Remix.run Logo
perryraskin 5 hours ago

Nice. Obviously this is a huge issue many are trying to solve. Providing agents with a keychain is one thing, but how does this solve the issue of using these keys in projects? Does the agent decrypt it and set it in a .env? Is the CLI required to be used in the build process?

maferland 2 hours ago | parent [-]

I didn't build Keyhole to solve secret management, there are tools like Doppler for that. It lets the agent handle a secret without having it in context. It can put it where it's needed (e.g. a .env) without ever reading the value.

> Does the agent decrypt it and set it in a .env?

The CLI does it, and the .env can be chmod 600.

> Is the CLI required to be used in the build process?

That's not what I built it for, I'd reach for other tools on the market for that.