Side-by-side breakdowns of how Capy compares to every major secrets management tool. Pick the comparison closest to what you already use.
For most of the last decade, the choice between client-side and server-side encryption was a defensible-but-academic distinction. AI coding agents have made it more practical.
Claude Code, Cursor, Cline, and Copilot run on developer machines, read environment variables, and increasingly execute shell commands and HTTP requests on the engineer's behalf. That changes an old threat: a successful prompt injection now means the attacker has whatever the agent process can read, fetch, or run.
Under a server-side product, the developer's machine continuously holds credentials that can fetch any project secret on demand. A compromised agent, CI step, or shell hook can pull the full set. Under Capy, values that aren't actively being injected by capy run -- live on disk as ciphertext bound to a two-party key whose outer wrap the agent's process cannot strip alone. A prompt-injected agent gets only what is currently decrypted into the process it has authority over, not the entire project's catalog.