v1.4.0 — Primary Credentials and Account Tracking

Autopilot v1.4.0 — Primary Credentials & Account Tracking

Two changes that make Autopilot even more hands-off.

Primary Credentials

Set your email and password once — stored in macOS Keychain encryption. Autopilot uses these as the default for signing up and logging into any new service it encounters.

Before: Every new service required you to provide email + password.
After: You provide them once. Autopilot uses them everywhere.

Credential acquisition priority:

1. Service-specific token in Keychain (instant, no browser needed)
2. Service-specific login in Keychain (for services with different accounts)
3. Persistent browser session (already logged in from last time)
4. Primary credentials (sign up or log in automatically)
5. 2FA prompt (only remaining stop point)

Account Activity Tracking in Execution Log

The project-local execution log (.autopilot/log.md) now tracks account activity with special markers:

• ACCOUNT CREATED — agent signed up for a new service
• LOGGED IN — agent logged into an existing account
• TOKEN STORED — API token acquired and saved to Keychain

This gives you a clear record of which services have accounts and where the agent authenticated — without exposing any credential values.

| # | Time | Action | Level | Service | Result |
|---|------|--------|-------|---------|--------|
| 1 | 14:05 | Signed up at supabase.com (primary email) | L2 | supabase | ACCOUNT CREATED |
| 2 | 14:06 | Stored Supabase API token in keychain | L1 | supabase | TOKEN STORED |
| 3 | 14:07 | Logged in to vercel.com (primary email) | L2 | vercel | LOGGED IN |