Smudge and clean filter toolset for keeping secrets out of your Git repositories and build systems.
An eslint rule that searches for potential secrets/keys in code
oxlint plugin porting eslint-plugin-no-secrets rules
Browser-safe CreativeKit SDK (no secrets required)
OpenClaw integration package for RiddleDC (no secrets).
MCP-related utilities for RiddleDC (no secrets).
Browser-side TypeScript SDK for the Siymo OTP service. WebSocket subscription + QR helpers. Holds NO secrets.
A standalone chat application for ORBIT that can be installed as an npm package and run as a CLI tool. All API communication is routed through a built-in Express proxy that maps adapter names to backend API keys, so **no secrets ever reach the browser**.
Seedream (Ark) image generation CLI and MCP server. No secrets included.
AWS SDK for JavaScript Secrets Manager Client for Node.js, Browser and React Native
Azure Key Vault Secrets
Shared edge logic for Supabase Edge Functions (no secrets)
Secretlint CLI that scan secret/credential data.
OCI NodeJS client for Secrets Service
Credential management facilities for Imperative, Zowe CLI, and extenders.
Secrets Manager middleware for the middy framework
React hooks and UI for reading and managing secrets in a Sanity Studio. This is a good pattern for keeping configuration secret. Instead of using environment variables which would be bundled with the Studio source (it is an SPA), we store secret informati
The 1Password JavaScript SDK offers programmatic read access to your secrets in 1Password in an interface native to JavaScript. The SDK currently supports `Node.JS`
Thin browser client for Ordo Auth BFF routes (/api/v1/auth/*). No secrets.
secrets-mgr plugin
NodeJS SDK for Pulumi ESC
MCP server for the compass 'next-best-prompts' end-of-turn rule — end a substantive turn with 2-4 ranked, copy-paste-ready next moves, and skip when there's none. Pure guidance: no secrets, no network, no side-effecting tools. Install locally (stdio) for
RFC 4226 HOTP implementation for otplib
RFC 6238 TOTP implementation for otplib
CLI tool for executing Serverless Workflow definitions
Config-driven CLI runner for faucet-stream pipelines (YAML / JSON, Meltano-style)
Development and security tools for LLM Config Manager
Core runtime engine for tsafe — encrypted credential storage, process injection contracts, audit log, RBAC
Standalone CLI for configuring git repos — hooks, .gitignore, and .gitattributes
Secret User Agent of HTTP
Official AWS Ruby gem for AWS Secrets Manager. This gem is part of the AWS SDK for Ruby.
"ssssh" is a small tool that can be used to encrypt and decrypt secrets, using the AWS "Key Management Service" (KMS).
GitLab Secret Detection gem accepts text-based payloads, matches them against predefined secret detection rules (based on the ruleset used by GitLab Secrets analyzer), and returns the scan results. The gem also supports customization of the scan behaviour.
Simple key/secret based authentication for apis
Gem provides CLI for secrets manipulation and Rails hook which injects secrets into ENV upon booting.
Store secrets in one file, and access them from anywhere inside a Rails app (or any Ruby code).
Gem to read secrets generated by samson secret puller
'Wrapper for obtaining secrets from ParameterStore for use with Chef as EncryptedDatabags or Database secrets'
Programatically get secrets from Secret Server via the Web Service API
Ruby AWS Secrets Manager interface. Allows for env specific secrets, in-memory caching with custom TTL, file storage, and simple API.
Simple key/secret based authentication for apis