Audits and hardens API credential handling (env vars, separation, rotation plan, least privilege, auditability). Use when integrating services or preparing production deployments where secrets must be managed safely.
数据来源:ClawHub。 在 ClawSkills 查看
选择你使用的 Agent
方法一:命令行安装(推荐)
推荐(无需提前安装 clawhub)
npx clawhub@latest --dir ~/.claude/skills install api-credentials-hygiene或使用 clawhub CLI(需提前安装)
clawhub --dir ~/.claude/skills install api-credentials-hygiene⚠️ 需要 Node.js 18+,没有 Node?请使用下方方法二直接下载 ZIP。 安装 Node.js →
方法二:手动下载安装(无需 Node)
下载 ZIP,解压后将文件夹放到以下路径,重启 Agent 即可:
安装路径
~/.claude/skills/api-credentials-hygiene/💡解压后将文件夹放到上方路径,重启 Agent 即可生效
--- name: api-credentials-hygiene description: Audits and hardens API credential handling (env vars, separation, rotation plan, least privilege, auditability). Use when integrating services or preparing production deployments where secrets must be managed safely. ---
Audits and hardens API credential handling (env vars, separation, rotation plan, least privilege, auditability).
- Harden the credentials setup for this integration and move secrets into env vars. - Design a key rotation plan for these APIs with minimal downtime. - Audit this service for least-privilege access and document what each key can do. - Create an environment variable map and a secure .env template for this project. - Set up credential separation for dev versus prod with clear audit trails.
- You want to obtain keys without authorization or bypass security controls. - You need legal/compliance sign-off (this outputs technical documentation, not legal advice).
- List of integrations/APIs and where credentials are currently stored/used. - Deployment context (local dev, server, container, n8n, etc.).
- Current config files/redacted snippets (.env, compose, systemd, n8n creds list). - Org rules (rotation intervals, secret manager preference).
- “Keys are hard-coded in a Node script and an n8n HTTP Request node.” - “We have dev and prod n8n instances and need separation.”
.env template (placeholders only).Success = no secrets committed or embedded, permissions minimized, rotation steps documented, and auditability defined.
- where stored, where used, and who owns them.
- dev vs prod; human vs service accounts; per-integration boundaries.
- create an env var map and update config plan (no raw keys in code/workflows).
- for each API, enumerate required actions and reduce scopes/roles accordingly.
- dual-key overlap if supported; steps to rotate with minimal downtime; rollback.
- define what events are logged (auth failures, token refresh, key use where available).
- required operations are unknown, - secret injection method is unclear, - rotation cadence/owners are unspecified.
Credential map template:
CREDENTIAL MAP
- Integration: <name>
- Env vars:
- <VAR_NAME>: <purpose> (secret/non-secret)
- Permissions/scopes: <list>
- Used by: <service/workflow>
- Storage: <secret manager/env var>
- Rotation: <cadence> | <owner> | <procedure>
- Audit: <what is logged and where>
If providing a template, output assets/dotenv-template.example with placeholders only.
Output: Env var map + plan to move to n8n credentials/env vars + rotation runbook.
Output: Two env maps + naming scheme + access boundary checklist.
安装 API credentials hygiene 后,可以对 AI 说这些话来触发它
Help me get started with API credentials hygiene
Explains what API credentials hygiene does, walks through the setup, and runs a quick demo based on your current project
Use API credentials hygiene to audits and hardens API credential handling (env vars, separation, r...
Invokes API credentials hygiene with the right parameters and returns the result directly in the conversation
What can I do with API credentials hygiene in my developer & devops workflow?
Lists the top use cases for API credentials hygiene, with example commands for each scenario
将技能文件夹放到 ~/.claude/skills/api-credentials-hygiene/ 目录(个人级,所有项目可用),或 .claude/skills/api-credentials-hygiene/(项目级)。重启 AI 客户端后,用 /api-credentials-hygiene 主动调用,或让 AI 根据上下文自动发现并使用。
API credentials hygiene 支持 Claude、Cursor、OpenClaw,可与这些 AI 平台无缝集成,扩展其能力。
API credentials hygiene 可免费安装使用。请查阅仓库了解许可证信息。
Audits and hardens API credential handling (env vars, separation, rotation plan, least privilege, auditability). Use when integrating services or preparing production deployments where secrets must be managed safely.
API credentials hygiene 属于「Developer & DevOps」分类,该分类的技能帮助 AI 智能体在此领域执行专业任务。
Automate my developer & devops tasks using API credentials hygiene
Identifies repetitive steps in your workflow and sets up API credentials hygiene to handle them automatically