2 comments

  • pdumicz 2 hours ago

    I built secret-shuttle - a tool for coding agents to USE secrets without seeing them.

    It's a local daemon + CLI + skills.md.

    The agent only ever works with refs like ss://stripe/prod/STRIPE_KEY; a local daemon resolves the real value at the last moment and blacks the agent out during the secret moment.

    Two ways it works:

    - CLI templates: push a secret to Vercel / GitHub Actions / Cloudflare / Supabase, etc. through the vendor's own CLI.

    - Universal browser handoff: your agent drives ANY vendor dashboard with its normal browser tool, and at the secret moment hands off to the daemon. No per-vendor integration — it works on a portal nobody's ever heard of. (I am now focusing on this part)

    I built it from scratch using Claude Code, Superpowers skills, and custom review skill where I have Claude Code use Codex with fresh context to review each small piece of work.

    Try it: npx secret-shuttle init

    Or just tell your Claude Code / Codex to set it up:

    Repo: https://github.com/pdumicz/secret-shuttle

    It's v0.5 and open source and I have zero intention to offer any commercial version of this product. This is my first contribution to the OSS community.

  • pdumicz an hour ago

    [flagged]