Zero-knowledge secrets management. Store API keys, tokens, and credentials with client-side encryption. The server never sees plaintext values.
Store a secret:
Use passbox_set_secret with vault "my-project", key "API_KEY", value "sk-abc123"
Retrieve a secret:
Use passbox_get_secret with vault "my-project", key "API_KEY"
| Tool | Description |
|---|---|
| ------ | ------------- |
passbox_get_secret | Retrieve and decrypt a secret |
passbox_set_secret | Create or update a secret (encrypted before upload) |
passbox_list_secrets | List secret names (values not returned) |
passbox_delete_secret | Delete a secret |
passbox_rotate_secret | Trigger manual secret rotation |
| Tool | Description |
|---|---|
| ------ | ------------- |
passbox_list_vaults | List all available vaults |
passbox_list_environments | List environments (dev, staging, prod) |
passbox_get_environment | Get all secrets in an environment |
| Tool | Description |
|---|---|
| ------ | ------------- |
passbox_diff_env | Compare local .env with vault secrets |
passbox_import_env | Import .env file into vault |
passbox_list_vaults — see existing vaultspassbox_set_secret — store each credentialpassbox_list_secrets — verify all keys are storedpassbox_diff_env — see what's differentpassbox_import_env — push local secrets to vaultpassbox_get_environment for "dev"passbox_set_secret for each key in "staging"Use with a2a_secure_execute to automatically inject secrets:
Use a2a_secure_execute with toolId "my-api-tool" and input { "apiKey": "{{API_KEY}}" }, vault "my-project"
The {{API_KEY}} placeholder is resolved from PassBox before execution.
共 1 个版本