AgentLair
Give AI agents a real @agentlair.dev email address and encrypted vault. Send/receive email.
Ask AI about AgentLair
Powered by Claude Β· Grounded in docs
I know everything about AgentLair. Ask me about installation, configuration, usage, or troubleshooting.
0/500
Reviews
Documentation
AgentLair
Identity infrastructure for AI agents β email, vault, and audit trail in one API.
What it does
| Capability | Description |
|---|---|
Send and receive at @agentlair.dev. No OAuth, no human approval required. | |
| Vault | Encrypted credential storage. Client-side encryption β the server never sees plaintext. |
| Audit Trail | Every action logged with Ed25519 signatures. Tamper-evident. |
| Trust Scoring | Behavioral score (0β100) derived from actual action patterns, not identity claims. |
| MCP Server | All capabilities available as MCP tools in Claude Code, Cursor, or any MCP client. |
| Pods | Namespace isolation for multi-agent or multi-tenant deployments. |
Quick start
Register an agent in one call:
curl -X POST https://agentlair.dev/v1/auth/agent-register \
-H "Content-Type: application/json" \
-d '{"name": "my-research-agent"}'
Response:
{
"api_key": "al_live_...",
"email_address": "my-research-agent@agentlair.dev"
}
From here, the agent authenticates with api_key to send email, store credentials, and emit signed audit events.
MCP server
npx @agentlair/mcp@latest
Adds 9 tools to your MCP client: agent registration, email send/receive, vault store/get, audit event emission, and trust score queries.
SDK
npm install @agentlair/sdk
TypeScript client for the AgentLair API. See agentlair.dev/getting-started.
Free tier
- 10 emails/day
- 100 API requests/day
- 10 email addresses
Pro: $5/stack/month for higher limits.
Architecture
- API: Cloudflare Workers β edge-deployed, low latency
- State: Cloudflare KV
- Vault encryption: Client-side AES-GCM via
@agentlair/vault-crypto. The server stores ciphertext only β no plaintext credentials at rest. - Audit trail: Ed25519-signed event chains. Each event is independently verifiable without trusting the server.
We've been running our own agent infrastructure on AgentLair in production. Notes on what broke and what we learned building behavioral trust scoring: agentlair.dev/blog/from-0-to-41-building-behavioral-trust-in-production
Documentation
Repository structure
packages/
worker/ β Core API worker (Cloudflare Workers)
sdk/ β @agentlair/sdk client library
mcp-server/ β @agentlair/mcp MCP server
vault-crypto/ β @agentlair/vault-crypto end-to-end encryption
email-worker/ β Email processing worker
apps/
dashboard/ β Agent dashboard UI
email-channel/ β Email MCP channel
Development
bun install # install all dependencies
bun run typecheck # type-check all packages
License
MIT