← Back to Skills Marketplace
88
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install tene-cli
Description
Local-first encrypted secret management with the tene CLI. Activate when the user mentions secrets, API keys, credentials, tokens, .env files, environment va...
Usage Guidance
This skill appears to be what it says: documentation-only guidance for using the tene CLI. Before installing: review the installer script (https://tene.sh/install.sh) rather than piping it blindly into sh; prefer building from source or verifying a release checksum if you want higher assurance. Note that tests/docs mention an Anthropic API key for evaluation — that is not required to use tene itself. Follow the skill's safety rules (never paste secrets into chat, never run `tene get` in the agent context, use `tene run --` to inject secrets) and be deliberate about whether your team wants the encrypted `.tene/vault.db` committed into source control for CI workflows.
Capability Analysis
Type: OpenClaw Skill
Name: tene-cli
Version: 1.0.3
The tene-cli skill bundle provides a secure interface for an AI agent to manage secrets using the 'tene' CLI tool. It features extensive safety guardrails in SKILL.md and tests/test.md that explicitly prevent the agent from outputting plaintext secrets or accessing the encrypted vault directly. The installation process via https://tene.sh/install.sh is a standard practice for CLI tools, and the overall logic is focused on enhancing security rather than compromising it.
Capability Tags
Capability Assessment
Purpose & Capability
Name, description, and required binary (tene) are coherent. The skill documents exactly the commands a user would need for local secret management and does not request unrelated OS credentials, binaries, or config paths.
Instruction Scope
SKILL.md is prescriptive and scoped to secret-management tasks (init, set, list, run, import/export with encrypted flag, CI patterns). Example flows include reading .env files for import, deleting those plaintext files, and wrapping commands with `tene run --` — all consistent with the stated purpose. The tests mention using an external LLM backend (Anthropic) requiring ANTHROPIC_API_KEY for behavioral evaluation; that is only part of the test harness and not a runtime requirement of the skill, but it is surprising and worth noting.
Install Mechanism
The skill recommends installing via the project's install script (curl -sSfL https://tene.sh/install.sh | sh). This is a pragmatic, common installer for CLI tools but is higher-risk than a vetted package (e.g., Homebrew or GitHub release checksum) because it executes a remote script. The SKILL.md also documents building from source (go install) which is a safer alternative.
Credentials
The skill itself requests no environment variables or credentials, which is proportional. Example/CI docs rightly instruct storing a TENE_MASTER_PASSWORD secret in CI. Tests reference ANTHROPIC_API_KEY (and an EVAL_BACKEND) for behavioral tests — these are test harness needs and not required to use the skill; mention of them could confuse users into thinking the skill needs an LLM API key.
Persistence & Privilege
always:false and normal autonomous invocation are used. The skill does not request permanent system-wide privileges or attempt to modify other skills' configs. It does recommend committing the encrypted vault in some workflows (explicitly discussed and justified).
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install tene-cli - After installation, invoke the skill by name or use
/tene-cli - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
tene-cli 1.0.3 Changelog
- Updated SKILL.md with detailed usage instructions and strict AI safety rules.
- Clarified activation triggers and restrictions for when the skill should be used.
- Added comprehensive documentation for all main tene commands and workflows (init, set, list, run, import, export, env, passwd, etc.).
- Reiterated critical safety practices, including never leaking plain secrets and only injecting via `tene run --`.
- Provided updated install and migration guidance.
- 100% coverage of active tene CLI commands (init, set, get, list, delete, run, import, export, env, passwd, recover, version, update, whoami)
- 5 baked-in AI safety rules: never run `tene get`, never plain `tene export`, never read `.tene/`, never pass secrets as CLI args, use `tene list` for introspection
- 3 end-to-end examples (init, .env migration, multi-env CI/CD) and 6 expected-behavior test cases
- Verified: 19/19 offline assertion self-tests + 6/6 live behavioral eval (3 consecutive runs, 100%) via `claude -p`
Metadata
Frequently Asked Questions
What is Tene CLI — Local-First Secrets?
Local-first encrypted secret management with the tene CLI. Activate when the user mentions secrets, API keys, credentials, tokens, .env files, environment va... It is an AI Agent Skill for Claude Code / OpenClaw, with 88 downloads so far.
How do I install Tene CLI — Local-First Secrets?
Run "/install tene-cli" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Tene CLI — Local-First Secrets free?
Yes, Tene CLI — Local-First Secrets is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Tene CLI — Local-First Secrets support?
Tene CLI — Local-First Secrets is cross-platform and runs anywhere OpenClaw / Claude Code is available (macos, linux).
Who created Tene CLI — Local-First Secrets?
It is built and maintained by agent-kay (@tomo-kay); the current version is v1.0.3.
More Skills