{ "schemaVersion": "1.0", "item": { "slug": "keys-manager", "name": "Keys Manager", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/stym06/keys-manager", "canonicalUrl": "https://clawhub.ai/stym06/keys-manager", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/keys-manager", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=keys-manager", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/keys-manager" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/keys-manager", "agentPageUrl": "https://openagent3.xyz/skills/keys-manager/agent", "manifestUrl": "https://openagent3.xyz/skills/keys-manager/agent.json", "briefUrl": "https://openagent3.xyz/skills/keys-manager/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Keys Manager", "body": "A skill for managing API keys and secrets locally using the keys CLI tool." }, { "title": "Installation", "body": "The keys CLI must be installed first:\n\nbrew install stym06/tap/keys\n\nOr with Go:\n\ngo install github.com/stym06/keys@latest" }, { "title": "Store a key", "body": "keys add \n\nIf the key already exists, the user is prompted to overwrite, edit, or cancel." }, { "title": "Retrieve a key", "body": "keys get # print value directly\nkeys get # interactive typeahead picker" }, { "title": "Browse keys interactively", "body": "keys see\n\nOpens a TUI with fuzzy search, checkboxes, clipboard copy, and age indicators.\n\nspace — toggle selection\ntab — copy selected as KEY=VAL\nctrl+y — copy selected as export KEY=VAL\nctrl+e — export selected to .env file\nenter — add a new key (when no matches found)\nesc — quit" }, { "title": "Masked view", "body": "keys peek\n\nSame as see but values are hidden as ***. Press r to reveal individual keys. Useful for screen-sharing." }, { "title": "Edit a key", "body": "keys edit \n\nOpens a TUI editor. tab switches fields, enter saves, esc cancels." }, { "title": "Delete a key", "body": "keys rm " }, { "title": "Export keys", "body": "keys env # interactive selector, writes .env file\nkeys expose # print export statements to stdout" }, { "title": "Import from .env", "body": "keys import \n\nParses .env files — handles comments, quotes, and export prefixes. Reports new vs updated counts." }, { "title": "Profiles", "body": "Isolate keys by project or environment:\n\nkeys profile use # switch profile\nkeys profile list # list all profiles (* = active)\n\nAll add, get, rm, see, and other commands operate within the active profile." }, { "title": "Inject keys into commands", "body": "$(keys inject API_KEY DB_HOST) ./my-script.sh # inline env vars\ndocker run $(keys inject -d API_KEY DB_HOST) my-image # Docker -e flags\n$(keys inject --all) ./my-script.sh # all keys from active profile\n$(keys inject --all --profile dev) ./my-script.sh # all keys from specific profile\n\nOutputs keys as space-separated KEY=VAL pairs (or -e KEY=VAL with --docker) for use in command substitution." }, { "title": "Audit key access", "body": "keys audit # summary: access count + last used per key\nkeys audit --log # full access log (most recent first)\nkeys audit --log -n 20 # last 20 events\nkeys audit --clear # clear the audit log\n\nTracks when keys are accessed via get, inject, and expose. Useful for understanding which keys agents and scripts are using." }, { "title": "Check required keys", "body": "keys check # reads .keys.required from current directory\nkeys check reqs.txt # custom file\n\nReads key names from a file (one per line, # comments supported) and reports which are present or missing. Exits with code 1 if any are missing — useful for CI and agent pre-flight checks.\n\nExample .keys.required:\n\n# Agent dependencies\nOPENAI_KEY\nSERP_API_KEY\nDATABASE_URL" }, { "title": "Sync keys between machines", "body": "# On machine A (has the keys)\nkeys sync serve\n# Serving 12 keys from profile \"default\"\n# Passphrase: olive-quilt-haven\n# Waiting for connections...\n\n# On machine B (wants the keys)\nkeys sync pull # auto-discover via mDNS\nkeys sync pull 192.168.1.10:7331 # or connect directly\n\nPeer-to-peer sync over the local network. Auto-discovers peers via mDNS (Bonjour), encrypted with a one-time passphrase (AES-256-GCM). Works over WiFi, Tailscale, or any reachable network. Smart merge: adds new keys, updates older ones, skips newer local ones." }, { "title": "Delete all keys", "body": "keys nuke\n\nRequires typing nuke to confirm. Only affects the active profile." }, { "title": "Version", "body": "keys version\nkeys --version" }, { "title": "Authentication", "body": "On macOS, keys prompts for Touch ID before any command that accesses keys. Authentication is cached per terminal session — the first command triggers Touch ID, subsequent commands in the same shell skip the prompt.\n\nCommands that skip authentication: profile, completion, version, help.\n\nOn non-macOS systems or when biometrics are unavailable, access is allowed without prompting." }, { "title": "Typical workflow", "body": "keys add OPENAI_KEY sk-proj-abc123\nkeys add STRIPE_KEY sk_test_4eC3\nkeys get OPENAI_KEY\nkeys see # browse and copy\nkeys env # generate .env for a project" }, { "title": "Multi-project setup", "body": "keys profile use projectA\nkeys import .env\nkeys profile use projectB\nkeys add DB_HOST prod-db.example.com\nkeys profile list" }, { "title": "Quick export to shell", "body": "eval $(keys expose)" }, { "title": "Guidelines", "body": "Always use keys get when the user knows the exact key name\nUse keys get (no args) when the user wants to search/pick interactively\nUse keys peek instead of keys see when the user is screen-sharing or wants masked output\nUse keys profile to separate keys across different projects or environments\nUse keys import for bulk loading from existing .env files\nSuggest keys env when the user needs to generate a .env file for a specific project\nUse keys inject when the user wants to pass keys directly to a command or Docker container without creating files\nUse keys audit to review which keys are being accessed and how often\nUse keys check before running agents to verify all required keys are available\nUse keys sync serve + keys sync pull to transfer keys between machines without cloud services" } ], "body": "Keys Manager\n\nA skill for managing API keys and secrets locally using the keys CLI tool.