Official Verified

secret-safe

Secure API key and secrets management for agent skills. Use this skill whenever a task requires authenticating with an external service, reading or writing API keys, tokens, passwords, or credentials of any kind. Also trigger when auditing other skills for credential leaks, when a user asks how to securely pass a secret to a skill, or when reviewing a SKILL.md that handles sensitive values. This skill teaches the agent how to handle secrets WITHOUT ever placing them in the LLM context, prompts, logs, or output artifacts — using OpenClaw's native env injection instead.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/brycexbt/secret-safe

Download Source Code (.zip)

Secret-Safe: Secure Credential Handling for Agent Skills

Why this skill exists: Snyk researchers found that 7.1% of all ClawHub skills instruct agents to handle API keys through the LLM context — making every secret an active exfiltration channel. This skill teaches the correct pattern.

The Core Rule

A secret must never appear in:

The LLM prompt or system context
Claude's response or reasoning
Logs, session exports, or .jsonl history files
File artifacts created by the agent
Error messages echoed back to the user

A secret must only flow through:

process.env (injected by OpenClaw before the agent turn)
The shell environment of a subprocess the agent spawns
A secrets manager CLI (read at subprocess level, not piped back into context)

Pattern 1: Environment Injection (Preferred)

This is OpenClaw's native, secure path. Use it for any skill that needs an API key.

In `SKILL.md` frontmatter

---
name: my-service-skill
description: Interact with MyService API.
metadata: {"openclaw": {"requires": {"env": ["MY_SERVICE_API_KEY"]}, "primaryEnv": "MY_SERVICE_API_KEY"}}
---

The requires.env gate ensures the skill will not load if the key isn't present — no silent failures, no prompting the user to paste a key mid-conversation.

The primaryEnv field links to skills.entries.<n>.apiKey in openclaw.json, so the user configures it once in their config file, never in chat.

In skill instructions

## Authentication
The API key is available as `$MY_SERVICE_API_KEY` in the shell environment.
Pass it to CLI tools or curl as an environment variable — never echo it or
include it in any output returned to the user.

Example safe curl invocation (instruct the agent to do this)

# CORRECT — key stays in environment, never in command string visible to LLM
MY_SERVICE_API_KEY="$MY_SERVICE_API_KEY" curl -s \
  -H "Authorization: Bearer $MY_SERVICE_API_KEY" \
  https://api.myservice.com/v1/data

Never instruct the agent to do this:

# WRONG — key is visible in LLM context, command history, and logs
curl -H "Authorization: Bearer sk-abc123realkeyhere" https://api.myservice.com/

Pattern 2: Secrets Manager Integration

For production setups or team environments, read secrets from a manager at subprocess level.

Supported managers

Manager	CLI	Env var pattern
macOS Keychain	`security find-generic-password -w`	N/A
1Password CLI	`op read op://vault/item/field`	`OP_SERVICE_ACCOUNT_TOKEN`
Doppler	`doppler run --`	`DOPPLER_TOKEN`
HashiCorp Vault	`vault kv get -field=value`	`VAULT_TOKEN`
Bitwarden CLI	`bw get password item-name`	`BW_SESSION`

Safe shell wrapper pattern

Create a scripts/run-with-secret.sh in your skill:

Read Full Documentation on GitHub

Metadata

Author@brycexbt

Stars2387

Updated2026-03-09

View Author Profile

AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill

Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-brycexbt-secret-safe": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Related Skills

opena2a-security

Security hardening for OpenClaw. Audit your configuration, scan installed skills for malware, detect CVE-2026-25253, check credential exposure, and get actionable fix recommendations. Runs locally with no external API calls.

abdelsfane 2387

doctorbot-ci-validator

Stop failing in production. Validate your GitHub Actions, GitLab CI & Keep workflows offline with surgical precision. Born from Keep bounty research, perfected for agents.

bamontejano 2387

openclaw-security-monitor

Proactive security monitoring, threat scanning, and auto-remediation for OpenClaw deployments

adibirzu 2387

sealvera

Tamper-evident audit trail for AI agent decisions. Use when logging LLM decisions, setting up AI compliance, auditing agents for EU AI Act, HIPAA, GDPR or SOC 2, or when a user asks about AI decision audit trails, explainability, or SealVera.

ahessami123 2387

env-setup

Scan codebase for environment variables, generate .env.example, validate .env, and ensure .gitignore safety

fratua 2387