cloak-env-protection

Protect .env secrets from AI agents. Real credentials encrypted in a vault — agents see structurally valid sandbox values on disk.

12 stars

Best use case

cloak-env-protection is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Protect .env secrets from AI agents. Real credentials encrypted in a vault — agents see structurally valid sandbox values on disk.

Teams using cloak-env-protection should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

How cloak-env-protection Compares

Feature / Agentcloak-env-protectionStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Protect .env secrets from AI agents. Real credentials encrypted in a vault — agents see structurally valid sandbox values on disk.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Cloak — Agent Security Skill

> This file instructs AI coding agents to protect .env secrets using Cloak.
> Add it to your project root or append its contents to your CLAUDE.md / .cursorrules / .windsurfrules.

## What is Cloak

Cloak encrypts real .env values into a vault and replaces them on disk with structurally valid sandbox values. The developer sees real values in their editor (the extension decrypts them). You (the agent) see sandbox values — that is by design.

## Detection

On first interaction with a project, check for a `.cloak` file in the project root.

- **`.cloak` exists** → Cloak is active. Follow the rules below.
- **`.cloak` does NOT exist but `.env` exists** → suggest `cloak init` (always ask first, never run without consent).
- **Neither exists** → no action needed.

## Rules

### Reading .env files

You CAN read `.env` files. The values on disk are sandbox values (fakes) — they are safe to read, display, and use in code examples. They are structurally valid (e.g. `sk_test_cloak_sandbox_000` for Stripe, `postgres://dev:dev@localhost:5432/devdb` for databases).

Do NOT attempt to access real secret values. Do NOT read vault files, recovery files, or any file under the cloak config directory (`~/.config/cloak/`, `~/Library/Application Support/cloak/`, or `%APPDATA%\cloak\`).

### Running commands that need real env vars

Use `cloak run` to inject real environment variables into any process:

```bash
cloak run npm start
cloak run python app.py
cloak run go run main.go
cloak run docker compose up
```

Do NOT try to read secrets from the vault and inject them manually. `cloak run` handles authentication (Touch ID on macOS, password on other platforms) — the developer will be prompted, and that is expected.

### Adding or updating secrets

Use `cloak set` with the key and value as separate arguments:

```bash
cloak set STRIPE_KEY sk_test_EXAMPLE000000000000000000
cloak set DATABASE_URL "postgres://admin:s3cret@db.example.com:5432/myapp"
```

Do NOT write secrets directly to `.env` files. The `.env` file on disk is managed by Cloak — direct edits will be overwritten.

### Modifying .env structure

To add/remove keys, change comments, or restructure the file, use:

```bash
cloak edit          # opens real values in $EDITOR, re-encrypts on save
cloak set KEY VALUE # add or update a single key
```

Do NOT directly edit `.env` when `.cloak` is present.

### Checking status

```bash
cloak status    # shows protection state — no auth required
```

### Error recovery

If you see a keychain or decryption error, suggest:

```bash
cloak recover
# The developer will need the recovery key shown during `cloak init`
```

### If Cloak is not installed

If the developer wants to use Cloak but it's not installed:

```bash
# macOS / Linux
curl -fsSL https://getcloak.dev/install.sh | sh

# Windows (PowerShell)
irm https://getcloak.dev/install.ps1 | iex
```

The VS Code / Cursor extension is available as "Cloak" in the marketplace.

## Command Reference

| Task | Command | Auth required |
|------|---------|---------------|
| Protect a project | `cloak init` | No |
| Run with real env vars | `cloak run <command>` | Yes |
| Add/update a secret | `cloak set KEY VALUE` | Yes |
| Edit secrets in $EDITOR | `cloak edit` | Yes |
| View sandbox vs real diff | `cloak peek` | Yes |
| Temporarily reveal a key | `cloak reveal KEY --duration 30` | Yes |
| Check protection status | `cloak status` | No |
| Restore lost keychain | `cloak recover` | No |
| Remove protection | `cloak unprotect` | Yes |

"Auth required" means the developer will be prompted for Touch ID (macOS) or their CLI password. This is expected — it prevents agents from accessing secrets programmatically.

