Is there a free tier?

Yes. Every Market Standard app ships with a usable free tier so you can validate the workflow before paying. Upgrade when you outgrow limits or want to remove the powered-by badge.

Do I need to install anything?

No. Each app is a standalone web service. Sign in with email magic link, connect your integrations, and start using the dashboard immediately.

How does the powered-by badge work?

Free-tier artifacts (poll messages, embed widgets, short-link redirects) carry a small 'Powered by Market Standard' badge. Upgrading removes the badge and unlocks higher limits.

Can I use this with the rest of the Market Standard suite?

Yes. Every app cross-links to its siblings — Standard Polls surfaces Standard Standup, Standard Metrics deep-links to Standard Links, and so on. Sign in once with the same email.

Where is my data stored?

Postgres on Supabase, encrypted at rest. Each app exposes a privacy page detailing what is stored and for how long. You can export or delete your data at any time.

MSStandard Vault

Open Dashboard

Market Standard · secrets

Encrypted secrets with AI-agent reference mode.

AES-256-GCM encrypted secrets with .env/Doppler import, a token-authed env-injection CLI, and an AI-agent reference endpoint that lets agents see keys without ever seeing values.

Agents see keys, not values. Toggle agentReference on any secret so AI agents can discover it exists without being able to read it.

Open Dashboard Create a project See features

AES-256

GCM at rest

ms-vault

env-injection CLI

Agents

reference-only

Env injection

$ ms-vault run --token $VAULT_TOKEN \

--project proj_abc \

-- npm start

{
  "DATABASE_URL": "postgres://…",
  "STRIPE_SECRET_KEY": "sk_live_…",
  "OPENAI_API_KEY": "sk-…"
}

200 OK · decrypted into child env

Cipher

AES-256-GCM

Agents

reference only

Mission

Secrets that agents can read about, but not read.

Standard Vault is an encrypted secrets manager designed for the AI-agent era. Store production secrets with AES-256-GCM, inject them into subprocess environments via a token-authed CLI shim, import from .env or Doppler JSON, and expose a reference endpoint that tells AI agents what keys exist without leaking values — so an agent can ask 'does this project have a STRIPE_SECRET_KEY?' without ever being able to exfiltrate it.

Capabilities

Built for the agent era.

AES-256-GCM at rest

Every secret value is encrypted with a per-tenant key derived from VAULT_MASTER_KEY. Versioned + hashed for rotation tracking.

Env-injection CLI

ms-vault run --project X --token Y -- npm start injects decrypted secrets into the child process env — never written to disk.

.env / Doppler import

Paste a .env file or Doppler JSON payload to bulk-import secrets. Comments become notes. Quotes stripped.

AI-agent reference mode

Per-secret flag exposes key + version (never value) at /api/projects/{id}/references — share with agents safely.

Per-project tokens

Mint short-lived or long-lived tokens scoped to a single project. Revoke any time. Last-used tracking.

Full audit log

Every create, rotate, delete, decrypt, and token mint is logged with actor + metadata.

How it works

Vault your first secret in 60 seconds.

01Create a project (name + environment).
02Add a secret or import an .env file.
03Mint an env-injection token.
04Run: ms-vault run --project X --token Y -- npm start
05Toggle agentReference on keys you want agents to know about.

Pricing

Free to start. Unlimited when you need it.

Start free. Upgrade when you outgrow limits or want to remove the powered-by badge.

Free

1 project · 25 secrets · agent reference

Starter

$19/mo

Unlimited projects · tokens · audit log

Why Market Standard

Encrypted, audited, agent-safe.

Three focused products, one portfolio. Each app is built to spread your brand while solving one job extremely well.

Open Dashboard

▸ AES-256-GCM encryption at rest

▸ Token-authed env-injection CLI

▸ AI-agent reference mode (keys only)

▸ Full audit log of every action

Compare

How Market Standard compares

Feature	Spreadsheets	Generic SaaS	Market Standard Market Standard
Purpose-built for the workflow	No	Partial	Yes
Free tier with no credit card	—	Sometimes	Yes
Open schema (Postgres + Drizzle)	No	No	Yes
Viral powered-by badge on free tier	No	No	Yes
Cross-sells into the rest of the suite	No	No	Yes
Self-hostable source-available code	No	No	Yes

FAQ

Common questions

Everything you need to know before signing up.

Is there a free tier?: Yes. Every Market Standard app ships with a usable free tier so you can validate the workflow before paying. Upgrade when you outgrow limits or want to remove the powered-by badge.
Do I need to install anything?: No. Each app is a standalone web service. Sign in with email magic link, connect your integrations, and start using the dashboard immediately.
How does the powered-by badge work?: Free-tier artifacts (poll messages, embed widgets, short-link redirects) carry a small 'Powered by Market Standard' badge. Upgrading removes the badge and unlocks higher limits.
Can I use this with the rest of the Market Standard suite?: Yes. Every app cross-links to its siblings — Standard Polls surfaces Standard Standup, Standard Metrics deep-links to Standard Links, and so on. Sign in once with the same email.
Where is my data stored?: Postgres on Supabase, encrypted at rest. Each app exposes a privacy page detailing what is stored and for how long. You can export or delete your data at any time.

Standard Vault — AI-Agent-Safe Secrets Manager by Market Standard