원클릭으로
secret-handling
Keep secrets out of source control, logs, and generated artifacts
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Keep secrets out of source control, logs, and generated artifacts
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Write evidence-based architectural proposals before implementation
Write clear, scannable project documentation
Use short-lived branches and small pull requests
Core conventions and patterns for this codebase
Keep tests, validation scripts, and expectations aligned with behavior changes
Cross-platform path handling and command patterns
| name | secret-handling |
| description | Keep secrets out of source control, logs, and generated artifacts |
| domain | security |
| confidence | high |
| source | template |
Agents and contributors may encounter configuration files, workflow inputs, or environment variables that contain live credentials. Never copy those secrets into committed files, logs, or documentation.
.env.example, .env.sample, or documented configuration schemas<set in environment>Before committing, review changed files for:
✓ Good:
GITHUB_TOKEN=<set in repository secrets>SMTP_PASSWORD=<set in environment>✗ Poor:
.env file when a sample file would answer the question