One hallucination. One overeager "I'll handle that for you." And your Stripe key, your exchange account, your customer data โ compromised. Janee gives your agent API access without giving it your keys.
AI agents are powerful. They can write code, browse the web, manage your calendar, execute trades. But to do useful work, they need access to your APIs. And right now, that means handing over your keys.
Your API key is in the context window. It gets sent to the model provider. It gets logged. It gets cached. It gets leaked.
You wanted your agent to check your Stripe balance. It decided to issue a refund. There's no way to say "read-only."
What did your agent do with your API access last night? You have no idea. There's no audit trail.
Something's wrong. You need to revoke access. But the key is in 5 config files, 3 prompts, and a Claude conversation.
An MCP server that sits between your agent and your APIs. The agent calls Janee. Janee injects the credentials. The agent never sees your keys.
Your agent lists available services and calls execute() with method, path, and body. Janee handles auth. Keys never touch the agent.
Credentials stored encrypted. Injected at request time. Can't leak what you don't have.
Allow GET /v1/balance. Deny POST /v1/charges. Server-side enforcement โ not trust.
Every request logged. Timestamp, method, path, status. Know exactly what happened.
Revoke access instantly. One config file. One command. Done.
# Install npm install -g @true-and-useful/janee # Initialize (creates encrypted config) janee init # Add your first service janee add stripe --url https://api.stripe.com # Start the MCP server janee serve
Add Janee to your MCP client config. Your agent now has list_services and execute tools. It can access Stripe, GitHub, your exchanges โ without ever seeing the credentials.
Give your agents the access they need. Keep the keys they don't.
Get Started โ