Glossary · Security

Credential vault

Encrypted per-tenant storage for the secrets a run needs — logins and tokens — injected at execution time and never exposed to the model or other tenants.

Start free All terms

What is credential vault?

A credential vault is encrypted, per-tenant storage for the secrets an authenticated workflow requires. Twin injects vaulted credentials into a run at execution time behind default-deny row-level security, so they reach the target site without being placed in prompts, logs, or another tenant’s reach.

Why it matters

Authenticated automation is impossible without a safe place for credentials, and unsafe credential handling is a non-starter for serious teams. The vault is what lets Twin log in and run stateful flows while keeping secrets out of the LLM context and isolated across tenants.

See it in context: read how Twin compiles and replays a run, follow the cost-cutting guide, or browse use cases and comparisons.

Related terms

Human-in-the-loop handoff

Pausing a run at a step that needs a person — an approval or an MFA prompt on an authorized flow — then resuming automatically once it’s cleared.

Cross-tenant skill corpus

A shared, sanitized library of compiled skills that lets a skill compiled once be safely reused across tenants, compounding the cache savings.

Session video

A durably-stored recording of a browser run, plus real-time live view — so every automated session is watchable and auditable after the fact.

Browser execution layer

The infrastructure that turns an agent’s goal into deterministic, replayable browser action — the layer between your LLM and a real browser.

Back to the full glossary

Run your first skill

Give an LLM agent a real browser, compile the workflow once, and watch the marginal cost fall as the cache takes over.

Start free See pricing