## For CLAUDE.md

```markdown
## Secrets

This project uses Cloak to protect .env secrets.
- The .env file on disk contains sandbox values (safe to read).
- Use `cloak run <command>` to run processes that need real env vars.
- Use `cloak set KEY VALUE` to add or update secrets.
- Do not write to .env directly — use `cloak set` or `cloak edit`.
- If .cloak marker is missing and .env exists, ask before running `cloak init`.
```

## For .cursorrules / .windsurfrules

```
This project uses Cloak for .env secret protection. The .env on disk has sandbox values (safe to read).
Use `cloak run <command>` for real env vars. Use `cloak set KEY VALUE` to add secrets.
Do not modify .env directly. If .cloak is missing and .env exists, suggest `cloak init` (ask first).
```

Related Skills

implementing-runtime-application-self-protection

16
from plurigrid/asi

Deploy Runtime Application Self-Protection (RASP) agents to detect and block attacks from within application runtime, covering OpenRASP integration, attack pattern detection, and security policy configuration for Java and Python web applications.

implementing-mimecast-targeted-attack-protection

16
from plurigrid/asi

Deploy Mimecast Targeted Threat Protection including URL Protect, Attachment Protect, Impersonation Protect, and Internal Email Protect to defend against advanced phishing and spearphishing attacks.

implementing-memory-protection-with-dep-aslr

16
from plurigrid/asi

Implements memory protection mechanisms including DEP (Data Execution Prevention), ASLR (Address Space Layout Randomization), CFG (Control Flow Guard), and other exploit mitigations to prevent memory corruption attacks. Use when hardening endpoints against buffer overflow exploits, ROP chains, and code injection. Activates for requests involving memory protection, exploit mitigation, DEP, ASLR, or CFG configuration.

implementing-google-workspace-phishing-protection

16
from plurigrid/asi

Configure Google Workspace advanced phishing and malware protection settings including pre-delivery scanning, attachment protection, spoofing detection, and Enhanced Safe Browsing.

implementing-cloud-workload-protection

16
from plurigrid/asi

Implements cloud workload protection using boto3 and google-cloud APIs for runtime security monitoring, process anomaly detection, and file integrity checking on EC2/GCE instances. Scans for cryptomining, reverse shells, and unauthorized binaries. Use when building runtime security controls for cloud compute workloads.

implementing-cloud-dlp-for-data-protection

16
from plurigrid/asi

Implementing Cloud Data Loss Prevention (DLP) using Amazon Macie, Azure Information Protection, and Google Cloud DLP API to discover, classify, and protect sensitive data across cloud storage, databases, and data pipelines.

implementing-api-threat-protection-with-apigee

16
from plurigrid/asi

Implement API threat protection using Google Apigee policies including JSON/XML threat protection, OAuth 2.0, SpikeArrest, and Advanced API Security for OWASP Top 10 defense.

implementing-gdpr-data-protection-controls

16
from plurigrid/asi

The General Data Protection Regulation (EU) 2016/679 (GDPR) is the EU's comprehensive data protection law governing the collection, processing, storage, and transfer of personal data. This skill cover

SafeAI ASEAN Data Protection

13
from datht-work/safeai-global-agent

ASEAN data protection compliance engine — VN, SG, TH, MY, ID, PH regulatory frameworks. (v5.0.0)

whistleblower-protection-policy

11
from CaseMark/skills

Drafts a U.S. whistleblower-protection policy for corporate and nonprofit organizations. Triggers when the user needs a whistleblower policy, retaliation-prohibition clause, hotline-reporting framework, compliance-ethics policy, or governance document addressing SOX, Dodd-Frank, OSHA, or state whistleblower statutes.

heritage-protection-summary

11
from CaseMark/skills

Generates structured legal briefings on cultural heritage protection developments. Synthesizes judicial decisions, legislation, treaty updates, and regulatory changes across repatriation, trafficking, armed conflict, underwater heritage, intangible cultural heritage, and indigenous rights. Trigger when producing periodic briefings, policy digests, or thematic research for governments, NGOs, cultural institutions, or international organizations working in cultural property law.

managing-senior-investor-protection

11
from CaseMark/skills

Structures senior and vulnerable investor protection programs with exploitation identification and hold protocols. Use when protecting senior investors, identifying financial exploitation, or implementing hold procedures.