\n\nInstallation\n\nThe keys CLI must be installed first:\n\nbrew install stym06/tap/keys\n\n\nOr with Go:\n\ngo install github.com/stym06/keys@latest\n\nCommands\nStore a key\nkeys add \n\n\nIf the key already exists, the user is prompted to overwrite, edit, or cancel.\n\nRetrieve a key\nkeys get # print value directly\nkeys get # interactive typeahead picker\n\nBrowse keys interactively\nkeys see\n\n\nOpens a TUI with fuzzy search, checkboxes, clipboard copy, and age indicators.\n\nspace — toggle selection\ntab — copy selected as KEY=VAL\nctrl+y — copy selected as export KEY=VAL\nctrl+e — export selected to .env file\nenter — add a new key (when no matches found)\nesc — quit\nMasked view\nkeys peek\n\n\nSame as see but values are hidden as ***. Press r to reveal individual keys. Useful for screen-sharing.\n\nEdit a key\nkeys edit \n\n\nOpens a TUI editor. tab switches fields, enter saves, esc cancels.\n\nDelete a key\nkeys rm \n\nExport keys\nkeys env # interactive selector, writes .env file\nkeys expose # print export statements to stdout\n\nImport from .env\nkeys import \n\n\nParses .env files — handles comments, quotes, and export prefixes. Reports new vs updated counts.\n\nProfiles\n\nIsolate keys by project or environment:\n\nkeys profile use # switch profile\nkeys profile list # list all profiles (* = active)\n\n\nAll add, get, rm, see, and other commands operate within the active profile.\n\nInject keys into commands\n$(keys inject API_KEY DB_HOST) ./my-script.sh # inline env vars\ndocker run $(keys inject -d API_KEY DB_HOST) my-image # Docker -e flags\n$(keys inject --all) ./my-script.sh # all keys from active profile\n$(keys inject --all --profile dev) ./my-script.sh # all keys from specific profile\n\n\nOutputs keys as space-separated KEY=VAL pairs (or -e KEY=VAL with --docker) for use in command substitution.\n\nAudit key access\nkeys audit # summary: access count + last used per key\nkeys audit --log # full access log (most recent first)\nkeys audit --log -n 20 # last 20 events\nkeys audit --clear # clear the audit log\n\n\nTracks when keys are accessed via get, inject, and expose. Useful for understanding which keys agents and scripts are using.\n\nCheck required keys\nkeys check # reads .keys.required from current directory\nkeys check reqs.txt # custom file\n\n\nReads key names from a file (one per line, # comments supported) and reports which are present or missing. Exits with code 1 if any are missing — useful for CI and agent pre-flight checks.\n\nExample .keys.required:\n\n# Agent dependencies\nOPENAI_KEY\nSERP_API_KEY\nDATABASE_URL\n\nSync keys between machines\n# On machine A (has the keys)\nkeys sync serve\n# Serving 12 keys from profile \"default\"\n# Passphrase: olive-quilt-haven\n# Waiting for connections...\n\n# On machine B (wants the keys)\nkeys sync pull # auto-discover via mDNS\nkeys sync pull 192.168.1.10:7331 # or connect directly\n\n\nPeer-to-peer sync over the local network. Auto-discovers peers via mDNS (Bonjour), encrypted with a one-time passphrase (AES-256-GCM). Works over WiFi, Tailscale, or any reachable network. Smart merge: adds new keys, updates older ones, skips newer local ones.\n\nDelete all keys\nkeys nuke\n\n\nRequires typing nuke to confirm. Only affects the active profile.\n\nVersion\nkeys version\nkeys --version\n\nAuthentication\n\nOn macOS, keys prompts for Touch ID before any command that accesses keys. Authentication is cached per terminal session — the first command triggers Touch ID, subsequent commands in the same shell skip the prompt.\n\nCommands that skip authentication: profile, completion, version, help.\n\nOn non-macOS systems or when biometrics are unavailable, access is allowed without prompting.\n\nExamples\nTypical workflow\nkeys add OPENAI_KEY sk-proj-abc123\nkeys add STRIPE_KEY sk_test_4eC3\nkeys get OPENAI_KEY\nkeys see # browse and copy\nkeys env # generate .env for a project\n\nMulti-project setup\nkeys profile use projectA\nkeys import .env\nkeys profile use projectB\nkeys add DB_HOST prod-db.example.com\nkeys profile list\n\nQuick export to shell\neval $(keys expose)\n\nGuidelines\nAlways use keys get when the user knows the exact key name\nUse keys get (no args) when the user wants to search/pick interactively\nUse keys peek instead of keys see when the user is screen-sharing or wants masked output\nUse keys profile to separate keys across different projects or environments\nUse keys import for bulk loading from existing .env files\nSuggest keys env when the user needs to generate a .env file for a specific project\nUse keys inject when the user wants to pass keys directly to a command or Docker container without creating files\nUse keys audit to review which keys are being accessed and how often\nUse keys check before running agents to verify all required keys are available\nUse keys sync serve + keys sync pull to transfer keys between machines without cloud services" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/stym06/keys-manager", "publisherUrl": "https://clawhub.ai/stym06/keys-manager", "owner": "stym06", "version": "0.5.1", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/keys-manager", "downloadUrl": "https://openagent3.xyz/downloads/keys-manager", "agentUrl": "https://openagent3.xyz/skills/keys-manager/agent", "manifestUrl": "https://openagent3.xyz/skills/keys-manager/agent.json", "briefUrl": "https://openagent3.xyz/skills/keys-manager/agent.md" } }