authy

Inject secrets into subprocesses via environment variables. You never see secret values — authy run injects them directly. Use for any command that needs API keys, credentials, or tokens.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "authy" with this command: npx skills add eric8810/authy/eric8810-authy-authy

Authy — Secure Secret Injection

Inject secrets into subprocesses as environment variables. You never see, handle, or log secret values.

How It Works

Your token is run-only. You can discover secret names with authy list and inject them into subprocesses with authy run. You never see secret values directly.

Inject Secrets into a Command

authy run --scope <policy> --uppercase --replace-dash '_' -- <command> [args...]

The --uppercase --replace-dash '_' flags turn secret names like db-host into env vars like DB_HOST.

Examples:

authy run --scope deploy --uppercase --replace-dash '_' -- ./deploy.sh
authy run --scope backend --uppercase --replace-dash '_' -- node server.js
authy run --scope testing --uppercase --replace-dash '_' -- pytest

Discover Secret Names

authy list --scope <policy> --json

Output: {"secrets":[{"name":"db-host","version":1,...}]}

Resolve Placeholders in Files

Replace <authy:key-name> placeholders in config files with secret values:

authy resolve config.yaml.tpl --scope <policy> --output config.yaml

Placeholders use the format <authy:key-name>. Example template:

database:
  host: <authy:db-host>
  port: <authy:db-port>

Write Scripts That Use Secrets

Write code that reads environment variables, then run it with authy run:

cat > task.sh << 'EOF'
#!/bin/bash
curl -H "Authorization: Bearer $API_KEY" https://api.example.com/data
EOF
chmod +x task.sh
authy run --scope my-scope --uppercase --replace-dash '_' -- ./task.sh

Error Codes

CodeMeaning
0Success
2Auth failed — check AUTHY_TOKEN / AUTHY_KEYFILE
3Secret or policy not found
4Access denied or run-only restriction
6Token invalid, expired, or revoked

Rules

  1. Only use authy run, authy resolve, and authy list — these are the only commands available to you
  2. Never hardcode credentials — reference env vars, run via authy run
  3. Never echo, print, or log env vars in subprocess scripts — secrets exist in memory only
  4. Never redirect env vars to files — do not write $SECRET to disk
  5. Use --scope to limit access to needed secrets only

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

open-mail-cli

No summary provided by upstream source.

Repository SourceNeeds Review
5-eric8810
General

ai-image-generator

AI 图片与视频异步生成技能,调用 AI Artist API 根据文本提示词生成图片或视频,自动轮询直到任务完成。 ⚠️ 使用前必须设置环境变量 AI_ARTIST_TOKEN 为你自己的 API Key! 获取 API Key:访问 https://staging.kocgo.vip/index 注册登录后创建。 支持图片模型:SEEDREAM5_0(默认高质量图片)、NANO_BANANA_2(轻量快速)。 支持视频模型:SEEDANCE_1_5_PRO(文生视频,支持音频)、SORA2(文生视频或首尾帧图生视频,支持 firstImageUrl/lastImageUrl)。 触发场景: - 用户要求生成图片,如"生成一匹狼"、"画一只猫"、"风景画"、"帮我画"等。 - 用户要求生成视频,如"生成视频"、"用 SORA2 生成"、"文生视频"、"图生视频"、"生成一段...的视频"等。 - 用户指定模型:SEEDREAM5_0、NANO_BANANA_2、SEEDANCE_1_5_PRO、SORA2。

Archived SourceRecently Updated
--2393970875
General

淘宝投放数据分析

# 投放数据分析技能

Archived SourceRecently Updated
--18262202398-star
General

productclank-campaigns

Community-powered growth for builders. Boost amplifies your social posts with authentic community engagement (replies, likes, reposts). Discover finds relevant conversations and generates AI-powered replies at scale. Use Boost when the user has a post URL. Use Discover when the user wants to find and engage in conversations about their product.

Archived SourceRecently Updated
--ProductClank