@principle2026/vault 1.1.2 → 1.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/SKILL.md +20 -9
- package/package.json +1 -1
package/SKILL.md
CHANGED
|
@@ -43,46 +43,57 @@ If it shows `Initialized: no`, prompt the user:
|
|
|
43
43
|
|
|
44
44
|
```
|
|
45
45
|
Vault is not initialized. Please run:
|
|
46
|
-
vault init
|
|
46
|
+
vault init
|
|
47
47
|
|
|
48
48
|
Then set a passphrase (at least 8 characters).
|
|
49
49
|
```
|
|
50
50
|
|
|
51
51
|
### 1. Save a secret (set_secret)
|
|
52
52
|
|
|
53
|
-
|
|
53
|
+
**IMPORTANT**: Always use `VAULT_PASSPHRASE` environment variable to avoid interactive prompts.
|
|
54
|
+
|
|
55
|
+
If the Vault passphrase is not known, ask the user first:
|
|
56
|
+
|
|
57
|
+
```
|
|
58
|
+
I need your Vault passphrase to save this secret.
|
|
59
|
+
```
|
|
60
|
+
|
|
61
|
+
Then use bash command:
|
|
54
62
|
|
|
55
63
|
```bash
|
|
56
|
-
|
|
64
|
+
VAULT_PASSPHRASE="<passphrase>" vault set <key-name> "<value>" --description "<description>"
|
|
57
65
|
```
|
|
58
66
|
|
|
59
67
|
Example:
|
|
60
68
|
```bash
|
|
61
|
-
|
|
69
|
+
VAULT_PASSPHRASE="mypassword" vault set openai_key "sk-abc123" --description "OpenAI API Key"
|
|
62
70
|
```
|
|
63
71
|
|
|
64
|
-
**Important**: Never pass secret values directly in command history. Use echo pipe.
|
|
65
|
-
|
|
66
72
|
### 2. Get a secret (get_secret)
|
|
67
73
|
|
|
68
74
|
When the user wants to retrieve a secret, use bash command:
|
|
69
75
|
|
|
70
76
|
```bash
|
|
71
|
-
vault get <key-name>
|
|
77
|
+
VAULT_PASSPHRASE="<passphrase>" vault get <key-name>
|
|
72
78
|
```
|
|
73
79
|
|
|
74
|
-
This will
|
|
80
|
+
This will output the secret value.
|
|
75
81
|
|
|
76
82
|
### 3. List secrets (list_secrets)
|
|
77
83
|
|
|
78
84
|
```bash
|
|
79
|
-
vault list
|
|
85
|
+
VAULT_PASSPHRASE="<passphrase>" vault list
|
|
80
86
|
```
|
|
81
87
|
|
|
82
88
|
Shows all saved secret names (without values).
|
|
83
89
|
|
|
84
90
|
## Security Notes
|
|
85
91
|
|
|
92
|
+
- Passphrase must be at least 8 characters
|
|
93
|
+
- Secrets are encrypted using AES-256-GCM
|
|
94
|
+
- Encrypted data is stored in iCloud (if available) or locally
|
|
95
|
+
- Use VAULT_PASSPHRASE env var to avoid interactive prompts in AI mode
|
|
96
|
+
|
|
86
97
|
- Passphrase must be at least 8 characters
|
|
87
98
|
- Secrets are encrypted using AES-256-GCM
|
|
88
99
|
- Encrypted data is stored in iCloud (if available) or locally
|