For coding agents

The secret request
your agent never sees.

When a coding agent needs an API key, agent-secret-manager opens a localhost form. You paste once. The value lands in .env on your machine. The agent only ever learns "present" or "missing" — never the value itself.

$ npx agent-secret-manager request OPENAI_API_KEY \
    --reason "Run the local OpenAI example"

No install · Local only · MIT

One paste. Then the tab closes.

The agent runs the CLI. Your browser opens to a focused form. You paste, press Enter, the tab closes itself — the value lands in .env with private file permissions, and the agent only ever gets back a presence check.

  • Agent runs request OPENAI_API_KEY
  • You see this form. You paste.
  • Saved to .env. Tab closes.
  • Agent calls check OPENAI_API_KEY, gets "present".

Built for the way agents actually work.

Coding agents tend to drop secret values into chat, terminal output, screenshots, and logs. agent-secret-manager makes that physically impossible.

Not in chat

The agent never receives the value, so it can't echo it back into the conversation.

Not in your terminal

Standard output stays clean. The CLI only prints names and presence — never values.

Not in screenshots

Inputs are masked by default. Captures of the agent session don't reveal the secret.

Quick start

Three commands. No config required. Your project just gains a .env file.

1

Request a secret

The CLI opens a localhost form. The form shows the agent's reason in plain language.

$ npx agent-secret-manager request OPENAI_API_KEY \ --reason "Run the local OpenAI example"
2

Verify presence

Agents call this to confirm the secret exists, without ever reading it.

$ npx agent-secret-manager check OPENAI_API_KEY present OPENAI_API_KEY
3

Run with the env loaded

Inject the env file into a child process when the project doesn't load .env itself.

$ npx agent-secret-manager run -- npm test

Bundled agent skill

Drop-in instructions so coding agents request secrets through this tool by default.

Codex / Claude Code skill

The package ships a skill that tells agents to request missing secrets through the CLI, verify only presence, and never read or print .env contents.

$ npx agent-secret-manager skill install

Security model

Honest about what this tool does and what it doesn't.

Does

Stop routine secret exposure in chat, terminal output, screenshots, shell history, and agent transcripts.

Does

Store values in a local .env file with private permissions, the same shape your dev tools already consume.

Does not

Sandbox a malicious local process. Anything with read access to your filesystem can read the .env.

Does not

Stop an agent that is explicitly instructed by a user to read secret files. The skill instructs agents not to.