secrets-management

This skill provides a robust framework for handling sensitive information within CI/CD pipelines, focusing on security best practices to avoid hardcoding credentials. It is designed for DevOps engineers, software developers, and security professionals who need to integrate secret stores like HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, and Google Secret Manager into automated deployment workflows. By centralizing credential management, this agent helps eliminate configuration vulnerabilities and ensures compliance with security standards.

• Support for multi-cloud and cross-platform secret retrieval including AWS, Azure, GCP, and HashiCorp Vault.

• Native integration patterns for CI/CD runners like GitHub Actions and GitLab CI/CD.

• Mechanisms for dynamic secret generation, audit logging, and automated secret rotation workflows.

• Best practices for masking secrets in build logs and implementing least-privilege access controls.

• Infrastructure as Code (IaC) integration examples using Terraform for AWS Secrets Manager.

• Use this skill to configure environment-specific secrets, manage TLS certificates, and rotate database passwords safely.

• Expected inputs include configuration parameters for secret providers and target deployment environment variables.

• Outputs typically involve secured environment injection or secret verification for application deployment stages.

• Users must ensure authentication tokens and provider-specific policies are pre-configured in the hosting environment to allow agent connectivity.