Peta

Giving an AI agent a raw API key is structurally equivalent to handing your housekeeper a master key with no expiry date, no audit trail, and no way to revoke access to a specific door. Peta fixes this by acting as a control plane that intercepts every credential request, enforces a least-privilege policy, and injects short-lived scoped tokens at runtime — so the agent never sees your actual secrets. Why Raw API Keys Are a Structural Risk for AI Agents Raw API keys given to AI agents represent a fundamentally broken security model, and the breach statistics for 2025 prove it. GitGuardian’s 2026 report found that 28,649,024 new secrets were exposed in public GitHub commits in 2025 — a 34% year-over-year increase and the largest annual jump ever recorded. Of those, over 1.2 million were AI-service credentials, with 81% year-over-year growth; 12 of the top 15 fastest-growing leaked secret types were AI services. OpenRouter credential leaks alone grew more than 48x year-over-year as agents used it as a gateway to multiple models through a single shared key. Even Claude Code co-authored commits leaked secrets at roughly double the baseline rate. These numbers expose a systemic failure: the tooling that makes agents useful is also making credential hygiene nearly impossible to enforce through discipline alone. The root problem is structural — raw API keys have no concept of intent, scope, caller identity, or time limit, so any agent that holds one has more power than it needs and no mechanism to prove it used that power appropriately. ...