AI agents are quickly becoming part of how modern teams get work done, from code generation to infrastructure checks. But letting these tools anywhere near sensitive data like secrets and credentials creates an entirely new set of risks. Keeper Security’s latest update is meant to address that tension.The company has launched a new Model Context Protocol (MCP) integration for Keeper Secrets Manager, giving customers a way to securely connect AI agents, whether they're running locally or in the cloud, with their secrets infrastructure. The goal isn’t just access, but access under clearly defined, auditable rules.Jeremy London, Director of Engineering, AI & Threat Analytics at Keeper, describes it this way:
“AI agents can only access the specific data and functions they are explicitly authorized for, with every action passing through a secure intermediary that validates permissions in real time and logs detailed events such as
“AI agents can only access the specific data and functions they are explicitly authorized for, with every action passing through a secure intermediary that validates permissions in real time and logs detailed events such as
app_client_access and app_client_record_update.”That means any request from an AI tool is evaluated, logged, and controlled, and there’s no open-door policy.MCP also enforces human-in-the-loop oversight for sensitive actions. “Sensitive operations like creating, updating or deleting secrets always require human confirmation,” London explains. “MCP embodies zero-trust and zero-knowledge principles, ensuring full auditability and strict access controls from the ground up.”



