nopeek
nopeek — Secret Safety for Agent Sessions
Secure proxy between coding agents and your secrets. The agent knows key names, never key values.
Why
Agent tool output can be sent to model providers and retained outside your machine. If a CLI prints a token, that token may enter conversation context or logs. nopeek reduces that risk.
Quick Start
All nopeek commands are safe inside agent sessions — they never output secret values, only key names.
1. Scan and migrate CLIs
pnpx nopeek init
Detects installed cloud CLIs (aws, hcloud, kubectl, etc.), checks their auth config, and migrates to profile-based auth where needed.
More from spences10/skills
svelte-runes
Svelte 5 runes guidance. Use for reactive state, props, effects, $state.raw, $derived.by, $props, and $bindable. Prevents reactivity mistakes.
27svelte-template-directives
Svelte template directives ({@attach}, {@html}, {@render}, {@const}, {@debug}). Use for DOM manipulation, third-party libs, tooltips, canvas, dynamic HTML. @attach replaces use: actions.
10svelte-components
Svelte component patterns. Use for web components, component libraries (Bits UI, Ark UI, Melt UI), form patterns, or third-party integration.
9sveltekit-remote-functions
SvelteKit remote functions guidance. Use for query(), form(), command(), and prerender() patterns in .remote.ts files.
8sveltekit-data-flow
SvelteKit data flow guidance. Use for load functions, form actions, server/client data, and invalidation. Covers +page.server.ts vs +page.ts, serialization, fail(), redirect(), error(), invalidateAll().
8sveltekit-structure
SvelteKit structure guidance. Use for routing, layouts, error handling, SSR, or svelte:boundary. Covers file naming, nested layouts, error boundaries, pending UI, and hydration.
8