Secrets exist but are never observable.
On Mac: Press Cmd + Space, type "Terminal", press Enter.
On Linux: Press Ctrl + Alt + T
~ % curl -fsSL https://phantomvault.riscent.com/install | sh Detecting system... β macOS 15.3 (Apple Silicon M4) Downloading phantom-vault v1.0.0... β Downloaded (4.2 MB) Installing to /usr/local/bin/phantom... β Installed π Phantom Vault is ready. Run 'phantom init' to create your vault.
~ % phantom --version phantom-vault 1.0.0
~ % phantom init Creating new vault at ~/.vault-secrets Enter master password: β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’ Confirm master password: β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’ Vault created successfully! Next steps: phantom add <name> Add a secret phantom mcp install Enable Claude Code integration phantom biometric enable Enable Touch ID unlock
~ % phantom init --biometric Creating new vault at ~/.vault-secrets Enter master password: β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’ Confirm master password: β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’ Enabling biometric unlock... Touch ID enabled for vault unlock. Vault created successfully!
What just happened? Phantom created an encrypted vault using AES-256-GCM with Argon2id key derivation. With --biometric, your password is stored in macOS Keychain protected by Touch ID.
~ % phantom add OPENAI_API_KEY Enter value for OPENAI_API_KEY: β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’ β Added OPENAI_API_KEY
~ % phantom mcp install Installing MCP server for Claude Code... β Config written to ~/Library/Application Support/Claude/claude_desktop_config.json Done. Restart Claude Code, then ask: "What secrets do I have in my vault?"
~ % phantom add STRIPE_SECRET_KEY Enter value: β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’ β Added STRIPE_SECRET_KEY
~ % export TEMP_KEY="sk_live_abc123" ~ % phantom add STRIPE_KEY --from-env TEMP_KEY β Added STRIPE_KEY ~ % unset TEMP_KEY
~ % phantom add TEMP_TOKEN --expires 7d Enter value: β’β’β’β’β’β’β’β’β’β’β’β’ β Added TEMP_TOKEN (expires in 7 days)
~ % phantom list Namespace: default NAME CREATED EXPIRES ACCESS OPENAI_API_KEY 2 days ago never 12 times STRIPE_SECRET_KEY 1 day ago never 3 times DATABASE_URL 5 hours ago never 8 times
Notice: Values are never shown. Even phantom list only shows names.
~ % phantom show STRIPE_SECRET_KEY --masked STRIPE_SECRET_KEY: β’β’β’β’β’β’β’β’β’β’β’β’xyz9
~ % phantom mcp install
After restarting Claude Code, your AI gets these tools:
vault_list β See secret names (never values)vault_exists β Check if a secret existsvault_masked β See last 4 charactersvault_run β Run commands with secrets injectedvault_health β Check expiring secretsvault_rotate β Request rotation (requires your approval)# You say: "Deploy my app to Railway using my RAILWAY_TOKEN" # Claude runs: vault_run(keys: ["RAILWAY_TOKEN"], command: "railway up") # Output is sanitized β if the token leaked, you'd see: Deploying with token [REDACTED:RAILWAY_TOKEN]...
~ % phantom run -s OPENAI_API_KEY -- python my_script.py β Running with 1 secret injected (your script runs with OPENAI_API_KEY in its environment)
~ % phantom run -s DATABASE_URL -s REDIS_URL -- node server.js
Security: The secrets only exist in that subprocess. When it exits, they're gone. Output is scanned for leaked secrets and redacted automatically.
Keep work and personal secrets separate:
~ % phantom namespace create work ~ % phantom namespace use work ~ % phantom add COMPANY_API_KEY ~ % phantom namespace use default # switch back
~ % phantom health Vault Status: Healthy Secrets: 5 total Expiring soon: 1 - TEMP_TOKEN (expires in 2 days) Last audit entry: 3 minutes ago Canary status: OK
~ % phantom rotate STRIPE_SECRET_KEY Enter new value: β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’β’ β Rotated STRIPE_SECRET_KEY (v1 β v2) β Old value securely erased
~ % phantom audit --last 10 TIME EVENT SECRET TOOL 2026-02-27 14:23:01 accessed OPENAI_API_KEY vault_run 2026-02-27 14:20:15 accessed DATABASE_URL vault_run 2026-02-27 13:05:44 added STRIPE_SECRET_KEY cli 2026-02-27 12:00:00 vault_opened - cli
Every access is logged with HMAC chaining β tampering is detectable.
Honeypot secrets that alert you if something tries to use them:
~ % phantom canary create BACKUP_AWS_KEY --pattern aws-access-key β Created canary BACKUP_AWS_KEY Looks like: AKIAβ’β’β’β’β’β’β’β’β’β’β’β’XXXX β Alert will trigger if this is ever accessed
On macOS, you can unlock your vault with Touch ID instead of typing your password every time.
~ % phantom biometric status Biometric Authentication Status ================================ [OK] Touch ID is available [OK] Biometric unlock is enabled for this vault
~ % phantom biometric enable Enter master password to enable biometric: β’β’β’β’β’β’β’β’β’β’β’β’ Biometric unlock enabled! You can now unlock with Touch ID.
~ % phantom biometric disable Biometric unlock disabled. You will need to use your password to unlock the vault.
How it works: Your master password is stored in macOS Keychain, protected by Touch ID. When you authenticate with Touch ID, the password is retrieved from Keychain and used to unlock the vault. The password never leaves the secure enclave.
Control which tools can access your secrets and set usage restrictions.
~ % phantom policy show Security Policy: ================ require_confirmation = ["shell_exec"] (Using default policy)
# my-policy.toml allowed_tools = ["exec_sql", "http_request", "vault_run"] blocked_tools = ["shell_exec"] require_confirmation = ["write_file"] rate_limit = 100 # max 100 secret accesses per hour [time_restrictions] enabled = true start_hour = 9 end_hour = 18 timezone = "America/New_York"
~ % phantom policy set my-policy.toml Security policy updated from 'my-policy.toml' New policy: allowed_tools = ["exec_sql", "http_request", "vault_run"] blocked_tools = ["shell_exec"] ...
~ % phantom policy reset Reset security policy to defaults? [y/N]: y Security policy reset to defaults.
Policy Priority: blocked_tools takes precedence over allowed_tools. If a tool is in both lists, it will be blocked.
# Setup phantom init # Create vault phantom init --biometric # Create vault + enable Touch ID phantom mcp install # Connect to Claude # Secrets phantom add SECRET_NAME # Add secret (interactive) phantom add KEY --from-env VAR # Add from environment phantom list # List all secrets phantom show NAME --masked # Show last 4 chars phantom get NAME # Get full value (TTY only) phantom remove NAME # Delete secret phantom rotate NAME # Rotate secret phantom import .env # Import from .env file # Running commands phantom run -s KEY -- cmd # Inject secret into command # Biometric (macOS) phantom biometric status # Check Touch ID status phantom biometric enable # Enable Touch ID phantom biometric disable # Disable Touch ID # Namespaces phantom namespace list # List namespaces phantom namespace create NAME # Create namespace phantom namespace use NAME # Switch namespace phantom namespace delete NAME # Delete namespace # Canary secrets phantom canary create NAME # Create honeypot secret phantom canary list # List canaries phantom canary delete NAME # Delete canary # Security policies phantom policy show # View current policy phantom policy set FILE # Apply policy from file phantom policy reset # Reset to defaults # Maintenance phantom health # Check vault health phantom audit --last N # View last N audit entries