p.enthalabs

Show HN: I built a way for coding agents to use secrets without seeing them

github.com · Read Story HN original

Comments

I built secret-shuttle - a tool for coding agents to USE secrets without seeing them.

It's a local daemon + CLI + skills.md.

The agent only ever works with refs like ss://stripe/prod/STRIPE_KEY; a local daemon resolves the real value at the last moment and blacks the agent out during the secret moment.

Two ways it works:

- CLI templates: push a secret to Vercel / GitHub Actions / Cloudflare / Supabase, etc. through the vendor's own CLI.

- Universal browser handoff: your agent drives ANY vendor dashboard with its normal browser tool, and at the secret moment hands off to the daemon. No per-vendor integration — it works on a portal nobody's ever heard of. (I am now focusing on this part)

I built it from scratch using Claude Code, Superpowers skills, and custom review skill where I have Claude Code use Codex with fresh context to review each small piece of work.

Try it: npx secret-shuttle init

Or just tell your Claude Code / Codex to set it up:

Repo: https://github.com/pdumicz/secret-shuttle

It's v0.5 and open source and I have zero intention to offer any commercial version of this product. This is my first contribution to the OSS community.