secure-secrets-for-agents
Installation
SKILL.md
Secure Secrets for Agents
Handle agent credentials with env refs, redaction, least privilege, and non-leaking prompts.
When to Use
Use this Note when a Memoire or Studio run needs agent secret, env key, credential setup, redaction, api key handling.
Workflow
- Store secret references, not secret values, in Notes, prompts, configs, logs, and screenshots.
- Separate setup commands from verification commands so auth checks can run without exposing keys.
- Scope keys by provider, workspace, and purpose when the platform supports it.
- Redact command output before handing it to another agent or saving it in memory.
- Rotate or revoke credentials immediately if a secret appears in terminal, browser, screenshot, or artifact output.