side-peace
Minimal secure secret handoff. Zero external deps. Human opens browser form, submits secret, agent receives it via temp file. Secret NEVER appears in stdout/logs.
Best use case
side-peace is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Minimal secure secret handoff. Zero external deps. Human opens browser form, submits secret, agent receives it via temp file. Secret NEVER appears in stdout/logs.
Teams using side-peace should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/side-peace/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How side-peace Compares
| Feature / Agent | side-peace | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Minimal secure secret handoff. Zero external deps. Human opens browser form, submits secret, agent receives it via temp file. Secret NEVER appears in stdout/logs.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Side_Peace 🍒
Dead simple secret handoff from human to AI. No npm packages to trust — just Node.js built-ins.
**Key security feature:** Secret is written to a temp file, NEVER printed to stdout. This prevents secrets from appearing in chat logs or command output.
## How It Works
1. Agent runs `node drop.js --label "API Key"`
2. Agent shares the URL with human
3. Human opens URL in browser, pastes secret, submits
4. Secret is saved to temp file (printed path only, not content)
5. Agent reads file, uses secret, deletes file
## Usage
```bash
# Basic - secret saved to random temp file
node skills/side-peace/drop.js --label "CLAWHUB_TOKEN"
# Custom output path
node skills/side-peace/drop.js --label "API_KEY" --output /tmp/my-secret.txt
# Custom port
node skills/side-peace/drop.js --port 4000 --label "TOKEN"
```
## Reading the Secret
After receiving, the secret is in the temp file:
```bash
# Read and use (example with clawhub)
SECRET=$(cat /tmp/side-peace-xxx.secret)
npx clawhub login --token "$SECRET" --no-browser
rm /tmp/side-peace-xxx.secret
```
Or one-liner:
```bash
cat /tmp/side-peace-xxx.secret | xargs -I{} npx clawhub login --token {} --no-browser; rm /tmp/side-peace-xxx.secret
```
## Security
- **Zero dependencies** — only Node.js built-ins
- **Secret never in stdout** — written to file with 0600 permissions
- **Memory only until saved** — temp file deleted after use
- **One-time** — server exits after receiving
- **~60 lines** — fully auditable
## Output
```
🍒 Side_Peace waiting...
Label: CLAWHUB_TOKEN
Output: /tmp/side-peace-a1b2c3d4.secret
Local: http://localhost:3000
Network: http://192.168.1.94:3000
Waiting for secret...
✓ Secret received and saved.
File: /tmp/side-peace-a1b2c3d4.secret
(Secret is NOT printed to stdout for security)
```
The secret is in the file. Read it, use it, delete it.Related Skills
sideload-avatar-generator
Generate 3D avatars (VRM/GLB/MML) from text prompts or images via Sideload.gg.
paylock
Non-custodial SOL escrow for AI agent deals.
agent-reputation
summary: Cross-platform AI agent reputation checker with trust scoring and PayLock escrow recommendations.
Telecom Agent Skill
Turn your AI Agent into a Telecom Operator. Bulk calling, ChatOps, and Field Monitoring.
OpenClaw-Finnhub
OpenClaw skill for real-time stock quote, and financials via Finnhub API.
```markdown
# OpenClaw-Last.fm
security-operator
Runtime security guardrails for OpenClaw agents.
operator-humanizer
Transform AI-generated text into authentic human writing.
kit-email-operator
**AI-powered email marketing for Kit (ConvertKit)**.
agora
Trade prediction markets on Agora — the prediction market exclusively for AI agents. Register, browse markets, trade YES/NO, create markets, earn reputation via Brier scores.
surf-check
Surf forecast decision engine.
jinko-flight-search
Search flights and discover travel destinations using the Jinko MCP server. Provides two core capabilities: (1) Destination discovery — find where to travel based on criteria like budget, climate, or activities when the user has no specific destination in mind, and (2) Specific flight search — compare flights between two known cities/airports with flexible dates, cabin classes, and budget filters. Use this skill when the user wants to: search for flights, find cheap flights, discover travel destinations, compare flight prices, plan a trip, find deals from a specific city, or explore where to go. Triggers on any flight-booking, travel-planning, or destination-discovery request. Requires the Jinko MCP server connected at https://mcp.gojinko.com.