authy

Inject secrets into subprocesses via environment variables. You never see secret values — authy run injects them directly. Use for any command that needs API keys, credentials, or tokens.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "authy" with this command: npx skills add eric8810/authy/eric8810-authy-authy

Authy — Secure Secret Injection

Inject secrets into subprocesses as environment variables. You never see, handle, or log secret values.

How It Works

Your token is run-only. You can discover secret names with authy list and inject them into subprocesses with authy run. You never see secret values directly.

Inject Secrets into a Command

authy run --scope <policy> --uppercase --replace-dash '_' -- <command> [args...]

The --uppercase --replace-dash '_' flags turn secret names like db-host into env vars like DB_HOST.

Examples:

authy run --scope deploy --uppercase --replace-dash '_' -- ./deploy.sh
authy run --scope backend --uppercase --replace-dash '_' -- node server.js
authy run --scope testing --uppercase --replace-dash '_' -- pytest

Discover Secret Names

authy list --scope <policy> --json

Output: {"secrets":[{"name":"db-host","version":1,...}]}

Resolve Placeholders in Files

Replace <authy:key-name> placeholders in config files with secret values:

authy resolve config.yaml.tpl --scope <policy> --output config.yaml

Placeholders use the format <authy:key-name>. Example template:

database:
  host: <authy:db-host>
  port: <authy:db-port>

Write Scripts That Use Secrets

Write code that reads environment variables, then run it with authy run:

cat > task.sh << 'EOF'
#!/bin/bash
curl -H "Authorization: Bearer $API_KEY" https://api.example.com/data
EOF
chmod +x task.sh
authy run --scope my-scope --uppercase --replace-dash '_' -- ./task.sh

Error Codes

CodeMeaning
0Success
2Auth failed — check AUTHY_TOKEN / AUTHY_KEYFILE
3Secret or policy not found
4Access denied or run-only restriction
6Token invalid, expired, or revoked

Rules

  1. Only use authy run, authy resolve, and authy list — these are the only commands available to you
  2. Never hardcode credentials — reference env vars, run via authy run
  3. Never echo, print, or log env vars in subprocess scripts — secrets exist in memory only
  4. Never redirect env vars to files — do not write $SECRET to disk
  5. Use --scope to limit access to needed secrets only

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

open-mail-cli

No summary provided by upstream source.

Repository SourceNeeds Review
5-eric8810
General

image-gen

Generate AI images from text prompts. Triggers on: "生成图片", "画一张", "AI图", "generate image", "配图", "create picture", "draw", "visualize", "generate an image".

Archived SourceRecently Updated
--0xfango
General

explainer

Create explainer videos with narration and AI-generated visuals. Triggers on: "解说视频", "explainer video", "explain this as a video", "tutorial video", "introduce X (video)", "解释一下XX(视频形式)".

Archived SourceRecently Updated
--0xfango
General

asr

Transcribe audio files to text using local speech recognition. Triggers on: "转录", "transcribe", "语音转文字", "ASR", "识别音频", "把这段音频转成文字".

Archived SourceRecently Updated
--0xfango