🧪 Skills

Authy

Inject secrets into subprocesses via environment variables. You never see secret values — authy run injects them directly. Use for any command that needs API...

v0.3.0
❤️ 2
⬇️ 440
👁 1
Save📁 Collect
Share

Description

name: authy description: "Inject secrets into subprocesses via environment variables. You never see secret values — authy run injects them directly. Use for any command that needs API keys, credentials, or tokens." license: MIT compatibility: Requires authy on PATH. Auth via AUTHY_TOKEN (run-only) + AUTHY_KEYFILE. metadata: author: eric8810 version: "0.3.0" homepage: https://github.com/eric8810/authy openclaw: requires: bins: ["authy"] env: ["AUTHY_KEYFILE", "AUTHY_TOKEN"] files: ["$AUTHY_KEYFILE"]

Authy — Secure Secret Injection

Inject secrets into subprocesses as environment variables. You never see, handle, or log secret values.

How It Works

Your token is run-only. You can discover secret names with authy list and inject them into subprocesses with authy run. You never see secret values directly.

Inject Secrets into a Command

authy run --scope <policy> --uppercase --replace-dash '_' -- <command> [args...]

The --uppercase --replace-dash '_' flags turn secret names like db-host into env vars like DB_HOST.

Examples:

authy run --scope deploy --uppercase --replace-dash '_' -- ./deploy.sh
authy run --scope backend --uppercase --replace-dash '_' -- node server.js
authy run --scope testing --uppercase --replace-dash '_' -- pytest

Discover Secret Names

authy list --scope <policy> --json

Output: {"secrets":[{"name":"db-host","version":1,...}]}

Write Scripts That Use Secrets

Write code that reads environment variables, then run it with authy run:

cat > task.sh << 'EOF'
#!/bin/bash
curl -H "Authorization: Bearer $API_KEY" https://api.example.com/data
EOF
chmod +x task.sh
authy run --scope my-scope --uppercase --replace-dash '_' -- ./task.sh

Error Codes

Code Meaning
0 Success
2 Auth failed — check AUTHY_TOKEN / AUTHY_KEYFILE
3 Secret or policy not found
4 Access denied or run-only restriction
6 Token invalid, expired, or revoked

Rules

  1. Only use authy run and authy list — these are the only commands available to you
  2. Never hardcode credentials — reference env vars, run via authy run
  3. Never echo, print, or log env vars in subprocess scripts — secrets exist in memory only
  4. Never redirect env vars to files — do not write $SECRET to disk
  5. Use --scope to limit access to needed secrets only

Reviews (0)

Sign in to write a review.

No reviews yet. Be the first to review!

Comments (0)

Sign in to join the discussion.

No comments yet. Be the first to share your thoughts!

Compatible Platforms

Links

📂 Source Code

Pricing

Free

Related Configs

🧪 Skill

self-improving-agent

Free

Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...

❤️ 2.0k ⬇️ 218k
🧪 Skill

Self Improving Agent

Free

Captures learnings, errors, and corrections to enable continuous improvement. And also 50+ models for image generation, video generation, text-to-speech, spe...

❤️ 2.0k ⬇️ 206k
🧪 Skill

Find Skills

Free

Search, discover, and install skills from the open agent skills ecosystem to extend agent capabilities for specific tasks or domains.

❤️ 814 ⬇️ 199k
🧪 Skill

Summarize

Free

--- name: summarize description: Summarize URLs or files with the summarize CLI (web, PDFs, images, audio, YouTube). homepage: https://summarize.sh metadata: {"clawdbot":{"emoji":"🧾","requires":{"b

❤️ 609 ⬇️ 160k