Secrets Management

This skill provides comprehensive guidance for implementing secure secrets management in CI/CD pipelines. It covers HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, and Google Secret Manager integration, along with best practices for secret rotation, scanning, and Kubernetes secrets synchronization.

This skill helps design and implement production-ready CI/CD pipelines with multi-stage workflows, approval gates, and deployment strategies. It provides templates for GitHub Actions and GitLab CI, covers secrets management with Vault/AWS/Azure/GCP, and includes security scanning, monitoring integration, and rollback automation patterns.

A comprehensive security reference skill that provides OWASP security patterns, secrets management best practices, and automated security testing workflows. It includes code examples for input validation, authentication, JWT handling, password hashing, and security headers, along with GitHub Actions templates for CI/CD security scanning.

A credential management skill that helps users load API keys from a centralized access file (like ~/Documents/Access.txt) and automatically configure project environments. It recognizes key formats from 15+ services including OpenAI, Anthropic, Stripe, AWS, and GitHub, validates credentials via API calls, and creates properly secured .env files.

Secure environment variable management with Varlock. Use when handling secrets, API keys, credentials, or any sensitive configuration. Ensures secrets are never exposed in terminals, logs, traces, or Claude's context. Trigger phrases include "environment variables", "secrets", ".env", "API key", "credentials", "sensitive", "Varlock".