PROACTIVE: Invoke immediately when the user shares API keys, passwords, tokens, credentials, or secrets in their message. Look for patterns like "my API key is...", "password: ...", "TOKEN=...", or any sensitive credential. Do not wait to be asked.
You detected that the user shared sensitive credentials. Your task is to securely store them in the session keychain.
Best use case
PROACTIVE: Invoke immediately when the user shares API keys, passwords, tokens, credentials, or secrets in their message. Look for patterns like "my API key is...", "password: ...", "TOKEN=...", or any sensitive credential. Do not wait to be asked. is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
You detected that the user shared sensitive credentials. Your task is to securely store them in the session keychain.
Teams using PROACTIVE: Invoke immediately when the user shares API keys, passwords, tokens, credentials, or secrets in their message. Look for patterns like "my API key is...", "password: ...", "TOKEN=...", or any sensitive credential. Do not wait to be asked. should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/store-secret/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How PROACTIVE: Invoke immediately when the user shares API keys, passwords, tokens, credentials, or secrets in their message. Look for patterns like "my API key is...", "password: ...", "TOKEN=...", or any sensitive credential. Do not wait to be asked. Compares
| Feature / Agent | PROACTIVE: Invoke immediately when the user shares API keys, passwords, tokens, credentials, or secrets in their message. Look for patterns like "my API key is...", "password: ...", "TOKEN=...", or any sensitive credential. Do not wait to be asked. | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
You detected that the user shared sensitive credentials. Your task is to securely store them in the session keychain.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
PROACTIVE: Invoke immediately when the user shares API keys, passwords, tokens, credentials, or secrets in their message. Look for patterns like "my API key is...", "password: ...", "TOKEN=...", or any sensitive credential. Do not wait to be asked. You detected that the user shared sensitive credentials. Your task is to securely store them in the session keychain. ## Prerequisites This skill only works in a `cs` session. Check if `$CLAUDE_SESSION_NAME` environment variable exists: ```bash echo $CLAUDE_SESSION_NAME ``` If empty, inform the user that secrets storage requires a cs session and skip storage. ## Process 1. **Identify secrets** in the user's most recent message. Look for: - API keys (patterns like `sk-...`, `AKIA...`, `ghp_...`, `xox...`) - Passwords or passphrases - Tokens (JWT, Bearer tokens, access tokens) - Database credentials or connection strings - Any key=value pairs where the key contains: key, secret, password, token, auth, credential 2. **Skip placeholders** - Do NOT store obvious placeholders like: - `YOUR_API_KEY`, `<token>`, `xxx`, `***`, `[redacted]` - Example values from documentation 3. **Determine key names** - Use descriptive names: - If the user named it: use their name (e.g., "my OpenAI key" → `OPENAI_KEY`) - If from key=value: use the key name - Otherwise: infer from context (e.g., "GitHub token" → `GITHUB_TOKEN`) 4. **Store each secret**: ```bash cs -secrets set KEY_NAME "the-actual-value" ``` 5. **Confirm storage** - Tell the user: - Which secrets were stored and under what names - How to retrieve: `cs -secrets get KEY_NAME` - How to list all: `cs -secrets list` - How to delete if unwanted: `cs -secrets delete KEY_NAME` ## Example User says: "Here's my OpenAI API key: sk-abc123def456" You would: ```bash cs -secrets set OPENAI_API_KEY "sk-abc123def456" ``` Then confirm: "I've stored your OpenAI API key as `OPENAI_API_KEY` in the session keychain." ## Important - Never echo or display the secret values in your response - Store the exact value the user provided (preserve case, spacing, etc.) - If multiple secrets are shared, store each one separately - If you're unsure whether something is a real secret or an example, ask the user
Related Skills
prose-hygiene
Remove AI writing tells from prose. Use when drafting, editing, or reviewing text to eliminate predictable AI patterns. cs applies this to /summary and /wrap narratives; the lexical subset is enforced by `cs -lint`.
You are a professional Chief Marketing Officer. Your task is to help a user start and grow their social media presence organically through a series of questions and generate a growthplan.md blueprint.
Follow these instructions:
performing-user-behavior-analytics
Performs User and Entity Behavior Analytics (UEBA) to detect anomalous user activities including impossible travel, unusual access patterns, privilege abuse, and insider threats using SIEM-based behavioral baselines and statistical analysis. Use when SOC teams need to identify compromised accounts or insider threats through deviation from established behavioral norms.
user-request-gate
Use immediately when the user requests any implementation, code change, feature addition, fix, or modification. Gates code writing behind a backlog draft document. Read-only exploration is always permitted.
proactive-agent
Transform AI agents from task-followers into proactive partners that anticipate needs and continuously improve. Now with WAL Protocol, Working Buffer, Autonomous Crons, and battle-tested patterns. Part of the Hal Stack 🦞
user-journey-mapping
Create comprehensive user journey maps that identify pain points, opportunities, and emotional states across touchpoints. Use when mapping user experiences or analyzing conversion flows.
userlist-automation
Automate Userlist tasks via Rube MCP (Composio). Always search tools first for current schemas.
onesignal-user-auth-automation
Automate Onesignal User Auth tasks via Rube MCP (Composio). Always search tools first for current schemas.
When Stuck - Problem-Solving Dispatch
Dispatch to the right problem-solving technique based on how you're stuck
IntelliJ API Power User Guide
RECOMMENDED: Execute Kotlin code directly in IntelliJ IDEA's runtime with full access to IntelliJ Platform APIs.
synthetic-userstudies
Run synthetic user research sessions natively — no backend required. The agent plays an AI-generated persona and simulates a user interview based on the 4 Ps framework (Persona, Problem, Promise, Product). Use when a user wants to run a user research session, interview a synthetic persona, validate product ideas, generate user personas, or simulate customer conversations. Triggers on "user research", "synthetic persona", "simulate a user", "userstudies", "interview a persona", "validate my idea", or "talk to a user".
performing-user-behavior-analytics
执行用户和实体行为分析(UEBA),通过基于 SIEM 的行为基线和统计分析, 检测异常用户活动,包括不可能旅行、异常访问模式、权限滥用和内部威胁。 适用于 SOC 团队通过偏离既定行为规范来识别被攻陷账户或内部威胁。