| ▲ | perryraskin 5 hours ago | |
Nice. Obviously this is a huge issue many are trying to solve. Providing agents with a keychain is one thing, but how does this solve the issue of using these keys in projects? Does the agent decrypt it and set it in a .env? Is the CLI required to be used in the build process? | ||
| ▲ | maferland 2 hours ago | parent [-] | |
I didn't build Keyhole to solve secret management, there are tools like Doppler for that. It lets the agent handle a secret without having it in context. It can put it where it's needed (e.g. a .env) without ever reading the value. > Does the agent decrypt it and set it in a .env? The CLI does it, and the .env can be chmod 600. > Is the CLI required to be used in the build process? That's not what I built it for, I'd reach for other tools on the market for that. | ||