secrets-management
Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments.
69
56%
Does it follow best practices?
Impact
86%
1.11xAverage score across 3 eval scenarios
Risky
Do not use without reviewing
Optimize this skill with Tessl
npx tessl skill review --optimize ./tests/ext_conformance/artifacts/agents-wshobson/cicd-automation/skills/secrets-management/SKILL.mdEvaluation results
100%
12%Secure Deployment Pipeline with HashiCorp Vault
GitHub Actions Vault integration
Vault action version
0%
100%
kv-v2 path format
100%
100%
Secret masking
100%
100%
GitHub environment scoping
100%
100%
No hardcoded secrets
100%
100%
VAULT_TOKEN reference
100%
100%
Database credentials retrieved
100%
100%
Payment API key retrieved
100%
100%
Secrets requirements documented
100%
100%
Main branch trigger
100%
100%
57%
11%Preventing Secret Leakage in a Development Repository
Secret scanning setup
TruffleHog in pre-commit
0%
0%
Docker invocation pattern
0%
0%
Commit blocking on failure
0%
0%
GitLab secret-scan job
100%
100%
TruffleHog in CI
0%
100%
allow_failure: false
100%
100%
Security stage placement
100%
100%
Hook executable
0%
0%
Installation documented
77%
100%
False positive guidance
100%
100%
100%
3%Migrating Kubernetes Workloads to Dynamic Secret Injection
Kubernetes External Secrets Operator
ESO apiVersion
100%
100%
SecretStore kind
100%
100%
ExternalSecret kind
100%
100%
refreshInterval set
100%
100%
creationPolicy Owner
100%
100%
Correct secret target
100%
100%
Both fields mapped
100%
100%
AWS credentials action version
100%
100%
No hardcoded AWS credentials
70%
100%
Production namespace
100%
100%
Architecture documented
100%
100%
Ownership model explained
100%
100%
- Repository
- Dicklesworthstone/pi_agent_rust
- Commit
47823e3
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.