secrets-management_skill

This skill helps manage API keys and secrets securely by guiding templates, env fallbacks, and proper gitignore patterns.
  • TypeScript

1

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill autumnsgrove/groveengine --skill secrets-management

  • SKILL.md3.0 KB

Overview

This skill manages API keys, credentials, and other sensitive configuration using a secrets.json pattern with environment variable fallbacks. It is designed for multi-tenant TypeScript projects and prevents committing secrets while providing a clear onboarding template. The goal is to centralize secret loading, support CI/CD, and reduce accidental exposure of credentials.

How this skill works

The skill expects a secrets.json file for local secrets plus a secrets_template.json committed as a reference. At runtime the loader reads secrets.json and falls back to environment variables when keys are absent or in CI. It enforces adding secrets.json to .gitignore and encourages rotating keys and avoiding logs that reveal secrets.

When to use it

  • When adding API keys or service credentials for external integrations
  • During local setup to keep secrets out of source control
  • When implementing CI/CD pipelines that use environment variables
  • When migrating .env-based workflows to a structured secrets file
  • Before deploying to production to ensure secret fallbacks are defined

Best practices

  • Never hardcode keys in source; use secrets.json or env vars
  • Commit only a secrets_template.json with placeholders
  • Add secrets.json and .env to .gitignore immediately
  • Implement environment variable fallbacks for CI and deploys
  • Rotate keys when team membership changes and avoid logging full keys

Example use cases

  • Local developer onboarding: copy secrets_template.json to secrets.json and fill values
  • CI setup: provide credentials via environment variables instead of committing secrets
  • Third-party API integrations: load provider keys from secrets.json with env fallback
  • Staging vs production: use secrets.json locally and secure env vars in production
  • Automated tests: stub secrets during test runs using environment variables

FAQ

The loader will use environment variable fallbacks; ensure CI sets required env vars.

Should I commit secrets_template.json?

Yes. Commit the template with placeholders to document required keys without exposing real values.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational