con un clic
secret-handling
Keep secrets out of source control, logs, and generated artifacts
Instalar con Codex o Claude Copia este prompt, pégalo en Codex, Claude u otro asistente, y deja que revise la página de la skill y la instale por ti.
Menú
Keep secrets out of source control, logs, and generated artifacts
Instalar con Codex o Claude Copia este prompt, pégalo en Codex, Claude u otro asistente, y deja que revise la página de la skill y la instale por ti.
Basado en la clasificación ocupacional SOC
Write evidence-based architectural proposals before implementation
Write clear, scannable project documentation
Use short-lived branches and small pull requests
Core conventions and patterns for this codebase
Keep tests, validation scripts, and expectations aligned with behavior changes
Cross-platform path handling and command patterns
| name | secret-handling |
| description | Keep secrets out of source control, logs, and generated artifacts |
| domain | security |
| confidence | high |
| source | template |
Agents and contributors may encounter configuration files, workflow inputs, or environment variables that contain live credentials. Never copy those secrets into committed files, logs, or documentation.
.env.example, .env.sample, or documented configuration schemas<set in environment>Before committing, review changed files for:
✓ Good:
GITHUB_TOKEN=<set in repository secrets>SMTP_PASSWORD=<set in environment>✗ Poor:
.env file when a sample file would answer the question