nav/PaddedCell
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tighten secret handling guidance

Browse Source
This commit is contained in:
nav
2026-03-08 21:50:44 +00:00
parent c16149db9d
commit 2e38cb8fe2
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
skills/pass-mgr/SKILL.md
View File

@@ -33,12 +33,13 @@ Always invoke pass_mgr through the `pcexec` tool. Do NOT run pass_mgr directly.
## Usage notes
- Treat all outputs as sensitive. Do not echo secrets unless explicitly requested.
- Treat all outputs as sensitive. Never echo secrets.
- When the agent needs credentials to access a resource, first try `list` to see if a matching key already exists before asking the user.
- Prefer `generate` when the user wants a new secret or password.
- Use `set` to store both username and secret in one step.
- Use `get-username` and `get-secret` for retrieval.
- Storing can be explicit (user asks) or proactive after the agent successfully registers/creates an account.
- Secrets should be fetched and used immediately in a command, not displayed (e.g., `xxx_cli login --user $(pass_mgr get-username some_key) --pass $(pass_mgr get-secret some_key)`).
## Examples (pcexec)