원클릭으로
secrets-management
Never commit secrets, manage credentials securely using environment variables, vaults, and Hack23 ISMS key management policy
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Never commit secrets, manage credentials securely using environment variables, vaults, and Hack23 ISMS key management policy
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
GitHub Agentic Workflows (gh-aw) - markdown-based AI automation with 5-layer security, safe outputs, and Continuous AI patterns
gh-aw CLI usage, compilation, testing, debugging, add-wizard, and CI/CD practices for GitHub Agentic Workflows
Multi-agent coordination, orchestrator-worker patterns, /plan decomposition, and project coordination for GitHub Agentic Workflows
5-layer defense-in-depth security for GitHub Agentic Workflows - safe outputs, threat detection, AWF firewall, and zero-trust patterns
Continuous AI patterns from Agent Factory - issue triage, documentation sync, code quality, security scanning, and project coordination
GDPR compliance including privacy by design, data protection requirements, consent management, right to be forgotten, and data breach response
| name | secrets-management |
| description | Never commit secrets, manage credentials securely using environment variables, vaults, and Hack23 ISMS key management policy |
| license | Apache-2.0 |
Ensure secure handling of sensitive credentials, API keys, tokens, and cryptographic keys throughout development and deployment lifecycle across all Hack23 projects. Enforces zero-tolerance for hardcoded secrets.
MUST:
.env, *.key, *.pem, *.p12 in .gitignoreMUST NOT:
.env files, private keys, or certificates to git| Secret Type | Recommended Storage | Rotation |
|---|---|---|
| API Keys | GitHub Secrets / AWS Secrets Manager | Quarterly |
| Database Credentials | AWS Secrets Manager / Vault | Quarterly |
| JWT Signing Keys | AWS Secrets Manager | Annually |
| TLS Certificates | AWS Certificate Manager | Auto-renewed |
| Encryption Keys | AWS KMS | Annually |
| Service Tokens | GitHub Secrets | Quarterly |
Pre-commit scanning:
git-secrets, gitleaks, or trufflehog for automated detectionCI/CD scanning:
gitleaks in CI pipeline