Secrets your agent never sees.

When a coding agent needs API keys, agent-secret-manager opens a localhost form. You paste any values you have, skip the rest, and the tool writes only submitted values to .env. The agent gets names and presence state, never the secret contents.

Use with npx View source

$ npx agent-secret-manager request OPENAI_API_KEY \
    --reason "Run the local OpenAI example"

No install · Local only · MIT

http://127.0.0.1:54213/?token=...

Secrets requested by openai-example

Values you enter are stored in .env on this machine. The agent never sees the secret values.

OPENAI_API_KEY Optional

sk-proj-*******************

DATABASE_URL Configured

Paste value or leave blank

Leave blank to keep the existing value.

Save and close Enter

Why it exists

Built for the way agents actually work.

Coding agents tend to pull secrets into chat, terminal output, screenshots, and logs. agent-secret-manager keeps the value in a local browser form and records only metadata for the agent.

Not in chat

The agent never receives the value, so it cannot echo it back into the conversation.

Not in your terminal

Standard output stays clean. The CLI prints names and saved, skipped, or present state.

Not in screenshots

Inputs are masked by default. Captures of the agent session do not reveal the secret.

Quick start

Three commands. No config required.

Your project gains a local .env file, a blank .env.example, and metadata that never contains values.

Request a secret

The CLI opens a localhost form. The user can submit some values and skip the rest.

$ npx agent-secret-manager request OPENAI_API_KEY \
    --reason "Run the local OpenAI example"

Verify presence

Agents call this to confirm a value exists without reading it.

$ npx agent-secret-manager check OPENAI_API_KEY
present OPENAI_API_KEY

Run with the env loaded

Inject the env file into a child process when the project does not load .env itself.

$ npx agent-secret-manager run -- npm test

Agent skill

Bundled instructions for agent workflows.

Install the skill so coding agents request missing secrets through this CLI, verify only presence, and avoid reading or printing .env.

Codex / Claude Code skill

The package ships an agent skill with the expected request, check, and run flow.

$ npx agent-secret-manager skill install

Security model

Specific protection, honest boundaries.

This tool prevents routine exposure. It is not a sandbox against local processes that can read files.

Does

Stop routine secret exposure in chat, terminal output, screenshots, shell history, and agent transcripts.

Does

Store submitted values in a local .env file with private permissions.

Does not

Sandbox a malicious local process. Anything with read access to your filesystem can read .env.

Does not

Stop an agent that is explicitly instructed by a user to read secret files. The skill instructs agents not to.