How does it protect against accidental secret leaks?

It implements always-on hooks that block write operations containing hardcoded API keys and prevents bash commands from exporting bare secrets.

Does it check if my local tools are installed correctly?

Yes, the skill performs toolchain validation and provides specific installation commands if mise, fnox, or Infisical are missing from your system.

Can I use this skill to set up a new project?

Yes, the skill can guide you through initializing fnox, connecting Infisical, and configuring mise environment plugins for a secure start.

Is .infisical.json safe to commit to Git?

Yes, .infisical.json contains project and workspace IDs but no actual secrets, making it safe to commit for team collaboration.

What tools does the DevTools Secrets skill support?

This skill specifically supports the integration of mise (task runner), fnox (secret interface), and Infisical (secrets backend) for a unified workflow.

DevTools Secrets Manager

Name: DevTools Secrets Manager
Author: basher83

bybasher83

•

Security & Testing

Orchestrates and secures development environments using the mise, fnox, and Infisical secrets management toolchain.

The DevTools Secrets skill provides specialized knowledge and automated guardrails for developers using the mise, fnox, and Infisical stack. It helps configure unified secret interfaces, validates local tool availability, and manages the integration chain between remote secret backends and local task runners. By enforcing strict security hygiene through active hooks that block hardcoded credentials and unsafe exports, this skill ensures that sensitive environment variables are handled correctly across development, staging, and production environments.

Key Features

01Active security hooks to block hardcoded API keys and sensitive tokens in code

0213 GitHub stars

03Real-time project configuration state analysis for fnox.toml and .infisical.json

04Prevention of unsafe environment variable exports via bash command monitoring

05Automated toolchain validation for mise, fnox, and Infisical installations

06Integration guidance for wrapping mise tasks with fnox for secure secret injection

Use Cases

01Setting up fnox to abstract multiple secret backends into a single local CLI interface

02Auditing local development environments for secret leaks and missing security configurations

03Configuring a new project to use Infisical as a centralized remote secrets provider

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add basher83/lunar-claude devtools-secrets

For use in Claude.ai and ChatGPT

Download Skill