Protected file operations for AI workflows

Let agents work with sensitive files —
without giving them permanent keys.

Developers integrate through API or MCP. Humans define policy and approve sensitive actions. Cloak File protects the data, Cloak KMS controls the permitted key operation, and a signed receipt records what happened.

Start with software keys. Move to managed or customer-controlled hardware when your threat model requires it.

For software teams moving document agents into production

Cloak is relevant when authority and evidence — not model capability — are blocking the workflow.

Security review

Who can decrypt customer files?

Separate tenants and keys, bound agent authority, and show the reviewer the exact trust boundary.

Production launch

The agent needs real authority

Grant only the file and key operations the workflow needs. Expire, revoke, and review the credential from a human account.

Customer control

The root key cannot live with the app

Start in a software sandbox, then move to managed or customer-controlled HSM custody without changing the workflow.

One workflow. Two core layers.

Cloak File handles the protected-file workflow. Cloak KMS governs agent authority and key custody. Vault and Batchsign remain available for qualified use cases.

Integration story

Cloak File + Cloak KMS = agent-controlled file protection

Start with one protected-file workflow in the software-key sandbox. Cloak KMS applies the human-defined scope and performs the permitted key operation. Move to managed or customer-controlled hardware only when the production threat model requires it.

How the control model works

The developer integrates once. The human grants authority. The agent operates inside it.

01

Integrate

A developer connects the protected-file workflow through API or MCP.

02

Authorize

A human account grants a scoped credential with operations, expiry, and limits.

03

Request

The agent asks to protect a file or use a key. It cannot broaden its own scope.

04

Protect

Cloak File protects the data at the client or workload boundary.

05

Control the key

Cloak KMS performs only the permitted key operation using the configured custody lane.

06

Verify

A signed receipt records the actor, operation, policy reference, key reference, time, and result.

Agent-first interfaces

KMS is MCP-callable; the protected-file integration is the first workflow

Developers can connect agent hosts to Cloak KMS through MCP. The protected-file integration combines that control layer with Cloak File; package availability and production limits are documented in the developer guide. No API key gymnastics. Scoped credentials with expiry, rotation, revocation, and a full audit trail per session.

  • MCP server for KMS key management, signing, encryption, and ECDH derive — 9 live tools
  • Scoped agent credentials with expiry, rotation, and per-tool permissions
  • Machine-readable /.well-known/mcp.json and llms.txt for agent discovery
  • Embedded signed receipts on every state-changing op — verify offline at verify.cloakapps.com
Full agent integration guide →
// MCP tool call — Claude agent signing a digest with a KMS key
kms_sign(
alias: "agent-signing-key",
keyId: "0101",
algorithm: "ECDSA_SHA_256",
digestHex: "a4caf7bd…21083d95"
)
// Returns (receipt embedded by default):
{
"signatureBase64": "MEYCIQDx9n…",
"receipt": { "payload": "…", "signature": "…" },
"verify_at": "https://cloakapps.com/verify.html"
}

Simple, honest pricing

Start free. Pay when you protect things that matter.

Free Developer

$0 / month

MCP and REST KMS quickstart in a software-key sandbox, with scoped credentials and test operations. Strict limits — not for production.

Start free
Most popular

Protected File API

$199 / month

Production protected-file workflow, scoped API and MCP credentials, signed file-operation receipts, and managed smartcard-HSM access subject to capacity and service limits.

Start free →

Customer-Controlled Keys

$799 / team/month

Cloak Gateway with a supported customer-owned HSM, contracted limits, and documented remote setup. Implementation is priced separately.

Request setup assessment →

Enterprise deployment and signing options are priced by agreement. View all plans →

OMMAU governance

Data protection you can trust. For humans and agents.

Cloak publishes a public governance charter: three filters every product decision and every agent operation passes through. Data sovereignty, equal agent access, and verifiable societal benefit — not marketing language, operational constraints.

  • 🔐
    Data sovereignty
    You control keys, policies, exports, retention, and deletion. Always.
  • 👤
    Human accountability
    Humans authorize budgets, enterprise policies, and privileged operations. Agents operate within granted scope.
  • 🤝
    Agent equality
    Stable, auditable interfaces for AI agents — same capabilities as humans, explicit granted authority.
Read the full charter →
No key exfiltration

No support agent, sales agent, or external service accesses raw key material or decrypted customer content.

Abuse resistance

Use cases involving malware, credential theft, non-consensual surveillance, or evasion of lawful access are blocked.

Transparency

Every protected operation produces an audit receipt understandable by both humans and machines.

Start with a scoped agent workflow.

Evaluate the human-to-agent grant in the software-key sandbox. Add managed or customer-controlled hardware only when the production threat model requires it.

Cloak Pte. Ltd. · Paya Lebar Square #06-28 · Singapore 409051 · sales@cloakapps.com