secrets-management

Use this skill when handling API keys, passwords, tokens, private keys, or any sensitive credential. Never hardcode secrets in source code — apply this whenever the word "key", "token", "password", or "secret" appears in the task.

View SKILL.md on GitHub Repository

Stars 3,371

Forks 398

Install this agent skill to your Project

npx add-skill https://github.com/aiming-lab/MetaClaw/tree/main/memory_data/skills/secrets-management

SKILL.md

Secrets Management

Rules:

Never hardcode secrets in source files, configs committed to git, or logs.
Use environment variables for local development (python-dotenv).
Use a secrets manager (AWS Secrets Manager, HashiCorp Vault, 1Password CLI) in production.
Add .env and *.pem to .gitignore before the first commit.
Rotate secrets immediately if they are exposed (leaked in a commit, log, or error message).

Scanning: Use ggshield, truffleHog, or git-secrets in CI to block secret commits.

Anti-patterns:

os.environ.get('KEY', 'hardcoded_default') in production code.
Logging full request/response bodies that may contain tokens.

Maintainer

aiming-lab Core maintainer

Source details

Full Name: aiming-lab/MetaClaw
Branch: main
Path in repo: memory_data/skills/secrets-management
License: MIT License
Topics: agent llm openclaw ai-agent fine-tuning lora reinforcement-learning continual-learning meta-learning metaclaw online-learning skill-learning tinker

Featured Tools

Join Our Newsletter

Stay updated with the latest AI tools, news, and offers by subscribing to our weekly newsletter.

Recommended Agent Skills

Expand your agent's capabilities with these related and highly-rated skills.

aiming-lab/MetaClaw

structured-progress-update

Use this skill when summarizing progress on an ongoing project or multi-step task. Give a clear, scannable status report whenever asked for an update or at the end of a work session.

3,371 398

Explore

aiming-lab/MetaClaw

async-communication-etiquette

Use this skill when writing messages in async channels (Slack, GitHub issues, email threads) where the reader may not have context and cannot ask follow-up questions immediately.

3,371 398

Explore

aiming-lab/MetaClaw

idempotent-script-design

Use this skill when writing scripts, cron jobs, data pipelines, or any automated process that may be run multiple times. Design every operation to be safely re-runnable without side effects.

3,371 398

Explore

aiming-lab/MetaClaw

input-validation-and-sanitization

Use this skill when implementing any endpoint, form handler, CLI tool, or function that accepts external input. Validate and sanitize all untrusted data before processing — never assume input is safe.

3,371 398

Explore

aiming-lab/MetaClaw

graceful-error-recovery

Use this skill when a tool call, command, or API request fails. Diagnose the root cause systematically before retrying or changing approach. Do not retry the same failing call without first understanding why it failed.

3,371 398

Explore

aiming-lab/MetaClaw

codebase-navigation

Use this skill when exploring an unfamiliar codebase, tracing code paths, or answering questions about how the system works. Read before writing, and build a mental model of the architecture before making changes.

3,371 398

Explore

Didn't find tool you were looking for?

Search AI Tools

Install this agent skill to your Project

SKILL.md

Secrets Management

Recommended Agent Skills

structured-progress-update

async-communication-etiquette

idempotent-script-design

input-validation-and-sanitization

graceful-error-recovery

codebase-navigation