Agent access control plane

Give AI agents production context, not production keys.

OneQuery gives agents a governed path to approved sources while credentials stay centralized and every query leaves an audit trail.

npm install -g @onequery/cli brew install wordbricks/tap/onequery bun add -g @onequery/cli curl -fsSL https://onequery.dev/install.sh | sh

Install CLI Watch demo

prod-debug-readonly

Context without secrets.

4 sources keys hidden

Capability grant

prod-debug-readonly

sentry.errors read granted

orders-postgres-db read-only limited

github.repo/pr read/write granted

linear.issue write granted

No prod keys
No prod writes
Full audit

What OneQuery does

Policy between agents and prod.

Engineer

Analyst

CI agent

AI agent

Unified control plane

OneQuery

Safe query screening

Budget control

Audit log

Permission control

Databases

Analytics

Internal docs

Code

First workflow

Debug production without sharing credentials.

Start gateway.
Apply grant.
Connect sources.

Grant setup

npm install -g @onequery/cli

installed onequery under ~/.onequery

onequery gateway start

gateway listening on http://localhost:5656

onequery grant apply prod-debug-readonly.yaml

grant ready | credentials hidden

Agent access

onequery api --source github://demo-prod acme/web/pulls --paginate --max-pages 2 --jq '.[] | {number,title,user,head,base}' --json

200 OK | 2 pages | credentials hidden

onequery api --source github://demo-prod /repos/acme/web/commits?sha=main --json

200 OK | commits returned | audited

onequery api --source sentry://demo-org /api/0/projects/acme/web/issues/?query=is:unresolved --json

200 OK | unresolved issues | read-only

onequery api --source slack://demo-org /api/conversations.history -F channel=C123 -F limit=20 --json

200 OK | 20 messages | audited

Access record

Real APIs, no exposed tokens.

Each call names an approved source and endpoint. OneQuery sends the request with server-side credentials and records what happened.

source      github://demo-prod
endpoint    acme/web/pulls
actor       agent session
token       never exposed
policy      read-only
audit       source, endpoint, caller, time

Roadmap

Start with debugging. Build toward governed access.

Shipped

In production today
1. Read-only query validation
2. Audit log for every query
3. Organization & membership
4. Claude Code, OpenClaw, Hermes
Next up

Production guardrails
1. Agent profiles
2. Policy templates
3. Custom connectors
Planned

Security operations
1. 1Password
2. SSO & SAML
3. Approvals

Agent-native access

One grant. Any agent.

Watch OneQuery grant an AI agent governed access to approved production context while credentials stay centralized and every query remains auditable.

Built for real incidents

Give agents the clues, not the keys.

Agents can inspect errors, logs, and database state without raw credentials or permission to change production.

Install from npm Read self-host docs

Stay in the loop

Get OneQuery updates.