# agentcookie > agentcookie continuously syncs Chrome cookies, bearer tokens, and API keys from your primary Mac to your agent Mac over Tailscale, so AI agents wake up authenticated with no manual login ceremony. agentcookie is an open-source macOS CLI tool built by Matthew Van Horn that solves a specific friction point in agentic AI workflows: the agent running on a second Mac needs to be authenticated to every site and API the developer is already logged into on their primary machine. It handles this by continuously replicating Chrome cookies, per-CLI bearer tokens, and API keys from the source Mac to the sink Mac, encrypted over a Tailscale tailnet, with no cloud middleman and no per-site re-authentication. ## What It Is agentcookie is a peer-to-peer session-state synchronization tool for macOS. It watches Chrome's Cookies SQLite file and a parallel secrets bus using fsnotify, diffs the state, and ships encrypted payloads to a second Mac the moment anything changes. The receiving side (the "sink") is a macOS LaunchAgent that delivers cookies and secrets across four surfaces: Chrome's own Cookies database (re-encrypted for the sink's Keychain), a plaintext sidecar at `~/.agentcookie/cookies-plain.db`, per-CLI adapter session files, and optionally the cmux embedded WebKit browser via RPC injection. Agent runtimes like OpenClaw or Hermes pointed at the second Mac wake up authenticated without any login steps. ## How the Sync Architecture Works The tool operates on a source/sink model. On the source Mac, `agentcookie source --watch` decrypts Chrome's Safe Storage key via the macOS Keychain, applies a blocklist filter, folds in the secrets bus payload, and pushes diffs over HTTPS on the Tailscale tailnet using AES-256-GCM encryption with replay defense and per-peer pairing-derived keys. On the sink Mac, a LaunchAgent receives the payload and fans it out to all configured delivery surfaces simultaneously. The pairing flow uses a 64-bit code and a rate-limited pair endpoint; listeners bind only to the tailnet interface. The secrets bus carries non-cookie auth: bearer tokens, API keys, and `KEY=VALUE` blobs land at `~/.agentcookie/secrets//secrets.env` (mode 0600) on the sink. CLIs consume them via environment variables, the in-process `pkg/agentcookiesecret` Go library, or an `agentcookie.toml` manifest that `agentcookie discover` auto-detects. The README notes compatibility with Printing Press CLIs including Stripe, Linear, Notion, Granola, Slack, Kalshi, ElevenLabs, Mercury, and others. ## Agent Browser Integration Beyond the two-machine model, agentcookie ships two browser sync loops. The `cmux-sync` loop injects cookies into cmux's embedded Apple WebKit browser via its RPC socket, either continuously on the same machine (local loop, on by default when cmux is detected) or as a sink surface on the second Mac. The `agent-sync` loop targets Chromium-based automation browsers — specifically browser-use and vercel-labs agent-browser — by launching a dedicated Chrome instance on a loopback CDP debug port and injecting cookies live into every browser context via CDP. The README explains why this works where cold-profile copying fails: live CDP injection bypasses Chrome 127+ App-Bound Encryption and correctly carries httpOnly and persistent session cookies that Playwright's `addCookies` rejects. ## Device-Bound Sessions and Honest Limits The README is explicit about what agentcookie cannot do. Chrome's Device Bound Session Credentials (DBSC) tie a session to one machine's Secure Enclave, so a copied cookie from a DBSC-protected site stops working on the sink once its short-lived window lapses. As of the README's writing, the primary broad adopter of DBSC is Google's own account and Workspace cookies. agentcookie flags suspect cookies in `agentcookie doctor` output and offers a `--skip-dbsc-suspect` flag to drop them rather than ship cookies that will not survive. The secrets bus — bearer tokens, API keys, OAuth refresh tokens — is entirely outside DBSC's scope and replicates normally. ## Update: v0.15.0 The GitHub repository shows v0.15.0 published on June 6, 2026, with the repository created in May 2026 and last pushed the same day as the release. The project has accumulated 219 stars and 8 forks in its first weeks. The README documents a detailed version history through v0.13 runbooks covering universal delivery via a one-password Safe Storage partition open, v0.12 security hardening with sealed master keys and Developer ID signing, and v0.11 adapter cookie push. The codebase covers 520+ unit tests across 26 packages. Planned items include a Python reader library, signature verification on adoption manifests, live key rotation via `agentcookie pair --rotate`, and one-to-many fan-out from a single source Mac to multiple sink Macs. ## Features - Continuous Chrome cookie sync from source Mac to sink Mac via fsnotify - AES-256-GCM encrypted transport over Tailscale tailnet with replay defense - Per-peer pairing-derived keys with rate-limited pair endpoint - Four cookie delivery surfaces: Chrome SQLite, plaintext sidecar, per-CLI adapters, cmux WebKit RPC - Secrets bus for bearer tokens, API keys, and KEY=VALUE auth blobs - agentcookie.toml manifest-driven auto-discovery for CLI integrations - cmux-sync local loop for same-machine Chrome-to-WebKit cookie injection - agent-sync live CDP injection into browser-use and agent-browser Chromium instances - Universal delivery via macOS Keychain Safe Storage partition open - DBSC-suspect cookie detection and optional filtering - agentcookie doctor with 15 health categories - Blocklist management via agentcookie accounts on/off/list - Headless second-Mac install over SSH - Apple Developer ID signed binaries - 520+ unit tests across 26 packages ## Integrations Chrome, Tailscale, cmux, browser-use, agent-browser (vercel-labs), OpenClaw, Hermes, Stripe CLI, Linear CLI, Notion CLI, Granola, Slack, Kalshi, ElevenLabs, Mercury, instacart-pp-cli, airbnb-pp-cli, ebay-pp-cli, pagliacci-pp-cli, table-reservation-goat-pp-cli, yt-dlp, gallery-dl, macOS Keychain, macOS LaunchAgent, Playwright (CDP) ## Platforms WINDOWS, MACOS, API, CLI ## Pricing Open Source ## Version v0.15.0 ## Links - Website: https://github.com/mvanhorn/agentcookie - Documentation: https://github.com/mvanhorn/agentcookie/blob/main/docs/quickstart.md - Repository: https://github.com/mvanhorn/agentcookie - EveryDev.ai: https://www.everydev.ai/tools/agentcookie