com um clique
gum-hasp
Use when a gum workflow needs local secrets protected by HASP.
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Menu
Use when a gum workflow needs local secrets protected by HASP.
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Baseado na classificação ocupacional SOC
| name | gum-hasp |
| description | Use when a gum workflow needs local secrets protected by HASP. |
Use this when gum work also needs local secrets outside Google's OAuth flow.
gum handles Google API discovery, OAuth login, local refresh-token storage, and guarded API calls.
HASP handles repo, test, and deploy secrets for commands and agents.
Install HASP and run setup:
brew tap gethasp/homebrew-tap
brew install hasp
hasp setup
Read HASP at https://github.com/gethasp/hasp before changing secret policy.
Register gum OAuth secrets through stdin:
printf '%s' "$GOOGLE_OAUTH_CLIENT_SECRET" \
| gum auth use-oauth-client --client-id "$GOOGLE_OAUTH_CLIENT_ID" --secret-stdin
Put other secrets in HASP, then run gum under a short grant:
hasp secret add
hasp app connect gum-work --cmd 'gum doctor' --install=never
hasp run --project-root . \
--target gum-work \
--grant-project session \
--grant-secret session \
-- gum doctor --format=json
Keep secret values out of prompts, repo files, shell history, and agent notes.
Use gum for Google API calls. Use HASP for non-Google secrets the command needs. Give agents the narrowest HASP grant that lets the command run.
Run hasp secret diff .env before committing a repo that used to carry plaintext secrets.