← 返回
未分类 中文

Cloak — Protect .env Secrets from AI Agents

Protect .env secrets from AI agents. Real credentials encrypted in a vault — agents see structurally valid sandbox values on disk.
保护 .env 密钥免受 AI 代理访问。真实凭据加密存储于保险库,代理在磁盘上仅见结构有效的沙箱值。
danieltamas danieltamas 来源
未分类 clawhub v0.1.0 1 版本 100000 Key: 无需
★ 0
Stars
📥 480
下载
💾 1
安装
1
版本
#latest

概述

Cloak — Agent Security Skill

> This file instructs AI coding agents to protect .env secrets using Cloak.

> Add it to your project root or append its contents to your CLAUDE.md / .cursorrules / .windsurfrules.

What is Cloak

Cloak encrypts real .env values into a vault and replaces them on disk with structurally valid sandbox values. The developer sees real values in their editor (the extension decrypts them). You (the agent) see sandbox values — that is by design.

Detection

On first interaction with a project, check for a .cloak file in the project root.

  • .cloak exists → Cloak is active. Follow the rules below.
  • .cloak does NOT exist but .env exists → suggest cloak init (always ask first, never run without consent).
  • Neither exists → no action needed.

Rules

Reading .env files

You CAN read .env files. The values on disk are sandbox values (fakes) — they are safe to read, display, and use in code examples. They are structurally valid (e.g. sk_test_cloak_sandbox_000 for Stripe, postgres://dev:dev@localhost:5432/devdb for databases).

Do NOT attempt to access real secret values. Do NOT read vault files, recovery files, or any file under the cloak config directory (~/.config/cloak/, ~/Library/Application Support/cloak/, or %APPDATA%\cloak\).

Running commands that need real env vars

Use cloak run to inject real environment variables into any process:

cloak run npm start
cloak run python app.py
cloak run go run main.go
cloak run docker compose up

Do NOT try to read secrets from the vault and inject them manually. cloak run handles authentication (Touch ID on macOS, password on other platforms) — the developer will be prompted, and that is expected.

Adding or updating secrets

Use cloak set with the key and value as separate arguments:

cloak set STRIPE_KEY sk_test_EXAMPLE000000000000000000
cloak set DATABASE_URL "postgres://admin:s3cret@db.example.com:5432/myapp"

Do NOT write secrets directly to .env files. The .env file on disk is managed by Cloak — direct edits will be overwritten.

Modifying .env structure

To add/remove keys, change comments, or restructure the file, use:

cloak edit          # opens real values in $EDITOR, re-encrypts on save
cloak set KEY VALUE # add or update a single key

Do NOT directly edit .env when .cloak is present.

Checking status

cloak status    # shows protection state — no auth required

Error recovery

If you see a keychain or decryption error, suggest:

cloak recover
# The developer will need the recovery key shown during `cloak init`

If Cloak is not installed

If the developer wants to use Cloak but it's not installed:

# macOS / Linux
curl -fsSL https://getcloak.dev/install.sh | sh

# Windows (PowerShell)
irm https://getcloak.dev/install.ps1 | iex

The VS Code / Cursor extension is available as "Cloak" in the marketplace.

Command Reference

TaskCommandAuth required
------------------------------
Protect a projectcloak initNo
Run with real env varscloak run Yes
Add/update a secretcloak set KEY VALUEYes
Edit secrets in $EDITORcloak editYes
View sandbox vs real diffcloak peekYes
Temporarily reveal a keycloak reveal KEY --duration 30Yes
Check protection statuscloak statusNo
Restore lost keychaincloak recoverNo
Remove protectioncloak unprotectYes

"Auth required" means the developer will be prompted for Touch ID (macOS) or their CLI password. This is expected — it prevents agents from accessing secrets programmatically.

For CLAUDE.md

## Secrets

This project uses Cloak to protect .env secrets.
- The .env file on disk contains sandbox values (safe to read).
- Use `cloak run <command>` to run processes that need real env vars.
- Use `cloak set KEY VALUE` to add or update secrets.
- Do not write to .env directly — use `cloak set` or `cloak edit`.
- If .cloak marker is missing and .env exists, ask before running `cloak init`.

For .cursorrules / .windsurfrules

This project uses Cloak for .env secret protection. The .env on disk has sandbox values (safe to read).
Use `cloak run <command>` for real env vars. Use `cloak set KEY VALUE` to add secrets.
Do not modify .env directly. If .cloak is missing and .env exists, suggest `cloak init` (ask first).

版本历史

共 1 个版本

  • v0.1.0 当前
    2026-03-30 19:21 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

it-ops-security

OpenClaw Backup

alex3alex
备份与恢复 OpenClaw 数据。适用于创建备份、设置自动备份计划、从备份恢复或管理备份轮转。处理 ~/.openclaw 目录归档并包含适当的排除规则。
★ 90 📥 31,094
it-ops-security

Free Ride - Unlimited free AI

shaivpidadi
管理OpenClaw的OpenRouter免费AI模型,自动按质量排名模型,配置速率限制备用方案,并更新opencla...
★ 472 📥 78,664
dev-programming

run.dev — Local Dev Environment Manager

danieltamas
本地开发环境管理器。进程管理、自动 HTTPS 域名、SSL 证书、反向代理和 AI 崩溃诊断 — 单二进制文件,零配置。
★ 0 📥 671